18.5 C
London
Sunday, August 20, 2017

Cisco IOS XR Software Incorrect Permissions Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisconbsp;IOS XR Software could allow an authenticated, local attacker to execute arbitrary code at the root privilege level on an affected system. The vulnerability is due to incorrect permissions t...

Cisco Wide Area Application Services Central Manager Information Disclosure Vulnerability

A vulnerability in the web-based GUI of Cisconbsp;Wide Area Application Servicesnbsp;(WAAS) Central Manager could allow an unauthenticated, remote attacker to retrieve completed reports from an affected system. The vulnerability...

Cisco Prime Network Information Disclosure Vulnerability

A vulnerability in the CLI of the Cisco Prime Network Gateway could allow an authenticated, local attacker to retrieve system process information, which could lead to the disclosure of confidential information. The vulnerability i...

Cisco Wide Area Application Services Core Dump Denial of Service Vulnerability

A vulnerability in the Server Message Block (SMB) protocol of Cisconbsp;Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device due t...

SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE...

The Simple Network Management Protocolnbsp;(SNMP) subsystem of Cisconbsp;IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system ...

Cisco IOS XR Software Local Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands on the host operating system with root privileges. The vulnerability is due to insufficient input valid...

Cisco Firepower Management Center Stored Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. The vulnerability is due t...

Cisco IOS XR Software Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges to the root level. The vulnerability is due to incorrect permission settings on binary files in the affected so...

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisconbsp;Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scriptingnbsp;(XSS) attack against a user of the web interface. The vulnerabilit...

Cisco WebEx Network Recording Player Multiple Buffer Overflow Vulnerabilities

Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files.

An attacker could exploit these vulnerabilities by providing a user with a malicious ARF file via...

Cisco NX-OS Software Fibre Channel over Ethernet Denial of Service Vulnerability

A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when an FCoE-related process u...

Vulnerability in Samba Affecting Cisco Products: May 2017

On May 24, 2017, the Samba team disclosed a vulnerability in Samba server software that could allow an authenticated attacker to execute arbitrary code remotely on a targeted system. This vulnerability has been assigned CVE ID CV...