Vulnerabilities (CVE)

A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script c ... A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Show More

A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to perform a username enumeration attack against an affected device. This vulnerability is due to differences in authentication responses that are sent back from the application as part of an authentication attempt. An attacker could exploit this vulnerability by sending authentication requests to an affected device. A successful exploit could allow the attacker to confirm e ... A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to perform a username enumeration attack against an affected device. This vulnerability is due to differences in authentication responses that are sent back from the application as part of an authentication attempt. An attacker could exploit this vulnerability by sending authentication requests to an affected device. A successful exploit could allow the attacker to confirm existing user accounts, which could be used in further attacks. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Show More

A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious script code in a chat window. A successful exploit could allow the attacker to execute arbitrary script code in the ... A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious script code in a chat window. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Show More

A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker t ... A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

Show More

A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the system. This vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request that contains directory tr ... A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the system. This vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to write arbitrary files to the host system. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

Show More

A vulnerability in the web interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to perform a Document Object Model (DOM)-based cross-site scripting attack. The vulnerability is due to insufficient input validation of some parameters passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting the malicious code. An exploit could allow the attacke ... A vulnerability in the web interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to perform a Document Object Model (DOM)-based cross-site scripting attack. The vulnerability is due to insufficient input validation of some parameters passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting the malicious code. An exploit could allow the attacker to execute arbitrary code in the context of the affected site or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCve76848, CSCve76856.

Show More

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click a specific link. A successful exploit could allow the attacker to submit arbitrary requ ... A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click a specific link. A successful exploit could allow the attacker to submit arbitrary requests to the affected system via a web browser with the privileges of the user.

Show More

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified Intelligence Center 10.0(1) and 10.6(1) allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuu94862 and CSCuu97936.

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute ... A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.

Show More

A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a refresh upgrade (RU) or Prime Collaboration Deployment (PCD) migration is performed on an affected device. When a refresh upgrade or PCD migration is completed successfully, an engineering flag remains enabled and could allow ... A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a refresh upgrade (RU) or Prime Collaboration Deployment (PCD) migration is performed on an affected device. When a refresh upgrade or PCD migration is completed successfully, an engineering flag remains enabled and could allow root access to the device with a known password. If the vulnerable device is subsequently upgraded using the standard upgrade method to an Engineering Special Release, service update, or a new major release of the affected product, this vulnerability is remediated by that action. Note: Engineering Special Releases that are installed as COP files, as opposed to the standard upgrade method, do not remediate this vulnerability. An attacker who can access an affected device over SFTP while it is in a vulnerable state could gain root access to the device. This access could allow the attacker to compromise the affected system completely. Cisco Bug IDs: CSCvg22923, CSCvg55112, CSCvg55128, CSCvg55145, CSCvg58619, CSCvg64453, CSCvg64456, CSCvg64464, CSCvg64475, CSCvg68797.

Show More

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections in the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious, customized link. A successful exploit could allow t ... A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections in the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious, customized link. A successful exploit could allow the attacker to perform arbitrary actions on the affected device via a web browser and with the privileges of the user.

Show More

A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by persuading a user to click a malicious link or by intercepting a user req ... A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by persuading a user to click a malicious link or by intercepting a user request and injecting malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCve76835.

Show More

A vulnerability in the Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of cross-site request forgery (CSRF) protection. An attacker could exploit this vulnerability by tricking the user of a web application into executing an adverse action. Cisco Bug IDs: CSCve76872.

Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center 10.6(1) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus28826.

Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because a certain system log file does not have a maximum size restriction. Therefore, the file is allowed to consume the majority of available disk space on the appliance. An attacker could exploit ... Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because a certain system log file does not have a maximum size restriction. Therefore, the file is allowed to consume the majority of available disk space on the appliance. An attacker could exploit this vulnerability by sending crafted remote connection requests to the appliance. Successful exploitation could allow the attacker to increase the size of a system log file so that it consumes most of the disk space. The lack of available disk space could lead to a DoS condition in which the application functions could operate abnormally, making the appliance unstable. This vulnerability affects the following Cisco Voice Operating System (VOS)-based products: Emergency Responder, Finesse, Hosted Collaboration Mediation Fulfillment, MediaSense, Prime License Manager, SocialMiner, Unified Communications Manager (UCM), Unified Communications Manager IM and Presence Service (IM&P - earlier releases were known as Cisco Unified Presence), Unified Communication Manager Session Management Edition (SME), Unified Contact Center Express (UCCx), Unified Intelligence Center (UIC), Unity Connection, Virtualized Voice Browser. This vulnerability also affects Prime Collaboration Assurance and Prime Collaboration Provisioning. Cisco Bug IDs: CSCvd10872, CSCvf64322, CSCvf64332, CSCvi29538, CSCvi29543, CSCvi29544, CSCvi29546, CSCvi29556, CSCvi29571, CSCvi31738, CSCvi31741, CSCvi31762, CSCvi31807, CSCvi31818, CSCvi31823.

