Filtered by vendor Cisco
Subscriptions
Total
6246 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0416 | 1 Cisco | 1 Cisco 7xx Routers | 2024-11-20 | N/A |
| Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port. | ||||
| CVE-1999-0415 | 1 Cisco | 1 Cisco 7xx Routers | 2024-11-20 | N/A |
| The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router's configuration. | ||||
| CVE-1999-0293 | 1 Cisco | 1 Ios | 2024-11-20 | N/A |
| AAA authentication on Cisco systems allows attackers to execute commands without authorization. | ||||
| CVE-1999-0230 | 1 Cisco | 1 Ios | 2024-11-20 | N/A |
| Buffer overflow in Cisco 7xx routers through the telnet service. | ||||
| CVE-1999-0222 | 1 Cisco | 1 Router | 2024-11-20 | N/A |
| Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL. | ||||
| CVE-1999-0162 | 1 Cisco | 1 Ios | 2024-11-20 | N/A |
| The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. | ||||
| CVE-1999-0161 | 1 Cisco | 1 Ios | 2024-11-20 | N/A |
| In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could bypass filtering. | ||||
| CVE-1999-0160 | 1 Cisco | 1 Ios | 2024-11-20 | N/A |
| Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. | ||||
| CVE-1999-0159 | 1 Cisco | 1 Ios | 2024-11-20 | N/A |
| Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases. | ||||
| CVE-1999-0158 | 1 Cisco | 1 Pix Firewall Software | 2024-11-20 | N/A |
| Cisco PIX firewall manager (PFM) on Windows NT allows attackers to connect to port 8080 on the PFM server and retrieve any file whose name and location is known. | ||||
| CVE-1999-0157 | 1 Cisco | 2 Ios, Pix Firewall Software | 2024-11-20 | N/A |
| Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service. | ||||
| CVE-1999-0063 | 1 Cisco | 1 Ios | 2024-11-20 | N/A |
| Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port. | ||||
| CVE-1999-0016 | 6 Cisco, Gnu, Hp and 3 more | 8 Ios, Inet, Hp-ux and 5 more | 2024-11-20 | N/A |
| Land IP denial of service. | ||||
| CVE-2024-20525 | 1 Cisco | 1 Identity Services Engine | 2024-11-20 | 6.1 Medium |
| A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. | ||||
| CVE-2024-20530 | 1 Cisco | 1 Identity Services Engine | 2024-11-20 | 6.1 Medium |
| A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. | ||||
| CVE-2024-20531 | 1 Cisco | 1 Identity Services Engine | 2024-11-20 | 5.5 Medium |
| A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device and conduct a server-side request forgery (SSRF) attack through an affected device. To exploit this vulnerability, the attacker would need valid Super Admin credentials. This vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing XML input. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to read arbitrary files on the underlying operating system or conduct an SSRF attack through the affected device. | ||||
| CVE-2024-20538 | 1 Cisco | 1 Identity Services Engine | 2024-11-20 | 6.1 Medium |
| A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface on an affected system to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. | ||||
| CVE-2020-26066 | 1 Cisco | 1 Catalyst Sd-wan Manager | 2024-11-19 | N/A |
| A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by persuading a user to import a crafted XML file with malicious entries. A successful exploit could allow the attacker to read and write files within the affected application.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. | ||||
| CVE-2022-20652 | 1 Cisco | 1 Secure Workload | 2024-11-19 | 6.5 Medium |
| A vulnerability in the web-based management interface and in the API subsystem of Cisco Tetration could allow an authenticated, remote attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting a crafted HTTP message to the affected system. A successful exploit could allow the attacker to execute commands with root-level privileges. To exploit this vulnerability, an attacker would need valid administrator-level credentials.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. | ||||
| CVE-2020-26063 | 1 Cisco | 1 Unified Computing System | 2024-11-18 | 5.4 Medium |
| A vulnerability in the API endpoints of Cisco Integrated Management Controller could allow an authenticated, remote attacker to bypass authorization and take actions on a vulnerable system without authorization. The vulnerability is due to improper authorization checks on API endpoints. An attacker could exploit this vulnerability by sending malicious requests to an API endpoint. An exploit could allow the attacker to download files from or modify limited configuration options on the affected system.There are no workarounds that address this vulnerability. | ||||