3.1 C
London
Friday, November 17, 2017

Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower...

A vulnerability in the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to obtain root shell privileg...

Cisco Wireless LAN Controller 802.11v Basic Service Set Transition Management Denial...

A vulnerability in the implementation of 802.11v Basic Service Setnbsp;(BSS) Transition Management functionality in Cisconbsp;Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpec...

Cisco Aironet 1560, 2800, and 3800 Series Access Point Platforms Extensible...

A vulnerability in Extensible Authentication Protocol (EAP) ingress frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points could allow an unauthenticated, Layer 2 radio frequency (RF) adjacent attacker to cause the Access ...

Cisco Wireless LAN Controller Simple Network Management Protocol Memory Leak Denial...

A vulnerability in the Simple Network Management Protocolnbsp;(SNMP) subsystem of Cisconbsp;Wireless LAN Controllers could allow an authenticated, remote attacker to cause an affected device to restart, resulting in a denial of servicenbsp;(DoS)...

Cisco Aironet 1560, 2800, and 3800 Series Access Point Platforms 802.11...

A vulnerability in 802.11 association request frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points could allow an unauthenticated, Layer 2 radio frequency (RF) adjacent attacker to cause the Access Point (AP) to reload, ...

Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance Smart...

A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker to inject arbitrary commands that could be...

Cisco Aironet 3800 Series Access Points Protected Management Frames User Denial...

A vulnerability in the handling of 802.11w Protected Management Framesnbsp;(PAF) by Cisconbsp;Aironet 3800 Series Access Points could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device. The vul...

Cisco Spark Hybrid Calendar Service Information Disclosure Vulnerability

A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an unauthenticated, remote attacker to view sensitive information in the unencrypted headers of an HTTP method request.

The attacker could use this infor...

Cisco AMP for Endpoints Static Key Vulnerability

On October 20th, 2017, Cisco PSIRT was notified by the internal product team of a security vulnerability in the Cisco AMP For Endpoints application that would allow an authenticated, local attacker to access a static key value stored in the local a...

Cisco FXOS and NX-OS System Software Authentication, Authorization, and Accounting Denial...

A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to...

Cisco Expressway Series, Cisco TelePresence Video Communication Server, and Cisco TelePresence...

A vulnerability in the cluster databasenbsp;(CDB) management component of Cisconbsp;Expressway Series Software, Cisconbsp;TelePresence Video Communication Servernbsp;(VCS) Software, and Cisco TelePresence Conductor Software could allow an authe...

Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II

On October 16, 2017, a research paper with the title “Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2rdquo; was made publicly available.

This paper discusses seven vulnerabilities affecting session key negotiation in both the Wi-Fi P...