Cisco Vulnerabilities

Cisco TelePresence Video Communication Server Expressway TFTP Information Disclosure Vulnerability

A vulnerability in TFTP in Cisco TelePresence Video Communication Server (VCS) Expressway could allow an authenticated, remote attacker to obtain unauthorized access to configuration files from the device by using TFTP. The vulner...

Cisco IOS Software IPv6 Denial of Service Vulnerability

Cisco IOS Software contains a vulnerability in the IP version 6 (IPv6) protocol stack implementation that could allow an unauthenticated, remote attacker to cause a reload of an affected device that has IPv6 operation enabled. The ...

Cisco AnyConnect Secure Mobility Client Arbitrary File Move Vulnerability

A vulnerability in interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to move arbitrary files with elevated privileges. The vulnerability is due to mis...

Cisco Hosted Collaboration Mediation Fulfillment SOAP API Sensitive Information Disclosure Vulnerability

A vulnerability in the Simple Object Access Protocol (SOAP) application programming interface (API) of the Cisco Hosted Collaboration Mediation Fulfillment application could allow an authenticated, remote attacker to obtain sensiti...

Cisco Firepower 9000 Unauthenticated File Access Vulnerability

A vulnerability in the web interface of the Cisco Firepower 9000 Series Switches could allow an unauthenticated, remote attacker to view certain files on the device that should be restricted.   The vulnerability is due to lack...

Cisco Unified Communications Manager IM and Presence Service REST API Denial...

A vulnerability in the Representational State Transfer (REST) interface of the Cisco Unified Communications Manager IM and Presence Service could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) ...

Multiple Vulnerabilities in ntpd Affecting Cisco Products

Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to execute arbitrary code or create a deni...

Cisco IOS Software TFTP Server Denial of Service Vulnerability

A vulnerability in the TFTP server feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The TFTP server feature is not enabled by default. Ci...

Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability

A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficie...

Cisco Wide Area Application Services Central Manager Information Disclosure Vulnerability

A vulnerability in the web-based GUI of Cisconbsp;Wide Area Application Servicesnbsp;(WAAS) Central Manager could allow an unauthenticated, remote attacker to retrieve completed reports from an affected system. The vulnerability...

Cisco IOS Software for Cisco Catalyst 6500 Series Switches and 7600...

A vulnerability in the ternary content addressable memory (TCAM) share access control list (ACL) functionality of Cisco IOS Software running on Supervisor Engine 720 and Supervisor Engine 32 Modules for Cisco Catalyst 6500 Series Switches and Cisco 760...

Cisco IOS Software DHCP Denial of Service Vulnerability

A vulnerability in the DHCP implementation of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs during the parsing o...