Cisco Vulnerabilities

Cisco Industrial Ethernet 2000 Series Switches CIP Denial of Service Vulnerability

A vulnerability in the implementation of Common Industrial Protocol (CIP) functionality in Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) ...

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017

On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new vulnerabilities.

The foundation also released one vulnerability that was already disclosed in the OpenSSL advisory for Novemb...

Cisco WebEx Browser Extension Remote Code Execution Vulnerability

A vulnerability in Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system.

This vulnerability affects the browser e...

Cisco Mobility Express 2800 and 3800 802.11 Denial of Service Vulnerability

A vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections a...

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to mount XSS attacks against a user of an affect...

Cisco Mobility Express 2800 and 3800 Denial of Service Vulnerability

A vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. The vulnerabi...

Cisco ASR 5000 Software ipsecmgr Process IKE Packet Parsing Denial of...

For information about fixed software releases, consult the Cisco bug ID(s) at the top of this advisory. When considering software upgrades, customers are advised to consult the advisories for Cisco products, which are available from the Cisco Security ...

Cisco IOS for Catalyst 2960X and 3750X Switches Denial of Service...

A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a ...

Cisco IOS XR Software HTTP 2.0 Request Handling Event Service Daemon...

A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash, resulting in a denial of service (DoS) con...

Cisco ASR 5000 Series IPv6 Packet Processing Denial of Service Vulnerability

A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected reload of the Network Processing Uni...

Cisco FireAMP Connector Endpoint Software Denial of Service Vulnerability

A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAMP processes without requiring a ...

Cisco IOS and IOS XE Software SSH X.509 Authentication Bypass Vulnerability

A vulnerability in the implementation of X.509 Version 3 for SSH authentication functionality in Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on an affected s...