Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-1890

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-04 Jul, 2019 | 20:00
Updated At-21 Nov, 2024 | 19:20
Rejected At-
Credits

Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability

A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. The vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a malicious LLDP packet on the adjacent subnet to the Cisco Nexus 9000 Series Switch in ACI mode. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:04 Jul, 2019 | 20:00
Updated At:21 Nov, 2024 | 19:20
Rejected At:
▼CVE Numbering Authority (CNA)
Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability

A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. The vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a malicious LLDP packet on the adjacent subnet to the Cisco Nexus 9000 Series Switch in ACI mode. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco NX-OS System Software in ACI Mode 11.0.1b
Versions
Affected
  • From unspecified before 14.1(2g) (custom)
Problem Types
TypeCWE IDDescription
CWECWE-284CWE-284
Type: CWE
CWE ID: CWE-284
Description: CWE-284
Metrics
VersionBase scoreBase severityVector
3.07.4HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Version: 3.0
Base score: 7.4
Base severity: HIGH
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass
vendor-advisory
x_refsource_CISCO
http://www.securityfocus.com/bid/109052
vdb-entry
x_refsource_BID
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass
Resource:
vendor-advisory
x_refsource_CISCO
Hyperlink: http://www.securityfocus.com/bid/109052
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass
vendor-advisory
x_refsource_CISCO
x_transferred
http://www.securityfocus.com/bid/109052
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: http://www.securityfocus.com/bid/109052
Resource:
vdb-entry
x_refsource_BID
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ykramarz@cisco.com
Published At:04 Jul, 2019 | 20:15
Updated At:16 Oct, 2020 | 15:09

A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. The vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a malicious LLDP packet on the adjacent subnet to the Cisco Nexus 9000 Series Switch in ACI mode. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.5MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Secondary3.07.4HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Primary2.03.3LOW
AV:A/AC:L/Au:N/C:N/I:P/A:N
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Type: Secondary
Version: 3.0
Base score: 7.4
Base severity: HIGH
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Type: Primary
Version: 2.0
Base score: 3.3
Base severity: LOW
Vector:
AV:A/AC:L/Au:N/C:N/I:P/A:N
CPE Matches
Cisco Systems, Inc.
cisco
>>application_policy_infrastructure_controller>>7.3\(0\)zn\(0.113\)
cpe:2.3:a:cisco:application_policy_infrastructure_controller:7.3\(0\)zn\(0.113\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>9432pq>>-
cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>9536pq>>-
cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>9636pq>>-
cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>9736pq>>-
cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>n9k-x9432c-s>>-
cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>n9k-x9464px>>-
cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>n9k-x9464tx2>>-
cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>n9k-x9564px>>-
cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>n9k-x9564tx>>-
cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>n9k-x9636c-r>>-
cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>n9k-x9636c-rx>>-
cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>n9k-x97160yc-ex>>-
cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>n9k-x9732c-ex>>-
cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>n9k-x9732c-fx>>-
cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>n9k-x9736c-ex>>-
cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>n9k-x9736c-fx>>-
cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>n9k-x9788tc-fx>>-
cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>nexus_92160yc-x>>-
cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>nexus_93108tc-ex>>-
cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>nexus_93108tc-fx>>-
cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>nexus_93120tx>>-
cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>nexus_9316d-gx>>-
cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>nexus_93180yc-ex>>-
cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>nexus_93180yc-fx>>-
cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>nexus_93216tc-fx2>>-
cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>nexus_93240yc-fx2>>-
cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>nexus_9332c>>-
cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>nexus_93360yc-fx2>>-
cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>nexus_9336c-fx2>>-
cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>nexus_9348gc-fxp>>-
cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>nexus_93600cd-gx>>-
cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>nexus_9364c>>-
cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>x9636q-r>>-
cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE-284Secondaryykramarz@cisco.com
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-284
Type: Secondary
Source: ykramarz@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/109052ykramarz@cisco.com
Third Party Advisory
VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypassykramarz@cisco.com
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/109052
Source: ykramarz@cisco.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass
Source: ykramarz@cisco.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

