Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability

A vulnerability in the implementation of Traffic Flow Confidentiality TFC over IPsec functionality in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly,...

Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities

Multiple vulnerabilities in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advance...

Cisco HyperFlex UI Clickjacking Vulnerability

A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. A...

Multiple Cisco Unified Communications Products Open Redirect Vulnerability

A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an authenticated, remote attacker to redirect a user to a malicious web page. The vulnerabili...

Cisco Prime Infrastructure Information Disclosure Vulnerability

A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to the transmission of sensitive information as part of a GET request. An attacker could exploit this vulnerability by...

Cisco Adaptive Security Appliance Direct Memory Access Denial of Service Vulnerability

A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a temporary denial of service DoS...

Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability

A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense FTD sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center FM...

Cisco Expressway Series and Cisco TelePresence Video Communication Server Remote Code Execution Vulnerability

A vulnerability in the administrative web interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to execute code with user-level privileges on the underlying operating system. The vulnerability is due to insufficien...

Cisco Unity Connection File Upload Denial of Service Vulnerability

A vulnerability in the Bulk Administration Tool BAT for Cisco Unity Connection could allow an authenticated, remote attacker to cause high disk utilization, resulting in a denial of service DoS condition. The vulnerability exists because the affected software does not restrict the maximum size of...

Cisco Integrated Management Controller Supervisor and Cisco UCS Director System Resources Denial of Service Vulnerability

A vulnerability in the web interface of Cisco Integrated Management Controller IMC Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected system. The vulnerability is due to insufficient restrictions on the size or...

Cisco Integrated Management Controller Supervisor and Cisco UCS Director Authenticated Web Interface Information Disclosure Vulnerability

A vulnerability in the web interface for specific feature sets of Cisco Integrated Management Controller IMC Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to an authorization check that does not properly...

Cisco Firepower System Software Detection Engine Denial of Service Vulnerability

A vulnerability in the Server Message Block Version 2 SMBv2 and Version 3 SMBv3 protocol implementation for the Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the device to run low on system memory, possibly preventing the device from forwarding traffic. ...

Cisco UCS Director Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient...

Cisco Remote PHY IPv4 Fragment Denial of Service Vulnerability

A vulnerability in certain IPv4 fragment-processing functions of Cisco Remote PHY Software could allow an unauthenticated, remote attacker to impact traffic passing through a device, potentially causing a denial of service DoS condition. The vulnerability is due to the affected software not...

Cisco Hosted Collaboration Mediation Fulfillment Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Hosted Collaboration Mediation Fulfillment could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected system. The vulnerability is due to insufficie...

Cisco Industrial Network Director Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Industrial Network Director could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF...

Cisco Digital Network Architecture Center Unauthenticated Access Vulnerability

A vulnerability in Cisco Digital Network Architecture DNA Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management functions. The vulnerability is due to an insecure default configuration of the affected system. An...

Cisco Unified IP Phone 7900 Series Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified IP Phone 7900 Series could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability

A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service DoS condition. The...

Cisco Prime Infrastructure Arbitrary File Upload and Command Execution Vulnerability

A vulnerability in which the HTTP web server for Cisco Prime Infrastructure PI has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. This file could allow the attacker to execute commands at the privilege level of the user prime. This...

Cisco Industrial Network Director DHCP Request Processing Denial of Service Vulnerability

A vulnerability in the DHCP service of Cisco Industrial Network Director could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. The vulnerability is due to improper handling of DHCP lease requests. An attacker could exploit this vulnerability by sending...

Cisco Unity Connection Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based interface of the affected software. The vulnerability is due to insufficient validation of...

Multiple Vulnerabilities in Cisco Identity Services Engine

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device with the privileges of the web server. For more information abo...

Cisco Small Business 300 Series Managed Switches Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business 300 Series Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected system. The vulnerability exists because the affect...

Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability

A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability exists because the affected software fails to releas...

Cisco Cloud Services Platform 2100 Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability

A vulnerability in the implementation of Border Gateway Protocol BGP functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker coul...

