Cisco Advisories — FreeIntelHub

Cisco Advisories Vulnerability Disclosure Cisco Apr 1

Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability

A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Apr 1

Cisco Integrated Management Controller Authentication Bypass Vulnerability

A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypas...

T1556

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Apr 1

Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability

A vulnerability in the web interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privilege...

T1548

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Apr 1

Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker with...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 31

Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability

A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to...

T1059

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability

A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their priv...

T1548 T1598

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an unauthenticated, remo...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an authenticated, remote...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service Vulnerability

A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 25

Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to conduct a cross-site ...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service Vulnerability

A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) packets of Cisco IOS XE Wireless Controller Software for the...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability

A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Ca...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability

A vulnerability in the TLS library of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust the available memory of an affected ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability

A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow a remote, unauthenticated attacker to view confidential device information. This vulner...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability

A vulnerability in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Oracle Mar 25

Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attack...

T1190

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 11

Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability

A vulnerability in the handling of an Egress Packet Network Interface (EPNI) Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Intel Mar 11

Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Finesse, Cisco Packaged Contact Center Enterprise (Packaged CCE), Cisco Unified Conta...

T1598

Cisco Advisories →