180Records found
CVE-2021-1228
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.06% / 19.04%
||
7 Day CHG~0.00%
Published-24 Feb, 2021 | 19:30
Updated-08 Nov, 2024 | 23:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability

A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. This vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a crafted LLDP packet on the adjacent subnet to an affected device. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_93180lc-exnexus_9332pqnexus_93108tc-exnx-osnexus_9372pxnexus_9364c-gxnexus_9508nexus_93108tc-fx-24nexus_92304qcnexus_93120txnexus_92160yc-xnexus_93128txnexus_9316d-gxnexus_9336pq_aci_spinenexus_93108tc-ex-24nexus_9372tx-enexus_93108tc-fxnexus_93360yc-fx2nexus_9396txnexus_93180yc-fx3snexus_9332cnexus_9364cnexus_92300ycnexus_92348gc-xnexus_9336c-fx2nexus_9348gc-fxpnexus_9272qnexus_93180yc-fx-24nexus_9336c-fx2-enexus_9396pxnexus_93216tc-fx2nexus_93240yc-fx2nexus_93180yc-fxnexus_9372txnexus_93180yc-exnexus_93600cd-gxnexus_9000vnexus_9372px-enexus_9236cnexus_93180yc-fx3nexus_93180yc-ex-24Cisco NX-OS System Software in ACI Mode 11.0(1b)
CWE ID-CWE-284
Improper Access Control
CVE-2020-3418
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.07% / 21.26%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:01
Updated-13 Nov, 2024 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Improper Access Control Vulnerability

A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9800 Series Routers could allow an unauthenticated, adjacent attacker to send ICMPv6 traffic prior to the client being placed into RUN state. The vulnerability is due to an incomplete access control list (ACL) being applied prior to RUN state. An attacker could exploit this vulnerability by connecting to the associated service set identifier (SSID) and sending ICMPv6 traffic. A successful exploit could allow the attacker to send ICMPv6 traffic prior to RUN state.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xecatalyst_9800-lcatalyst_9800-l-ccatalyst_9800-40catalyst_9800-clcatalyst_9800-80catalyst_9800-l-fCisco IOS XE Software
CWE ID-CWE-284
Improper Access Control
CVE-2019-1695
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.05% / 16.46%
||
7 Day CHG~0.00%
Published-03 May, 2019 | 15:10
Updated-21 Nov, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance and Firepower Threat Defense Software Layer 2 Filtering Bypass Vulnerability

A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software improperly filters Ethernet frames sent to an affected device. An attacker could exploit this vulnerability by sending crafted packets to the management interface of an affected device. A successful exploit could allow the attacker to bypass the Layer 2 (L2) filters and send data directly to the kernel of the affected device. A malicious frame successfully delivered would make the target device generate a specific syslog entry.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_2140firepower_2120adaptive_security_appliance_softwarefirepower_2130firepower_2110firepower_threat_defenseCisco Firepower Threat Defense (FTD) SoftwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-284
Improper Access Control
CVE-2019-1690
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.11% / 29.26%
||
7 Day CHG~0.00%
Published-11 Mar, 2019 | 22:00
Updated-21 Nov, 2024 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability

