VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,228 total · sorted by risk
  • CVE-2020-3465HigSep 24, 2020
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload. The vulnerability is due to incorrect handling of certain valid, but not typical, Ethernet frames. An attacker could exploit this vulnerability by sending the…

  • CVE-2020-3409HigSep 24, 2020
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to…

  • CVE-2020-3390HigSep 24, 2020
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload,…

  • CVE-2020-3376HigJul 31, 2020
    risk 0.48cvss 7.3epss 0.01

    A vulnerability in the Device Manager application of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions on an affected device. The vulnerability is due to a failure in the software to…

  • CVE-2020-3405HigJul 16, 2020
    risk 0.48cvss 7.3epss 0.01

    A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries when…

  • CVE-2020-3334HigMay 6, 2020
    risk 0.48cvss 7.4epss 0.00

    A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to…

  • CVE-2020-3155HigMar 4, 2020
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the SSL implementation of the Cisco Intelligent Proximity solution could allow an unauthenticated, remote attacker to view or alter information shared on Cisco Webex video devices and Cisco collaboration endpoints if the products meet the conditions described…

  • CVE-2012-1326HigJan 15, 2020
    risk 0.48cvss 7.4epss 0.01

    Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks

  • CVE-2019-15982HigJan 6, 2020
    risk 0.48cvss 7.2epss 0.14

    Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these…

  • CVE-2019-15981HigJan 6, 2020
    risk 0.48cvss 7.2epss 0.14

    Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these…

  • CVE-2019-12676HigOct 2, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a…

  • CVE-2019-12665HigSep 25, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port information not being considered…

  • CVE-2019-12621HigAug 21, 2019
    risk 0.48cvss 7.4epss 0.00

    A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack. The vulnerability is due to insufficient key management. An attacker could exploit this vulnerability by obtaining a specific encryption key for the…

  • CVE-2019-1918HigAug 7, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the implementation of Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an unauthenticated attacker who is in the same IS-IS area to cause a denial of service (DoS)…

  • CVE-2019-1910HigAug 7, 2019
    risk 0.48cvss 7.4epss 0.00

    A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an unauthenticated attacker who is in the same IS–IS area to cause a denial of service…

  • CVE-2019-1920HigJul 17, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the 802.11r Fast Transition (FT) implementation for Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected interface. The vulnerability is due to a lack of complete…

  • CVE-2019-1855HigJul 4, 2019
    risk 0.48cvss 7.3epss 0.02

    A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. To exploit this vulnerability, the attacker would need to have valid credentials on the…

  • CVE-2019-1849HigMay 16, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The…

  • CVE-2019-1846HigMay 16, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of…

  • CVE-2019-1834HigApr 18, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the internal packet processing of Cisco Aironet Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected AP if the switch interface where the AP is connected has port security…

  • CVE-2019-1750HigMar 28, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Easy Virtual Switching System (VSS) of Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an unauthenticated, adjacent attacker to cause the switches to reload. The vulnerability is due to incomplete error handling when processing Cisco…

  • CVE-2019-1749HigMar 28, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the ingress traffic validation of Cisco IOS XE Software for Cisco Aggregation Services Router (ASR) 900 Route Switch Processor 3 (RSP3) could allow an unauthenticated, adjacent attacker to trigger a reload of an affected device, resulting in a denial of…

  • CVE-2019-1748HigMar 28, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because the affected software insufficiently…

  • CVE-2019-1746HigMar 28, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to…

  • CVE-2019-1617HigMar 11, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port Virtualization (NPV) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to an incorrect…

  • CVE-2019-1595HigMar 6, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an incorrect allocation of…

  • CVE-2019-1594HigMar 6, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the 802.1X implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation of Extensible Authentication…

  • CVE-2019-1689HigFeb 25, 2019
    risk 0.48cvss 7.3epss 0.02

    A vulnerability in the client application for iOS of Cisco Webex Teams could allow an authenticated, remote attacker to upload arbitrary files within the scope of the iOS application. The vulnerability is due to improper input validation in the client application. An attacker…

