Cisco Adaptive Security Appliance CX Context-Aware Security Denial of Service Vulnerability

A vulnerability in the data plane IP fragment handler of the Adaptive Security Appliance ASA CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service DoS condition. The...

Cisco WebEx Browser Extension Remote Code Execution Vulnerability

A vulnerability in Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers...

Cisco Mobility Express 2800 and 3800 802.11 Denial of Service Vulnerability

A vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points APs could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new incoming requests. The vulnerability is...

Cisco WebEx Meeting Center Site Redirection Vulnerability

A vulnerability in a URL parameter of Cisco WebEx could allow an unauthenticated, remote attacker to perform site redirection. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including a remote site URL in the affected parameter of the...

Cisco IOS and Cisco IOx Software Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco IOS and Cisco IOx Software could allow an unauthenticated, remote attacker to view confidential information that is displayed without authenticating to the device. The vulnerability is due to lack of proper input validation of the...

Cisco Nexus 5000, 6000, and 7000 Series Switches Software IS-IS Packet Processing Denial of Service Vulnerability

A vulnerability in Intermediate System-to-Intermediate System IS-IS protocol packet processing of Cisco Nexus 5000, 6000, and 7000 Series Switches software could allow an unauthenticated, adjacent attacker to cause a reload of the affected device. The vulnerability is due to improper processing o...

Cisco Mobility Express 2800 and 3800 Denial of Service Vulnerability

A vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points APs could allow an unauthenticated, adjacent attacker to cause authentication to fail. The vulnerability is due to improper error handling for 802.11 authentication...

Cisco ASR 5000 Software ipsecmgr Process IKE Packet Parsing Denial of Service Vulnerability

A vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an unauthenticated, remote attacker to cause the ipsecmgr process to reload. The vulnerability is due to a logical error while parsing IKE packets. An attacker could exploit this vulnerability by submitting malformed I...

Cisco Unified Communications Manager Web Interface Cross-Site Scripting Vulnerability

Cisco Unified Communications Manager CUCM contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to a failure to properly call XSS filter...

Cisco IOS for Catalyst 2960X and 3750X Switches Denial of Service Vulnerability

A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial denial of service DoS condition. The vulnerability is due ...

Cisco Email Security Appliance Filter Bypass Vulnerability

A vulnerability in the content scanning engine of Cisco AsyncOS Software for Cisco Email Security Appliances ESA could allow an unauthenticated, remote attacker to bypass configured message or content filters on the device. The vulnerability is due to incomplete input validation of email message...

Cisco WebEx Meetings Server Information Disclosure Vulnerability

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view the fully qualified domain name of the Cisco WebEx administration server. The vulnerability is due to insufficient masking of sensitive data in the HTTP response. An attacker could exploit this...

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

A cross-site scripting XSS filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to mount XSS attacks against a user of an affected device. The vulnerability is due to a failure to properly call XS...

Cisco WebEx Meetings Server Cross-Site Request Forgery Vulnerability

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack against an administrative user. The vulnerability is due to insufficient CSRF protections. An attacker could exploit this vulnerability by convincing...

Cisco WebEx Meetings Server Command Bypass Vulnerability

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. The vulnerability is due to insufficient security configurations of bash in interactive mode. An attacker could exploit this vulnerability by...

Cisco Hybrid Meeting Server Web Interface Cross-Site Request Forgery Vulnerability

A vulnerability in Cisco Hybrid Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack against the user of the web interface. The vulnerability is due to insufficient CSRF protections. An attacker could exploit this vulnerability by...

Cisco WebEx Meetings Server Arbitrary Password Change Vulnerability

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct arbitrary password changes against any non-administrative user. The vulnerability is due to insufficient parameter string security. An attacker could exploit this vulnerability by creating a...

Cisco NetFlow Generation Appliance Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco NetFlow Generation Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

Cisco Intercloud Fabric Database Static Credentials Vulnerability

A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers could allow an unauthenticated, remote attacker to connect to the database used by these products. The vulnerability occurs because the database account uses static credentials. An attacker could...

Cisco CloudCenter Orchestrator Docker Engine Privilege Escalation Vulnerability

A vulnerability in the Docker Engine configuration of Cisco CloudCenter Orchestrator CCO; formerly CliQr could allow an unauthenticated, remote attacker to install Docker containers with high privileges on the affected system. The vulnerability is due to a misconfiguration that causes the Docker...

Cisco Jabber Guest Server HTTP URL Redirection Vulnerability

A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts. The vulnerability is due to insufficient access control for HTTP traffic directed to the Cisco Jabber Guest Server. An attacker could exploit this...

Cisco Firepower Management Center and Cisco FireSIGHT System Software Malicious Software Detection Bypass Vulnerability

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. The vulnerability is due to the incorrect...

Cisco ASR 5000 Series IKEv2 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange Version 2 IKEv2 feature of Cisco ASR 5000 Series Software could allow an unauthenticated, remote attacker to cause a reload of the ipsecmgr process. The vulnerability is due to a race condition in the IKEv2 negotiation logic. An attacker could exploit...

Cisco FireAMP Connector Endpoint Software Denial of Service Vulnerability

A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAMP processes without requiring a password. Stopping certain critical processes could cause a denial...

Cisco Web Security Appliance Drop Decrypt Policy Bypass Vulnerability

A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to connect to a secure website over Secure Sockets Layer SSL or Transport Layer Security TLS, even if the WS...

