Cisco Vulnerabilities

Cisco Emergency Responder Directory Traversal Vulnerability

A vulnerability in the File Management Utility, the Download File form, and the Serviceability application of Cisco Emergency Responder could allow an authenticated, remote attacker to access files in arbitrary locations on the fil...

Cisco Hybrid Media Service Privilege Escalation Vulnerability

A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level. The vulnerability is due to incorrect installation and permissi...

Cisco Firepower Management Center and Cisco FireSIGHT System Software Malicious Software...

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms o...

Cisco Security Appliances AsyncOS Software Update Server Certificate Validation Vulnerability

A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Management Security Appliance (SMA) could allow an unauthenticate...

Cisco ASR 5000 Series IKEv2 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco ASR 5000 Series Software could allow an unauthenticated, remote attacker to cause a reload of the ipsecmgr process. The vulnerability is due to a race...

Cisco FirePOWER Malware Protection Bypass Vulnerability

A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated, remote attacker to download files that would normally be blocked. The vulnerability is due to out-of-order TCP segments (retransm...

Cisco IOS XR Software HTTP 2.0 Request Handling Event Service Daemon...

A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash, resulting in a denial of service (DoS) con...

Cisco ASR 5000 Series IPv6 Packet Processing Denial of Service Vulnerability

A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected reload of the Network Processing Uni...

Cisco FireAMP Connector Endpoint Software Denial of Service Vulnerability

A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAMP processes without requiring a ...

Cisco IOS and IOS XE Software SSH X.509 Authentication Bypass Vulnerability

A vulnerability in the implementation of X.509 Version 3 for SSH authentication functionality in Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on an affected s...

Cisco Unified Communications Manager Unified Reporting Upload Tool Directory Traversal Vulnerability

A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to modify arbitrary files on the file system. The vulnerability is du...

Cisco IOS Frame Forwarding Denial of Service Vulnerability

A vulnerability in Cisco IOS on Catalysts Switches and Nexus 9300 Series Switches could allow an unauthenticated, adjacent attacker to cause a Layer 2 network storm. The vulnerability occurs because the software forwards Layer 2 f...