Cisco Vulnerabilities

Cisco IOS for Catalyst 2960X and 3750X Switches Denial of Service...

A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a ...

Cisco UCS B-Series Blade Servers Denial of Service Vulnerability

A vulnerability in Cisco Unified Computing System (UCS) B-Series blade servers could allow an unauthenticated, local attacker to cause the host operating system or Baseboard Management Controller (BMC) to hang. The vulnerability i...

Cisco FirePOWER 7000 and Cisco FirePOWER 8000 Series Inspection Engine Stall...

A vulnerability in FireSIGHT System Software for Cisco FirePOWER 7000 Series and Cisco FirePOWER 8000 Series devices could allow an unauthenticated, adjacent attacker to cause the inspection engine to stop processing packets. Depen...

Cisco Wireless Residential Gateway Remote Code Execution Vulnerability

A vulnerability in the web server used in multiple Cisco Wireless Residential Gateway products could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution. The vulnerability is d...

Cisco TelePresence Server Cross-Site Request Forgery Vulnerability

A vulnerability in the web interface of Cisco TelePresence Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface. The vulnerability is du...

Cisco Secure Access Control Server SSH Login Denial of Service Vulnerability

A vulnerability in the Secure Shell (SSH) feature of the Cisco Secure Access Control Server (ACS) could allow an authenticated, remote attacker to cause a partial denial of service (DoS) condition due to the SSH screen process unex...

Cisco Unified Communications Domain Manager Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Unified Communications Domain Manager (UCDM) Software could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack. The vulnerability is due to insuff...

Cisco Prime Collaboration Assurance SQL Injection Vulnerability

A vulnerability in web framework of Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to execute unauthorized SQL queries. The vulnerability is due to a failure to validate user-supplied input that ...

Cisco Unified Communications Manager Unified Reporting Upload Tool Directory Traversal Vulnerability

A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to modify arbitrary files on the file system. The vulnerability is du...

Cisco Firepower 9000 Unauthenticated File Access Vulnerability

A vulnerability in the web interface of the Cisco Firepower 9000 Series Switches could allow an unauthenticated, remote attacker to view certain files on the device that should be restricted.   The vulnerability is due to lack...

Cisco Spark Representational State Transfer Interface Unauthorized Access Vulnerability

A vulnerability in the Representational State Transfer (REST) interface of Cisco Spark could allow an unauthenticated, remote attacker to make changes to an affected system system.   The vulnerability is due to improper implem...

Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability

A vulnerability in the web framework of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to access higher-privileged functions. An exploit could allow the attacker to access functions, some of ...