Cisco Vulnerabilities

Cisco Prime Network Information Disclosure Vulnerability

A vulnerability in the CLI of the Cisco Prime Network Gateway could allow an authenticated, local attacker to retrieve system process information, which could lead to the disclosure of confidential information. The vulnerability i...

Cisco Wide Area Application Services Core Dump Denial of Service Vulnerability

A vulnerability in the Server Message Block (SMB) protocol of Cisconbsp;Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device due t...

SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE...

The Simple Network Management Protocolnbsp;(SNMP) subsystem of Cisconbsp;IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system ...

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisconbsp;Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scriptingnbsp;(XSS) attack against a user of the web interface. The vulnerabilit...

Cisco WebEx Network Recording Player Multiple Buffer Overflow Vulnerabilities

Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files.

An attacker could exploit these vulnerabilities by providing a user with a malicious ARF file via...

Cisco IOS XR Software Local Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands on the host operating system with root privileges. The vulnerability is due to insufficient input valid...

Cisco Firepower Management Center Stored Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. The vulnerability is due t...

Cisco IOS XR Software Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges to the root level. The vulnerability is due to incorrect permission settings on binary files in the affected so...

Cisco NX-OS Software Fibre Channel over Ethernet Denial of Service Vulnerability

A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when an FCoE-related process u...

Vulnerability in Samba Affecting Cisco Products: May 2017

On May 24, 2017, the Samba team disclosed a vulnerability in Samba server software that could allow an authenticated attacker to execute arbitrary code remotely on a targeted system. This vulnerability has been assigned CVE ID CV...

ld_test_advisory

Cisco has released software updates that address this vulnerability. [Workarounds that mitigate this vulnerability are available.] This advisory is available at the following link: Cisco has released software updates ...

ISIS_test_Advisory_isis-2.17

Cisco has released software updates that address this vulnerability. [Workarounds that mitigate this vulnerability are available.] This advisory is available at the following link: Cisco has released software updates t...