Show More

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the at ... A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

Show More

A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands ... A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.

Show More

A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device.   This vulnerability is due to improper handling of email that passes through an affected device. An attacker could exploit this vulnerability by sending a crafted email through the affected device. A successful exploit could allow the attacker to bypa ... A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device.   This vulnerability is due to improper handling of email that passes through an affected device. An attacker could exploit this vulnerability by sending a crafted email through the affected device. A successful exploit could allow the attacker to bypass email filters on the affected device.

Show More

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite ... Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account. Note: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

Show More

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or wri ... A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user.

Show More

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a logic error when a specific class of encrypted archive files is inspected. An attacker could exploit this vulnerability by sending a crafted, encrypted archive file through the affected device. A succes ... A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a logic error when a specific class of encrypted archive files is inspected. An attacker could exploit this vulnerability by sending a crafted, encrypted archive file through the affected device. A successful exploit could allow the attacker to send an encrypted archive file, which could contain malware and should have been blocked and dropped at the Cisco FTD device.

Show More

A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to a logic error that occurs when an ACL changes from inactive to active in the running configuration of an affected device. An attacker could exploit this vulnerability by s ... A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to a logic error that occurs when an ACL changes from inactive to active in the running configuration of an affected device. An attacker could exploit this vulnerability by sending traffic through the affected device that should be denied by the configured ACL. The reverse condition is also true—traffic that should be permitted could be denied by the configured ACL. A successful exploit could allow the attacker to bypass configured ACL protections on the affected device, allowing the attacker to access trusted networks that the device might be protecting. Note: This vulnerability applies to both IPv4 and IPv6 traffic as well as dual-stack ACL configurations in which both IPv4 and IPv6 ACLs are configured on an interface.

Show More

A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affected device. This vulnerability is due to improper separation of authorization domains when using SAML authentication. An attacker could exploit this vulnerability by using valid credentials to succes ... A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affected device. This vulnerability is due to improper separation of authorization domains when using SAML authentication. An attacker could exploit this vulnerability by using valid credentials to successfully authenticate using their designated connection profile (tunnel group), intercepting the SAML SSO token that is sent back from the Cisco ASA device, and then submitting the same SAML SSO token to a different tunnel group for authentication. A successful exploit could allow the attacker to establish a remote access VPN session using a connection profile that they are not authorized to use and connect to secured networks behind the affected device that they are not authorized to access. For successful exploitation, the attacker must have valid remote access VPN user credentials.

Show More

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite ... Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account. Note: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

Show More

A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to improper access control on certain CLI commands. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to elevate privileges to root. Cisco has released software updates that address this vulnerability. There are no workarounds that a ... A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to improper access control on certain CLI commands. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to elevate privileges to root. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Show More

A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. This vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary fi ... A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. This vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit this vulnerability, an attacker would need to have a remote support user account. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Show More

A vulnerability in Cisco TelePresence CE and RoomOS could allow an unauthenticated, adjacent attacker to view sensitive information on an affected device. This vulnerability exists because the affected software performs improper bounds checks. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read that discloses sensitive information. Note: This vulnerability only affects Ci ... A vulnerability in Cisco TelePresence CE and RoomOS could allow an unauthenticated, adjacent attacker to view sensitive information on an affected device. This vulnerability exists because the affected software performs improper bounds checks. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read that discloses sensitive information. Note: This vulnerability only affects Cisco Webex Desk Hub. There are no workarounds that address this vulnerability.

Show More

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite ... Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account. Note: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

Show More

A vulnerability in pairing process of Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitimate device and pair with an affected device. This vulnerability is due to insufficient identity verification. An attacker could exploit this vulnerability by impersonating a legitimate device and responding to the pairing broadcast from an affected device. A successful exploit could allow the attacke ... A vulnerability in pairing process of Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitimate device and pair with an affected device. This vulnerability is due to insufficient identity verification. An attacker could exploit this vulnerability by impersonating a legitimate device and responding to the pairing broadcast from an affected device. A successful exploit could allow the attacker to access the affected device while impersonating a legitimate device.There are no workarounds that address this vulnerability.

Show More

A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections, which could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance. A successful exploit co ... A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections, which could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance. A successful exploit could allow the attacker to impersonate the affected appliance, inject commands into the terminal session, and steal valid user credentials.