Cisco Prime Infrastructure Information Disclosure Vulnerability

A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to the transmission of sensitive information as part of a GET request. An attacker could exploit this vulnerability by...

Cisco HyperFlex Software Static Signing Key Vulnerability

A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens. The vulnerability is due to a static signing key that is present in all Cisco HyperFlex systems. An attacker could exploit this vulnerability by accessing the stat...

Cisco Webex Centers Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Webex Events Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based...

Cisco SD-WAN Solution Certificate Validation Bypass Vulnerability

A vulnerability in the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass certificate validation on an affected device. The vulnerability is due to improper certificate validation. An attacker could exploit this vulnerability by supplying a system image signed with a...

Cisco Catalyst 6800 Series Switches ROM Monitor Software Secure Boot Bypass Vulnerability

A vulnerability in Cisco IOS ROM Monitor ROMMON Software for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, local attacker to bypass Cisco Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to the presence of a...

Cisco IOS XE Software and Cisco ASA 5500-X Series Adaptive Security Appliance IPsec Denial of Service Vulnerability

A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to improper processing of malformed IPsec...

Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability

A vulnerability in the Network Address Translation NAT Session Initiation Protocol SIP Application Layer Gateway ALG of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of SIP packets in...

Cisco IOS and IOS XE Software VLAN Trunking Protocol Denial of Service Vulnerability

A vulnerability in the VLAN Trunking Protocol VTP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to corrupt the internal VTP database on an affected device and cause a denial of service DoS condition. The vulnerability is due to a logic...

Cisco IOS and IOS XE Software SM-1T3/E3 Service Module Denial of Service Vulnerability

A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers ISR G2 and the Cisco 4451-X Integrated Services Router ISR4451-X could allow an unauthenticated, remote attacker to cause the ISR G2 Router or the SM-1T3/E3 module on the ISR4451-X to reload, resultin...

Cisco IOS XE Software Errdisable Denial of Service Vulnerability

A vulnerability in the errdisable per VLAN feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause the device to crash, leading to a denial of service DoS condition. The vulnerability is due to a race condition that occurs when the VLAN and port enter an...

Cisco IOS and IOS XE Software IPv6 Hop-by-Hop Options Denial of Service Vulnerability

A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of specific IPv6 hop-by-hop options. An attacker could exploit this vulnerability by sending a...

Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability

A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to insufficient...

Cisco IOS XE Software Web UI Denial of Service Vulnerability

A vulnerability in the web user interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a double-free-in-memory handling by the affected software when specific HTTP requests are processed. An attacker...

Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability

A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to improper handling of crafted TACACS+...

Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability

A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install a malicious software image or file on an affected device. The vulnerability is due to the affected software improperly verifying digital signatures for software image...

Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability

A vulnerability in the Precision Time Protocol PTP subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could explo...

Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability

A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service DoS condition. The vulnerability is due to...

Cisco IOS XE Software HTTP Denial of Service Vulnerability

A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service DoS condition. The vulnerability is due to the affected software improperly parsing malformed...

Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write Vulnerabilities

Multiple vulnerabilities in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerabilities ar...

Cisco IOS XE Software MACsec MKA Using EAP-TLS Authentication Bypass Vulnerability

A vulnerability in the MACsec Key Agreement MKA using Extensible Authentication Protocol-Transport Layer Security EAP-TLS functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic through a Layer 3 interface of an affected...

Cisco IOS XE Software Shell Access Authentication Bypass Vulnerability

A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient...

Cisco IOS XE Software Cisco Discovery Protocol Memory Leak Vulnerability

A vulnerability in the Cisco Discovery Protocol CDP module of Cisco IOS XE Software Releases 16.6.1 and 16.6.2 could allow an unauthenticated, adjacent attacker to cause a memory leak that may lead to a denial of service DoS condition. The vulnerability is due to incorrect processing of certain C...

Cisco IOS and IOS XE Software OSPFv3 Denial of Service Vulnerability

A vulnerability in the Open Shortest Path First version 3 OSPFv3 implementation in Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. The vulnerability is due to incorrect handling of specific OSPFv3 packets. An attacker could...