A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_9300nexus_93180lc-exfirepower_4150nexus_56128pnexus_9332pqnexus_3172tqnexus_93108tc-exnexus_3636c-rnexus_9508firepower_2130nexus_93120txapplication_policy_infrastructure_controllerfirepower_4110nexus_93128txnexus_9336pq_aci_spineucs_6400firepower_2110firepower_4145nexus_3548-xlnexus_31128pqnexus_3132q-vnexus_9332cnexus_9364cnexus_3164qnexus_92348gc-xnexus_3172tq-32tnexus_5020nexus_9336c-fx2nexus_3524-xnexus_3132c-znexus_31108tc-vnexus_5548pnexus_9348gc-fxpnexus_5648qnexus_3172nexus_9272qnexus_3464cnexus_93216tc-fx2nexus_36180yc-rnexus_5672upnexus_93180yc-fxnexus_3264qfirepower_4140nexus_3432d-snexus_34180ycnexus_9000vmds_9509nexus_31108pc-vnexus_5596upfirepower_4115nexus_3524nexus_3548nexus_3132qnexus_3016nexus_9372pxnexus_5696qnexus_92304qcnexus_92160yc-xucs_6248upfirepower_4125mds_9100nexus_9504nexus_3048nexus_9372tx-enexus_93108tc-fxnexus_93360yc-fx2nexus_3524-xlucs_6324nexus_9396txfirepower_4120nexus_7000nexus_92300ycnexus_3064ucs_6332nexus_3232cnexus_5548upnexus_9396pxfirepower_2120ucs_6296upnexus_5010nexus_5596tnexus_3264c-enexus_93240yc-fx2nexus_9372txnexus_5624qnexus_3548-xfirepower_4112nexus_3132q-xlnexus_3064-tfirepower_2140mds_9710nexus_3172tq-xlnexus_3408-snexus_93180yc-exnexus_9372px-enexus_9236cnexus_9516mds_9134nexus_3172pq-xlnexus_7700Cisco Application Policy Infrastructure Controller (APIC)
CWE ID-CWE-284
Improper Access Control
CVE-2020-26141
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.32% / 54.49%
||
7 Day CHG~0.00%
Published-11 May, 2021 | 19:42
Updated-04 Aug, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.