  • CVE-2019-1683HigFeb 25, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of a Transport Level Security (TLS)-encrypted Session Initiation Protocol (SIP)…

  • CVE-2019-1659HigFeb 21, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Identity Services Engine (ISE) integration feature of Cisco Prime Infrastructure (PI) could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack against the Secure Sockets Layer (SSL) tunnel established between ISE and PI. The…

  • CVE-2018-0181HigJan 10, 2019
    risk 0.48cvss 7.3epss 0.02

    A vulnerability in the Redis implementation used by the Cisco Policy Suite for Mobile and Cisco Policy Suite Diameter Routing Agent software could allow an unauthenticated, remote attacker to modify key-value pairs for short-lived events stored by the Redis server. The…

  • CVE-2018-0441HigOct 17, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the 802.11r Fast Transition feature set of Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a corruption of certain timer…

  • CVE-2018-15373HigOct 5, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service (DoS) condition. The…

  • CVE-2018-0475HigOct 5, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input…

  • CVE-2018-0471HigOct 5, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Cisco Discovery Protocol (CDP) module of Cisco IOS XE Software Releases 16.6.1 and 16.6.2 could allow an unauthenticated, adjacent attacker to cause a memory leak that may lead to a denial of service (DoS) condition. The vulnerability is due to incorrect…

  • CVE-2018-0434HigOct 5, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by…

  • CVE-2018-0422HigOct 5, 2018
    risk 0.48cvss 7.3epss 0.01

    A vulnerability in the folder permissions of Cisco Webex Meetings client for Windows could allow an authenticated, local attacker to modify locally stored files and execute code on a targeted device with the privilege level of the user. The vulnerability is due to folder…

  • CVE-2018-0263HigJun 7, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in Cisco Meeting Server (CMS) could allow an unauthenticated, adjacent attacker to access services running on internal device interfaces of an affected system. The vulnerability is due to incorrect default configuration of the device, which can expose internal…

  • CVE-2018-0235HigMay 2, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is…

  • CVE-2018-0241HigApr 19, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that…

  • CVE-2018-0165HigMar 28, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Internet Group Management Protocol (IGMP) packet-processing functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust buffers on an affected device, resulting in a denial of service (DoS) condition, aka a Memory…

  • CVE-2018-0102HigJan 18, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software attempts to free the same…

  • CVE-2017-12275HigNov 2, 2017
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the implementation of 802.11v Basic Service Set (BSS) Transition Management functionality in Cisco Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service…

  • CVE-2014-0691HigOct 24, 2017
    risk 0.48cvss 7.3epss 0.01

    Cisco WebEx Meetings Server before 1.1 uses meeting IDs with insufficient entropy, which makes it easier for remote attackers to bypass authentication and join arbitrary meetings without a password, aka Bug ID CSCuc79643.

  • CVE-2017-3849HigMar 21, 2017
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service…

  • CVE-2016-6474HigDec 14, 2016
    risk 0.48cvss 7.3epss 0.01

    A vulnerability in the implementation of X.509 Version 3 for SSH authentication functionality in Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on an affected system. More Information: CSCuv89417. Known Affected Releases:…

  • CVE-2016-6453HigNov 3, 2016
    risk 0.48cvss 7.3epss 0.01

    A vulnerability in the web framework code of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary SQL commands on the database. More Information: CSCva46542. Known Affected Releases: 1.3(0.876).

  • CVE-2016-6435MedOct 6, 2016
    risk 0.48cvss 6.5epss 0.37

    The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376.

  • CVE-2016-1392HigMay 5, 2016
    risk 0.48cvss 7.4epss 0.01

    Open redirect vulnerability in Cisco Prime Collaboration Assurance Software 10.5 through 11.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuu34121.

  • CVE-2016-1389HigApr 28, 2016
    risk 0.48cvss 7.4epss 0.01

    Open redirect vulnerability in Cisco WebEx Meetings Server (CWMS) 2.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuy44695.

Page 35 of 145