Saturday, December 16, 2017

Cisco IOS XR Software Local Packet Transport Services Denial of Service...

A vulnerability in the Local Packet Transport Servicesnbsp;(LPTS) ingress frame-processing functionality of Cisconbsp;IOS XR Software could allow an unauthenticated, remote attacker to cause one of the LPTS processes on an affected system to rest...

Cisco Multilayer Director, Nexus 7000 Series, and Nexus 7700 Series Switches...

A vulnerability in Cisconbsp;NX-OS System Software running on Cisconbsp;MDS Multilayer Director Switches, Cisconbsp;Nexus 7000 Series Switches, and Cisconbsp;Nexus 7700 Series Switches could allow an authenticated, local attacker to access the ...

Cisco WebEx Meeting Server Unauthorized Welcome Message Modification Vulnerability

A vulnerability in Cisco WebEx Meeting Server could allow an unauthenticated, remote attacker to modify the welcome message of a meeting on an affected system. The vulnerability is due to insufficient security settings on meetings.

An attacker cou...

Cisco NX-OS System Software Image Signature Bypass Vulnerability

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. The vulnerability is due to insufficient NX-OS signature verification for software images. ...

Cisco NX-OS System Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due...

Cisco NX-OS System Software Patch Installation Arbitrary File Write Vulnerability

A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process.

An att...

Cisco WebEx Network Recording Player Denial of Service Vulnerability

A vulnerability in Cisco WebEx Network Recording Player for WebEx Recording Format (WRF) files could allow an attacker to cause a denial of service (DoS) condition.

An attacker could exploit this vulnerability by providing a user with a malicious W...

Cisco Nexus Series Switches Open Agent Container Code Execution Vulnerability

A vulnerability in the Open Agent Container (OAC) feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and send packets outside the scope of the OAC. The vulnerability is due to insufficient internal securi...

Cisco NX-OS System Software Patch Signature Bypass Vulnerability

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. The vulnerability is due to insufficient NX-OS signature verification for software patches....

Cisco Network Academy Packet Tracer DLL Preload Vulnerability

An untrusted search path vulnerability in the Cisco Network Academy Packet Tracer software could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installe...

Cisco Voice Operating System-Based Products Unauthorized Access Vulnerability

A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The v...

Cisco Email Security Appliance HTTP Response Splitting Vulnerability

A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a HTTP response splitting attack. The vulnerability is due to the failure of the application or its environment to properly san...