Cisco UCS B-Series Blade Servers Local Management CLI Arbitrary File Creation or CLI Parameter Injection Vulnerability

A vulnerability in the local management CLI implementation for specific commands on the Cisco UCS B-Series Blade Servers could allow an authenticated, local attacker to overwrite an arbitrary file on disk. It is also possible the attacker could inject CLI command parameters that should not be...

Cisco Unified Communications Manager Denial of Service Vulnerability

A vulnerability in the User Data Services UDS API of Cisco Unified Communications Manager Unified CM could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the management GUI. The vulnerability is due to improper validation of input parameters in the UDS API...

Cisco Aironet Series Access Points Development Shell Access Vulnerability

A vulnerability in the development shell devshell authentication for Cisco Aironet Series Access Points APs running the Cisco AP-COS operating system could allow an authenticated, local attacker to access the development shell without proper authentication, which allows for root access to the...

Cisco Aironet Series Access Points Quality of Service Denial of Service Vulnerability

A vulnerability in the quality of service QoS feature of Cisco Aironet Series Access Points APs could allow an authenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper input validation on QoS fields within Wi-Fi frames...

Cisco Wireless LAN Controller Locally Significant Certificate Denial of Service Vulnerability

A vulnerability in Locally Significant Certificate LSC management for the Cisco Wireless LAN Controller WLC could allow an authenticated, remote attacker to cause the device to unexpectedly restart, which causes a denial of service DoS condition. The attacker would need to have valid administrato...

Cisco Aironet Series Access Points Command Injection Vulnerability

A vulnerability in the CLI of Cisco Aironet Series Access Points APs could allow an authenticated, local attacker to gain access to the underlying Linux operating system OS without the proper authentication. The attacker would need valid administrator device credentials. The vulnerability is due ...

Cisco Aironet Series Access Points Directory Traversal Vulnerability

A vulnerability in the CLI of Cisco Aironet Access Points APs could allow an authenticated, local attacker to access sensitive information stored in an AP. The vulnerability is due to improper sanitization of user-supplied input in specific CLI commands. An attacker could exploit this vulnerabili...

Cisco Umbrella Cross-Site Scripting Vulnerability

A vulnerability in the URL block page of Cisco Umbrella could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user in a network protected by Umbrella. The vulnerability is due to insufficient validation of input parameters passed to that page. An...

Cisco DNA Center Unintended Proxy Via SWIM Import Interface Vulnerability

A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...

Cisco Firepower Management Center Persistent Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to...

Cisco Wireless LAN Controller Software Session Hijacking Vulnerability

A vulnerability in the session identification management functionality of the web-based interface of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. The vulnerability exists because the affected...

Cisco Registered Envelope Service Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the service. The vulnerability is due to insufficient validation of user-supplied input by the...

Cisco Wireless LAN Controller Software IAPP Message Handling Denial of Service Vulnerabilities

Multiple vulnerabilities in the handling of Inter-Access Point Protocol IAPP messages by Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. The vulnerabilities exist because the software improperly validates inp...

Cisco Wireless LAN Controller Software GUI Configuration Denial of Service Vulnerabilities

Multiple vulnerabilities in the administrative GUI configuration feature of Cisco Wireless LAN Controller WLC Software could allow an authenticated, remote attacker to cause the device to reload unexpectedly during device configuration when the administrator is using this GUI, causing a denial of...

Cisco Prime Network Registrar Denial of Service Vulnerability

A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service DoS condition on the affected system. The vulnerability is due to incomplete user-supplied input validation whe...

Cisco Expressway Series and Cisco TelePresence Video Communication Server Denial of Service Vulnerability

A vulnerability in the phone book feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service DoS condition on an affected system. The...

Cisco Identity Services Engine SSL Renegotiation Denial of Service Vulnerability

A vulnerability in the web interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service DoS condition. The vulnerability is due to improper handling of Secure Sockets Layer SSL renegotiation requests. A...

Cisco Expressway Series and Cisco TelePresence Video Communication Server Cross-Site Request Forgery Vulnerability

A vulnerability in the FindMe feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected system. The vulnerability is due ...

Cisco Expressway Series and Cisco TelePresence Video Communication Server Denial of Service Vulnerability

A vulnerability in the XML API of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service DoS condition on an affected system. The vulnerability is due...

Cisco Directory Connector Search Order Hijacking Vulnerability

A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. The vulnerability is due to uncontrolled search path elements. An attacker could exploit this vulnerability by placing a binary of their...

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the web-based guest portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied...

Cisco IOS XR gRPC Software Denial of Service Vulnerability

A vulnerability in the Event Management Service daemon emsd of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of gRPC requests. An attacker could exploit this...

Cisco IOS XR Software Protocol Independent Multicast Denial of Service Vulnerability

A vulnerability in the Protocol Independent Multicast PIM feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the PIM process to restart, resulting in a denial of service condition on an affected device. The vulnerability is due to the incorrect processing of...

Cisco ASR 9000 Series Aggregation Services Routers ACL Bypass Vulnerability

A vulnerability in the TCP flags inspection feature for access control lists ACLs on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect...

