Filtered by vendor Cisco
Subscribe
Total
6508 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-3824 | 1 Cisco | 2 Cbr-8 Converged Broadband Router, Ios Xe | 2025-04-20 | 5.4 MEDIUM | 6.8 MEDIUM |
| A vulnerability in the handling of list headers in Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Cisco cBR-8 Converged Broadband Routers running vulnerable versions of Cisco IOS XE are affected. More Information: CSCux40637. Known Affected Releases: 15.5(3)S 15.6(1)S. Known Fixed Releases: 15.5(3)S2 15.6(1)S1 15.6(2)S 15.6(2)SP 16.4(1). | |||||
| CVE-2017-6661 | 1 Cisco | 2 Content Security Management Appliance, Email Security Appliance | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka Message Tracking XSS. More Information: CSCvd30805 CSCvd34861. Known Affected Releases: 10.0.0-203 10.1.0-049. | |||||
| CVE-2017-3806 | 1 Cisco | 1 Firepower Threat Defense | 2025-04-20 | 4.6 MEDIUM | 5.3 MEDIUM |
| A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known Affected Releases: 2.0(1.68). Known Fixed Releases: 2.0(1.118) 2.1(1.47) 92.1(1.1646) 92.1(1.1763) 92.2(1.101). | |||||
| CVE-2017-12338 | 1 Cisco | 3 Lan Switch Software, Nx-os, Unified Computing System | 2025-04-20 | 2.1 LOW | 6.0 MEDIUM |
| A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. The vulnerability is due to insufficient input validation for a specific CLI command. An attacker could exploit this vulnerability by issuing a crafted command on the CLI. An exploit could allow the attacker unauthorized access to read arbitrary files on the underlying local file system. On products that support multiple virtual device contexts (VDCs), this vulnerability could allow an attacker to read files from any VDC. This vulnerability affects the following products running Cisco NX-OS System Software: Multilayer Director Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 5000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, Unified Computing System Manager. Cisco Bug IDs: CSCve51707, CSCve93961, CSCve93964, CSCve93965, CSCve93968, CSCve93974, CSCve93976. | |||||
| CVE-2017-12227 | 1 Cisco | 1 Emergency Responder | 2025-04-20 | 5.5 MEDIUM | 5.4 MEDIUM |
| A vulnerability in the SQL database interface for Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a blind SQL injection attack. The vulnerability is due to a failure to validate user-supplied input used in SQL queries that bypass protection filters. An attacker could exploit this vulnerability by sending crafted URLs that include SQL statements. An exploit could allow the attacker to view or modify entries in some database tables, affecting the integrity of the data. Cisco Bug IDs: CSCvb58973. | |||||
| CVE-2017-6671 | 1 Cisco | 1 Email Security Appliance Firmware | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device, as demonstrated by the Attachment Filter. More Information: CSCvd34632. Known Affected Releases: 10.0.1-087 9.7.1-066. Known Fixed Releases: 10.0.2-020 9.8.1-015. | |||||
| CVE-2017-6792 | 1 Cisco | 1 Prime Collaboration Provisioning | 2025-04-20 | 8.5 HIGH | 6.5 MEDIUM |
| A vulnerability in the batch provisioning feature in Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to overwrite system files as root. The vulnerability is due to lack of input validation of the parameters in BatchFileName and Directory. An attacker could exploit this vulnerability by manipulating the parameters of the batch action file function. Cisco Bug IDs: CSCvd61766. | |||||
| CVE-2017-6607 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-20 | 5.8 MEDIUM | 8.7 HIGH |
| A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload or corrupt the information present in the device's local DNS cache. The vulnerability is due to a flaw in handling crafted DNS response messages. An attacker could exploit this vulnerability by triggering a DNS request from the Cisco ASA Software and replying with a crafted response. A successful exploit could cause the device to reload, resulting in a denial of service (DoS) condition or corruption of the local DNS cache information. Note: Only traffic directed to the affected device can be used to exploit this vulnerability. This vulnerability affects Cisco ASA Software configured in routed or transparent firewall mode and single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.12) 9.2(4.18) 9.4(3.12) 9.5(3.2) 9.6(2.2). Cisco Bug IDs: CSCvb40898. | |||||
| CVE-2015-6358 | 1 Cisco | 48 Pvc2300, Pvc2300 Firmware, Rtp300 and 45 more | 2025-04-20 | 4.3 MEDIUM | 5.9 MEDIUM |
| Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913. | |||||
| CVE-2017-6667 | 1 Cisco | 1 Context Service Development Kit | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development kit (SDK) could allow an unauthenticated, remote attacker to execute arbitrary code on the affected device with the privileges of the web server. More Information: CSCvb66730. Known Affected Releases: 2.0. | |||||
| CVE-2017-3826 | 1 Cisco | 4 Netflow Generation Appliance 3140, Netflow Generation Appliance 3240, Netflow Generation Appliance 3340 and 1 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) with software before 1.1(1a) could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service (DoS) condition. The vulnerability is due to incomplete validation of SCTP packets being monitored on the NGA data ports. An attacker could exploit this vulnerability by sending malformed SCTP packets on a network that is monitored by an NGA data port. SCTP packets addressed to the IP address of the NGA itself will not trigger this vulnerability. An exploit could allow the attacker to cause the appliance to become unresponsive or reload, causing a DoS condition. User interaction could be needed to recover the device using the reboot command from the CLI. The following Cisco NetFlow Generation Appliances are vulnerable: NGA 3140, NGA 3240, NGA 3340. Cisco Bug IDs: CSCvc83320. | |||||