Show More

A vulnerability in the Unified Threat Defense (UTD) configuration CLI of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying host operating system. To exploit this vulnerability, an attacker must have level 15 privileges on the affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting a crafted CLI command to an affected device. A successful exp ... A vulnerability in the Unified Threat Defense (UTD) configuration CLI of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying host operating system. To exploit this vulnerability, an attacker must have level 15 privileges on the affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting a crafted CLI command to an affected device. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying operating system.

Show More

A vulnerability in auxiliary asynchronous port (AUX) functions of Cisco IOS XE Software could allow an authenticated, local attacker to cause an affected device to reload or stop responding. This vulnerability is due to the incorrect handling of specific ingress traffic when flow control hardware is enabled on the AUX port. An attacker could exploit this vulnerability by reverse telnetting to the AUX port and sending specific data after connecting. A successful exploit could allow the attacke ... A vulnerability in auxiliary asynchronous port (AUX) functions of Cisco IOS XE Software could allow an authenticated, local attacker to cause an affected device to reload or stop responding. This vulnerability is due to the incorrect handling of specific ingress traffic when flow control hardware is enabled on the AUX port. An attacker could exploit this vulnerability by reverse telnetting to the AUX port and sending specific data after connecting. A successful exploit could allow the attacker to cause the device to reset or stop responding, resulting in a denial of service (DoS) condition.

Show More

A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to the incorrect handling of LISP packets. An attacker could exploit this vulnerability by sending a crafted LISP packet to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) conditi ... A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to the incorrect handling of LISP packets. An attacker could exploit this vulnerability by sending a crafted LISP packet to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Note: This vulnerability could be exploited over either IPv4 or IPv6 transport.

Show More

A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop all traffic processing, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain IPv4 packets. An attacker could exploit this vulnerability by sending certain IPv4 packets to an affected device. A successful exploit could a ... A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop all traffic processing, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain IPv4 packets. An attacker could exploit this vulnerability by sending certain IPv4 packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition.

Show More

A vulnerability in the data model interface (DMI) services of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access resources that should have been protected by a configured IPv4 access control list (ACL). This vulnerability is due to improper handling of error conditions when a successfully authorized device administrator updates an IPv4 ACL using the NETCONF or RESTCONF protocol, and the update would reorder access control entries (ACEs) in the updated ACL. An atta ... A vulnerability in the data model interface (DMI) services of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access resources that should have been protected by a configured IPv4 access control list (ACL). This vulnerability is due to improper handling of error conditions when a successfully authorized device administrator updates an IPv4 ACL using the NETCONF or RESTCONF protocol, and the update would reorder access control entries (ACEs) in the updated ACL. An attacker could exploit this vulnerability by accessing resources that should have been protected across an affected device.

Show More

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, low-privileged, local attacker to access WLAN configuration details including passwords. This vulnerability is due to improper privilege checks. An attacker could exploit this vulnerability by using the show and show tech wireless CLI commands to access configuration details, including passwords. A successful exploit could allow the attacker to access configuration details that they are not authorized to access.

A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an affected device reloading. This vulnerability exists because crafted, fragmented IKEv1 packets are not properly reassembled. An attacker could exploit this vulnerability by sending crafted UDP packets to an affected system. A successful exploit could allow the attacker to cause the affected device to reload, r ... A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an affected device reloading. This vulnerability exists because crafted, fragmented IKEv1 packets are not properly reassembled. An attacker could exploit this vulnerability by sending crafted UDP packets to an affected system. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: Only traffic that is directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic.

Show More

A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user. This vulnerability is due to improper sanitization of input to the web interface. An attacker could exploit this vulnerability by convincing an authenticated user to click a malicious link. A successful exploit could allow the attacker to inject HTML into the browser of an authenticated C ... A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user. This vulnerability is due to improper sanitization of input to the web interface. An attacker could exploit this vulnerability by convincing an authenticated user to click a malicious link. A successful exploit could allow the attacker to inject HTML into the browser of an authenticated Cisco Catalyst SD-WAN Manager user.

Show More

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or wri ... A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user.

Show More

A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with low privileges to generate fraudulent findings that are used to generate alarms and alerts on an affected product. Thi vulnerability is due to insufficient authorization enforcement on a specific API. An attacker could exploit this vulnerability by authenticating as a low-privileged user and performing API calls wit ... A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with low privileges to generate fraudulent findings that are used to generate alarms and alerts on an affected product. Thi vulnerability is due to insufficient authorization enforcement on a specific API. An attacker could exploit this vulnerability by authenticating as a low-privileged user and performing API calls with crafted input. A successful exploit could allow the attacker to obfuscate legitimate findings in analytics reports or create false indications with alarms and alerts on an affected device.

Show More