Cisco AnyConnect Secure Mobility Client Local Privilege Escalation Vulnerability

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. The vulnerability is due to incorrect...

Cisco IOS Frame Forwarding Denial of Service Vulnerability

A vulnerability in Cisco IOS on Catalysts Switches and Nexus 9300 Series Switches could allow an unauthenticated, adjacent attacker to cause a Layer 2 network storm. The vulnerability occurs because the software forwards Layer 2 frames that should be consumed by the first hop. An attacker could...

Cisco Emergency Responder Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Emergency Responder could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for...

Cisco Hybrid Media Service Privilege Escalation Vulnerability

A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level. The vulnerability is due to incorrect installation and permissions settings on binary files during the Hybrid Media Service...

Cisco IOS and IOS XE Software SSH X.509 Authentication Bypass Vulnerability

A vulnerability in the implementation of X.509 Version 3 for SSH authentication functionality in Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on an affected system. The vulnerability is due to improper validation of X.509 signatures during...

Cisco Identity Services Engine Active Directory Integration Component Denial of Service Vulnerability

A vulnerability in the Active Directory integration component of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to perform a denial of service DoS attack. The vulnerability is due to improper handling of Password Authentication Protocol PAP authentication...

Cisco Expressway Series Software Security Bypass Vulnerability

A vulnerability in the HTTP traffic server component of Cisco Expressway could allow an unauthenticated, remote attacker to initiate TCP connections to arbitrary hosts. This does not allow for full traffic proxy through the Expressway. The vulnerability is due to insufficient access control for T...

Cisco FirePOWER Malware Protection Bypass Vulnerability

A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated, remote attacker to download files that would normally be blocked. The vulnerability is due to out-of-order TCP segments retransmissions out of the current window, which have already been...

Cisco IOS and Cisco IOS XE Software Zone-Based Firewall Feature Bypass Vulnerability

A vulnerability in the Zone-Based Firewall feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to pass traffic that should otherwise have been dropped based on the configuration. The vulnerability is due to a logic flaw in a corner case scenario. An...

Cisco Unified Communications Manager IM and Presence Service Information Disclosure Vulnerability

A vulnerability in the web management interface of the Cisco Unified Communications Manager IM and Presence Service could allow an unauthenticated, remote attacker to view information on web pages that should be restricted. The vulnerability is due to a lack of proper input validation performed o...

Cisco Web Security Appliance HTTP URL Denial of Service Vulnerability

A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS vulnerability due to the proxy process unexpectedly restarting. The vulnerability is due to improper input validation of the...

Cisco Intercloud Fabric Director Static Credentials Vulnerability

A vulnerability in the Cisco Intercloud Fabric ICF Director could allow an unauthenticated, remote attacker to connect to internal services with an internal account. The vulnerability is due to static credentials for an internal account. An attacker could exploit this vulnerability by using the...

Cisco Email Security Appliance Content Filter Bypass Vulnerability

A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass user filters that are configured for an affected device. The vulnerability is due to improper filtering of certain TAR...

Cisco IOS XR Software HTTP 2.0 Request Handling Event Service Daemon Denial of Service Vulnerability

A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon emsd to crash, resulting in a denial of service DoS condition. The vulnerability is due to improper handling of HTTP requests...

Cisco Unified Communications Manager Unified Reporting Upload Tool Directory Traversal Vulnerability

A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to modify arbitrary files on the file system. The vulnerability is due to insufficient client-side validation checks. An attacker could...

Cisco ASR 5000 Series IPv6 Packet Processing Denial of Service Vulnerability

A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router ASR 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected reload of the Network Processing Unit NPU process. The vulnerability is due to lack of proper input...

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

Cisco Identity Services Engine ISE contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to insufficient input validation of some parameters...

Cisco Email Security Appliance SMTP Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA Switches and Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to conduct a persistent cross-site scripting XSS attack against a user of the affected interface on an...

Cisco Security Appliances AsyncOS Software Update Server Certificate Validation Vulnerability

A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance ESA, Cisco Web Security Appliance WSA, and Cisco Content Management Security Appliance SMA could allow an unauthenticated, remote attacker to impersonate the update server. The vulnerability i...

Cisco Unified Communications Manager Administration Page Cross-Site Scripting Vulnerability

A vulnerability in the ccmadmin page of Cisco Unified Communications Manager CUCM could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting XSS attacks. The vulnerability is due to improper sanitization or encoding of user-supplied data by the ccmadmin page of an...

Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability

A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface. The vulnerability is due to insufficient input validation of some parameters that ar...

Cisco IOx Application-Hosting Framework Directory Traversal Vulnerability

A vulnerability in the Cisco application-hosting framework CAF of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. The vulnerability is due to insufficient input validation by the affected framework. An attacker could exploit this vulnerability...

Cisco IOS XR Software Default Credentials Vulnerability

A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user. The vulnerability is due to a user account that has a default and static password. An attacker could exploit this vulnerability by connecting to the...

Cisco ONS 15454 Series Multiservice Provisioning Platforms TCP Port Management Denial of Service Vulnerability

A vulnerability in TCP port management in Cisco ONS 15454 Series Multiservice Provisioning Platforms could allow an unauthenticated, remote attacker to cause the controller card to unexpectedly reload. The vulnerability is due to a specific TCP port listening on the local management port when it...

Cisco Firepower Management Center Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center running FireSIGHT System software could allow an authenticated, remote attacker to view the Remote Storage Password. The vulnerability is due to improper masking of sensitive data in the HTTP response. An...