Cisco IOS XR 64-Bit Software for Cisco ASR 9000 Series Aggregation Services Routers Network Isolation Vulnerability

A vulnerability in the sysadmin virtual machine VM on Cisco ASR 9000 Series Aggregation Services Routers running Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to access internal applications running on the sysadmin VM. The vulnerability is due to incorrect isolation...

Cisco Email Security Appliance Content Filter Bypass Vulnerability

A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper input validation of the email body. An attacker...

Cisco Aironet Series Access Points Denial of Service Vulnerability

A vulnerability in the internal packet processing of Cisco Aironet Series Access Points APs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected AP if the switch interface where the AP is connected has port security configured. The...

Cisco Small Business RV320 and RV325 Routers Weak Credential Encryption Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to access administrative credentials. The vulnerability exists because affected devices use weak encryption algorithms for use...

Cisco Small Business RV320 and RV325 Routers Online Help Reflected Cross-Site Scripting Vulnerability

A vulnerability in the Online Help web service of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the service. The vulnerability exists because the Online Hel...

Cisco IOS and IOS XE Software Smart Call Home Certificate Validation Vulnerability

A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected...

Cisco IOS XE Software Privilege Escalation Vulnerability

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated but unprivileged level 1, remote attacker to run privileged Cisco IOS commands by using the web UI. The vulnerability is due to a failure to validate and sanitize input in Web Services Management Agent WSMA...

Cisco IOS XE Software Command Injection Vulnerability

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with elevated privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability b...

Cisco IOS XE Software Command Injection Vulnerability

A vulnerability in Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attacker who has...

Cisco IOS and IOS XE Software ISDN Interface Denial of Service Vulnerability

A vulnerability in the ISDN functions of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect processing of specific values in the Q.931 information elements. An attacker could exploit thi...

Cisco IOS Software NAT64 Denial of Service Vulnerability

A vulnerability in the Network Address Translation 64 NAT64 functions of Cisco IOS Software could allow an unauthenticated, remote attacker to cause either an interface queue wedge or a device reload. The vulnerability is due to the incorrect handling of certain IPv4 packet streams that are sent...

Cisco IOS XE Software Privilege Escalation Vulnerability

A vulnerability in the authorization subsystem of Cisco IOS XE Software could allow an authenticated but unprivileged level 1, remote attacker to run privileged Cisco IOS commands by using the web UI. The vulnerability is due to improper validation of user privileges of web UI users. An attacker...

Cisco IOS XE Software Command Injection Vulnerability

A vulnerability in the Web Services Management Agent WSMA function of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary Cisco IOS commands as a privilege level 15 user. The vulnerability occurs because the affected software improperly sanitizes user-supplied...

Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability

A vulnerability in the Cluster Management Protocol CMP processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service DoS condition on an affected device. The vulnerability is due to insufficient input validation wh...

Cisco IOS XE Software Information Disclosure Vulnerability

A vulnerability in the web UI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access sensitive configuration information. The vulnerability is due to improper access control to files within the web UI. An attacker could exploit this vulnerability by sending a malicious...

Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability

A vulnerability in the processing of IP Service Level Agreement SLA packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service DoS condition on the affected device. The vulnerability is due ...

Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability

A vulnerability in the Hot Standby Router Protocol HSRP subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory initialization. An attacker...

Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability

A vulnerability in the Cisco Network Plug-and-Play PnP agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because the affected software insufficiently validates certificates...

Cisco IOS and IOS XE Software Network-Based Application Recognition Denial of Service Vulnerabilities

Multiple vulnerabilities in the Network-Based Application Recognition NBAR feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. These vulnerabilities are due to a parsing issue on DNS packets. An attacker...

Cisco IOS and IOS XE Software Short Message Service Denial of Service Vulnerability

A vulnerability in the implementation of the Short Message Service SMS handling functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service DoS condition on an affected device. The vulnerability is due to improper...

Cisco IOS XE Software Performance Routing Version 3 Denial of Service Vulnerability

A vulnerability in Performance Routing Version 3 PfRv3 of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload. The vulnerability is due to the processing of malformed smart probe packets. An attacker could exploit this vulnerability by...

Cisco IOS XE Software Arbitrary File Upload Vulnerability

A vulnerability in the web UI framework of Cisco IOS XE Software could allow an authenticated, remote attacker to make unauthorized changes to the filesystem of the affected device. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by crafting a...

Cisco IOS XE Software Gigabit Ethernet Management Interface Access Control List Bypass Vulnerability

A vulnerability in access control list ACL functionality of the Gigabit Ethernet Management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the Gigabit Ethernet Management interface. The vulnerability is due to a logic err...

Cisco IOS XE Software Encrypted Traffic Analytics Denial of Service Vulnerability

A vulnerability in the Cisco Encrypted Traffic Analytics ETA feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a logic error that exists when handling a malformed incoming packet, leading to...

Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability

A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could...

Cisco IOS XE Software Catalyst 4500 Cisco Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Easy Virtual Switching System VSS of Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an unauthenticated, adjacent attacker to cause the switches to reload. The vulnerability is due to incomplete error handling when processing Cisco Discovery Protocol CDP...