Cisco Jabber Information Disclosure Vulnerability

A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client.

An attacker could exploit this vulnerability to gain information to conduct additional attacks....

Cisco WebEx Network Recording Player Buffer Overflow Vulnerability

A vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (.arf) files could allow an attacker to execute arbitrary code on a system.

An attacker could exploit this vulnerability by providing a user with a malicious .arf...

Cisco FXOS and NX-OS System Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validatio...

Cisco WebEx Meeting Center Cross-Site Scripting Vulnerability

A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. The vulnerability is due to insufficient input validation of some pa...

Cisco Email Security Appliance Header Bypass Vulnerability

A vulnerability in the Simple Mail Transfer Protocol (SMTP) header filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the ...

Cisco NX-OS System Software Interactive TCL Shell Escape Vulnerability

A vulnerability in the TCL scripting subsystem of Cisco NX-OS System Software could allow an authenticated, local attacker to escape the interactive TCL shell and gain unauthorized access to the underlying operating system of the device. The vulne...

Cisco NX-OS System Software Guest Shell Unauthorized Internal Interface Access Vulnerability

A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container.

An attacker would need valid administrator credentials t...

Multiple Vulnerabilities in Cisco UCS Central Software

Multiple vulnerabilities in the web-based management interface of Cisconbsp;UCS Central Software could allow a remote attacker to conduct a cross-site scriptingnbsp;(XSS) attack against a user of the affected interface or hijack a valid session I...

Multiple Vulnerabilities in Cisco Data Center Network Manager Software

Multiple vulnerabilities in Cisconbsp;Data Center Network Managernbsp;(DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content in...

Cisco WebEx Event Center Information Disclosure Vulnerability

A vulnerability in Cisco WebEx Event Center could allow an authenticated, remote attacker to view unlisted meeting information. The vulnerability is due to a design flaw in the product.

An attacker could execute a query on an Event Center site to ...

Cisco Application Policy Infrastructure Controller Local Command Injection and Privilege Escalation...

A vulnerability in certain system script files that are installed at boot time on Cisconbsp;Application Policy Infrastructure Controllers could allow an authenticated, local attacker to gain elevated privileges and execute arbitrary commands with ...

Cisco Meeting Server Denial of Service Vulnerability

A vulnerability in Cisco Meeting Server versions prior to 2.2.2 could allow an authenticated, remote attacker to cause the system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to video calls being made on sy...