Cisco Advisories

Cisco Advisories Vulnerability Disclosure Cisco 2d ago

Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability

A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to execute arbitrary commands on the un...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco 2d ago

Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access Vulnerability

A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Co...

T1598

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco 2d ago

Cisco Nexus Dashboard and Nexus Dashboard Insights Server-Side Request Forgery Vulnerability

A vulnerability in Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights could allow an unauthenticated, remote attacker to conduct a server-side request ...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco 2d ago

Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker ...

T1190 T1059

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco 2d ago

Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability

A vulnerability in the web interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privilege...

T1548

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco 2d ago

Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker with...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco 2d ago

Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow a remote attacker to conduct a cro...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco 2d ago

Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability

A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco 2d ago

Cisco Integrated Management Controller Authentication Bypass Vulnerability

A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypas...

T1556

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco 3d ago

Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability

A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to...

T1059

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software Denial of Service Vulnerability

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected ...

T1498 T1598

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability

A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow a remote, unauthenticated attacker to view confidential device information. This vulner...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an unauthenticated, remo...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability

A vulnerability in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service Vulnerability

A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability

A vulnerability in the TLS library of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust the available memory of an affected ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability

A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Ca...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an authenticated, remote...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security ...

T1498

Cisco Advisories →