Cisco Firepower System Software Server Message Block File Policy Bypass Vulnerability

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version ...

Cisco IOS and IOS XE Software Internet Key Exchange Memory Leak...

A vulnerability in the Internet Key Exchange Version 2nbsp;(IKEv2) module of Cisconbsp;IOS Software and Cisconbsp;IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads...

Cisco Smart Install Protocol Misuse

Cisco is aware of a significant increase in Internet scans attempting to detect devices where, after completing setup, the Smart Install feature remains enabled and without proper security controls. This could leave the involved devices susceptible...

Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability

The DHCP relay subsystem of Cisconbsp;IOS and Cisconbsp;IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.

The attacker could also c...

Cisco Aggregation Services Router 9000 Series IPv6 Fragment Header Denial of...

A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, re...

Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities

Multiple vulnerabilities in the EnergyWise module of Cisconbsp;IOS and Cisconbsp;IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of servic...

Cisco FXOS and NX-OS System Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validatio...

Cisco Unified Communications Manager and Cisco Unified Presence Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Unified Communications Manager and Cisco Unified Presence could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affecte...

Cisco IOS Software Login Enhancements Login Block Denial of Service Vulnerabilities

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. For more inf...

Cisco Enterprise NFV Infrastructure Software Linux Shell Access Vulnerability

A vulnerability innbsp;the Secure Copy Protocol (SCP) server of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to access the shell of the underlying Linux operating system on the affected device....

Cisco Meeting Server Media Services Denial of Service Vulnerability

A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisconbsp;Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient ...

Cisco Firepower Threat Defense Software Policy Bypass Vulnerability

A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer (SSL) Access Control (AC) policy to block SSL traffic. The vulnerability...