| CVE-2017-6712 | 1 Cisco | 1 Elastic Services Controller | 2025-04-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability in certain commands of Cisco Elastic Services Controller could allow an authenticated, remote attacker to elevate privileges to root and run dangerous commands on the server. The vulnerability occurs because a "tomcat" user on the system can run certain shell commands, allowing the user to overwrite any file on the filesystem and elevate privileges to root. This vulnerability affects Cisco Elastic Services Controller prior to releases 2.3.1.434 and 2.3.2. Cisco Bug IDs: CSCvc76634. | |||||
| CVE-2017-6683 | 1 Cisco | 1 Elastic Services Controller | 2025-04-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability in the esc_listener.py script of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to execute arbitrary commands as the tomcat user on an affected system, aka an Authentication Request Processing Arbitrary Command Execution Vulnerability. More Information: CSCvc76642. Known Affected Releases: 2.2(9.76). | |||||
| CVE-2017-6727 | 1 Cisco | 1 Wide Area Application Services | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in the Server Message Block (SMB) protocol of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device due to a process restarting unexpectedly and creating Core Dump files. More Information: CSCvc63035. Known Affected Releases: 6.2(3a). Known Fixed Releases: 6.3(0.167) 6.2(3c)5 6.2(3.22). | |||||
| CVE-2017-12278 | 1 Cisco | 2 Wireless Lan Controller, Wireless Lan Controller Software | 2025-04-20 | 5.2 MEDIUM | 6.3 MEDIUM |
| A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Wireless LAN Controllers could allow an authenticated, remote attacker to cause an affected device to restart, resulting in a denial of service (DoS) condition. The vulnerability is due to a memory leak that occurs on an affected device after the device fails to deallocate a buffer that is used when certain MIBs are polled. An attacker who knows the SNMP Version 2 SNMP Read string or has valid SNMP Version 3 credentials for an affected device could repeatedly poll the affected MIB object IDs (OIDs) and consume available memory on the device. When memory is sufficiently depleted on the device, the device will restart, resulting in a DoS condition. Cisco Bug IDs: CSCvc71674. | |||||
| CVE-2017-3791 | 1 Cisco | 1 Cisco Prime Home | 2025-04-20 | 10.0 HIGH | 10.0 CRITICAL |
| A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges. The vulnerability is due to a processing error in the role-based access control (RBAC) of URLs. An attacker could exploit this vulnerability by sending API commands via HTTP to a particular URL without prior authentication. An exploit could allow the attacker to perform any actions in Cisco Prime Home with administrator privileges. This vulnerability affects Cisco Prime Home versions from 6.3.0.0 to the first fixed release 6.5.0.1. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Cisco Bug IDs: CSCvb49837. | |||||
| CVE-2017-6623 | 1 Cisco | 1 Policy Suite | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in a script file that is installed as part of the Cisco Policy Suite (CPS) Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to root. The vulnerability is due to incorrect sudoers permissions on the script file. An attacker could exploit this vulnerability by authenticating to the device and providing crafted user input at the CLI, using this script file to escalate their privilege level and execute commands as root. A successful exploit could allow the attacker to acquire root-level privileges and take full control of the appliance. The user has to be logged-in to the device with valid credentials for a specific set of users. The Cisco Policy Suite application is vulnerable when running software versions 10.0.0, 10.1.0, or 11.0.0. Cisco Bug IDs: CSCvc07366. | |||||
| CVE-2017-3822 | 1 Cisco | 1 Firepower Threat Defense | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the following vulnerable products that have enabled FDM: ASA5506-X ASA5506W-X ASA5506H-X ASA5508-X ASA5516-X ASA5512-X ASA5515-X ASA5525-X ASA5545-X ASA5555-X. More Information: CSCvb86860. Known Affected Releases: FRANGELICO. Known Fixed Releases: 6.2.0. | |||||
| CVE-2017-12244 | 1 Cisco | 1 Secure Firewall Management Center | 2025-04-20 | 5.0 MEDIUM | 8.6 HIGH |
| A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort process restarts unexpectedly. The vulnerability is due to improper input validation of the fields in the IPv6 extension header packet. An attacker could exploit this vulnerability by sending a malicious IPv6 packet to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. This vulnerability is specific to IPv6 traffic only. This vulnerability affects Cisco Firepower System Software Releases 6.0 and later when the software has one or more file action policies configured and is running on any of the following Cisco products: 3000 Series Industrial Security Appliances (ISR), Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services, Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls, Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances, Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances, FirePOWER 7000 Series Appliances, FirePOWER 8000 Series Appliances, Firepower Threat Defense for Integrated Services Routers (ISRs), Firepower 2100 Series Security Appliances, Firepower 4100 Series Security Appliances, Firepower 9300 Series Security Appliances, Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware. Cisco Bug IDs: CSCvd34776. | |||||
| CVE-2017-12250 | 1 Cisco | 1 Wide Area Application Services | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in the HTTP web interface for Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause an HTTP Application Optimization (AO) related process to restart, causing a partial denial of service (DoS) condition. The vulnerability is due to lack of input validation of user-supplied input parameters within an HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request through the targeted device. An exploit could allow the attacker to cause a DoS condition due to a process unexpectedly restarting. The WAAS could drop traffic during the brief time the process is restarting. Cisco Bug IDs: CSCvc63048. | |||||