Action-Not Available
Vendor-alfan/aSiemens AGCisco Systems, Inc.
Product-6gk5788-1gd00-0aa0meraki_mx67wmeraki_mr84_firmware6gk5748-1fc00-0aa0meraki_mr536gk5786-1fc00-0aa0ip_phone_88616gk5774-1fx00-0aa06gk5748-1gd00-0ab0_firmware6gk5786-2fc00-0ac06gk5734-1fx00-0aa0_firmware6gk5788-2gd00-0ta0_firmwaremeraki_z36gk5774-1fy00-0ta06gk5722-1fc00-0ac0_firmware6gk5778-1gy00-0tb0meraki_mr70_firmwaremeraki_gr60_firmware6gk5788-2gd00-0tb0_firmwaremeraki_z3c6gk5788-2gd00-0aa06gk5722-1fc00-0ab06gk5788-1gd00-0aa0_firmware6gk5778-1gy00-0aa0_firmwaremeraki_mr70meraki_mr26_firmwareip_phone_8865_firmware6gk5734-1fx00-0aa0ip_phone_88656gk5788-2gd00-0ab0_firmwaremeraki_mr53_firmwaremeraki_mr556gk5748-1gd00-0aa0_firmware6gk5722-1fc00-0aa0_firmwaremeraki_mr33_firmware6gk5722-1fc00-0ac06gk5786-2fc00-0ac0_firmware6gk5761-1fc00-0aa0_firmwaremeraki_mx68cw_firmwaremeraki_mr76_firmwaremeraki_mr52meraki_mr34_firmwaremeraki_mr346gk5774-1fx00-0ab0_firmware6gk5774-1fx00-0ab6_firmwareip_phone_6861_firmware6gk5788-1fc00-0aa0_firmwaremeraki_mx65w_firmwarewireless_ip_phone_88216gk5788-1gd00-0ab0_firmwarewireless_ip_phone_8821_firmware6gk5734-1fx00-0ab6_firmwaremeraki_mr42webex_room_series_firmwaremeraki_mr206gk5786-1fc00-0ab0_firmware6gk5786-2fc00-0aa0_firmware6gk5722-1fc00-0aa06gk5761-1fc00-0ab0_firmwarewebex_wireless_phone_840_firmware6gk5748-1fc00-0ab06gk5774-1fx00-0ab66gk5774-1fy00-0tb0meraki_mr44meraki_mr12meraki_mr66_firmwaremeraki_mr86meraki_mr36_firmwarewebex_desk_series6gk5734-1fx00-0aa6_firmwaremeraki_mr32_firmwaremeraki_mr45_firmware6gk5788-2gd00-0aa0_firmware6gk5786-1fc00-0ab0meraki_z3c_firmwaremeraki_mr42_firmware6gk5738-1gy00-0aa0meraki_mr46eip_conference_phone_8832_firmware6gk5786-2hc00-0ab0meraki_mr62_firmware6gk5748-1gd00-0ab06gk5748-1fc00-0ab0_firmware6gk5734-1fx00-0aa66gk5761-1fc00-0ab0meraki_gr10_firmware6gk5738-1gy00-0ab06gk5788-2gd00-0tb0meraki_mr326gk5788-2fc00-0aa06gk5788-2fc00-0ac0_firmwaremeraki_mx68w6gk5734-1fx00-0ab0meraki_mr45webex_wireless_phone_860_firmwaremeraki_mx65wip_phone_8861_firmware6gk5774-1fx00-0aa0_firmwaremeraki_mr336gk5788-2fc00-0ac0meraki_mr53eawus036h_firmware6gk5788-2gd00-0ta06gk5778-1gy00-0tb0_firmware6gk5786-2fc00-0ab0_firmwaremeraki_mr76meraki_mr53e_firmware6gk5778-1gy00-0ta0meraki_mr46e_firmwaremeraki_mx68w_firmwaremeraki_mr46_firmwaremeraki_z3_firmwarewebex_board_series6gk5786-2fc00-0ab0webex_wireless_phone_860meraki_mr12_firmware6gk5774-1fx00-0aa66gk5738-1gy00-0ab0_firmwaremeraki_mr84meraki_mx67cw6gk5778-1gy00-0ab0_firmware6gk5778-1gy00-0aa06gk5721-1fc00-0aa06gk5778-1gy00-0ab06gk5786-2hc00-0aa0_firmware6gk5778-1gy00-0ta0_firmwaremeraki_mr18_firmware6gk5734-1fx00-0ab0_firmware6gk5788-2gd00-0tc06gk5721-1fc00-0ab0_firmware6gk5748-1gd00-0aa06gk5788-2fc00-0aa0_firmware6gk5748-1fc00-0aa0_firmware6gk5761-1fc00-0aa06gk5774-1fx00-0ab06gk5738-1gy00-0aa0_firmware6gk5788-2gd00-0ab0meraki_mr72_firmware6gk5786-2fc00-0aa06gk5774-1fy00-0ta0_firmwaremeraki_mr20_firmwareip_phone_68616gk5721-1fc00-0ab0meraki_gr60meraki_mx68cw6gk5722-1fc00-0ab0_firmware6gk5788-1fc00-0aa0meraki_mr62webex_board_series_firmwaremeraki_mr52_firmware6gk5786-2hc00-0ab0_firmwaremeraki_mr42ewebex_desk_series_firmwaremeraki_mr186gk5786-1fc00-0aa0_firmwaremeraki_mr30hwebex_room_series6gk5788-2fc00-0ab0_firmwaremeraki_mx64w_firmware6gk5786-2hc00-0aa0meraki_mx64w6gk5734-1fx00-0ab6meraki_mr56_firmwaremeraki_mr26meraki_mr46meraki_mr56ip_conference_phone_8832meraki_mr86_firmware6gk5774-1fy00-0tb0_firmwaremeraki_mr42e_firmwaremeraki_mr55_firmwaremeraki_mx67cw_firmwaremeraki_mr44_firmware6gk5774-1fx00-0aa6_firmware6gk5721-1fc00-0aa0_firmwaremeraki_mr726gk5788-1fc00-0ab06gk5788-2fc00-0ab0meraki_mr36meraki_mr666gk5788-1fc00-0ab0_firmware6gk5788-1gd00-0ab0meraki_mr74awus036h6gk5788-2gd00-0tc0_firmwarewebex_wireless_phone_840meraki_mr30h_firmwaremeraki_mr74_firmwaremeraki_mx67w_firmwaremeraki_gr10n/a
CWE ID-CWE-354
Improper Validation of Integrity Check Value
CVE-2018-0247
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.46% / 63.31%
||
7 Day CHG~0.00%
Published-02 May, 2018 | 22:00
Updated-29 Nov, 2024 | 15:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of authentication for WebAuth clients in a specific configuration. An attacker could exploit this vulnerability by sending traffic to local network resources without having gone through authentication. A successful exploit could allow the attacker to bypass authentication and pass traffic. This affects Cisco Aironet Access Points running Cisco IOS Software and Cisco Wireless LAN Controller (WLC) releases prior to 8.5.110.0 for the following specific WLC configuration only: (1) The Access Point (AP) is configured in FlexConnect Mode with NAT. (2) The WLAN is configured for central switching, meaning the client is being assigned a unique IP address. (3) The AP is configured with a Split Tunnel access control list (ACL) for access to local network resources, meaning the AP is doing the NAT on the connection. (4) The client is using WebAuth. This vulnerability does not apply to .1x clients in the same configuration. Cisco Bug IDs: CSCvc79502, CSCvf71789.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-aironet_access_point_softwarewireless_lan_controller_softwareCisco Wireless LAN Controller and Aironet Access Points
CWE ID-CWE-287
Improper Authentication
CVE-2018-0163
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 48.25%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-02 Dec, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated. An exploit could allow the attacker to bypass the 802.1x access controls and obtain access to the network. Cisco Bug IDs: CSCvg69701.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.Cisco Systems, Inc.
Product-5921_embedded_services_router819_hardened_3g1905_serial_integrated_services_router887vagw_3g1240_connected_grid_routerc867vae_integrated_services_router886va-w_integrated_services_router860vae-w_integrated_services_routerc891f_integrated_services_routersc896va_integrated_services_router5940_embedded_services_router1921_integrated_services_routerc897vam-w_integrated_services_router886va_integrated_services_routerstratix_59001906c_integrated_services_router2010_connected_grid_router819_non-hardened_secure_multi-mode_4g_lte_m2m_isr_router892w_integrated_services_routerc881_integrated_services_routerc866vae_integrated_services_router809_industrial_integrated_services_router5915_embedded_service_routerc887vam_integrated_services_routersc887va_integrated_services_routers898_secure_g.shdsl_efm\/atmc888ea_integrated_services_router812_cifi_integrated_services_router886vag_3g_integrated_services_routerc899_secure_gigabit_ethernet888eg_3g_integrated_services_router881_3g_integrated_services_router2921_integrated_services_router888w_integrated_services_router897_multi-mode_vdsl2\/adsl2\+_pots_annex_m3925_integrated_services_routervg350_analog_voice_gatewayc886vaj_integrated_services_router2951_integrated_services_router888-cube_integrated_services_routervg204xm_analog_voice_gateway819_hardened_integrated_services_router887vam-w_integrated_services_router3925e_integrated_services_router887vamg_3g_integrated_services_router861_integrated_services_router812_3g_integrated_services_routerc897va_integrated_services_routerc892fsp_integrated_services_router887va_integrated_services_router886va-cube_integrated_services_routerc886va_integrated_services_routers2911_integrated_services_routerc891fw_integrated_services_router866vae_integrated_services_router891w_integrated_services_routerc898ea_integrated_services_router800_series_routers888e-cube_integrated_services_router1941_integrated_services_router880-voice_integrated_services_router819_hardened_dual_radio_802.11n_wifi_integrated_services_router897_multi-mode_vdsl2\/adsl2\+_potsios1941w_integrated_services_router3945e_integrated_services_routerc897va-m_integrated_services_router887vag_3g_integrated_services_router819_integrated_services_router892_integrated_services_router887va-cube_integrated_services_router887va-w_integrated_services_router819_non-hardened_4g_lte_m2m3945_integrated_services_router881-cube_integrated_services_router881_3g800m_integrated_services_router881_secure_fast_ethernet891_integrated_services_router896_multi-mode_vdsl2\/adsl2\+_isdnc881w_integrated_services_router1120_connected_grid_router891-24x_integrated_services_router888_integrated_services_router2901_integrated_services_router892f-cube_integrated_services_router888e_integrated_services_router2911a_integrated_services_router861w_integrated_services_routerc888_integrated_services_router829_industrial_integrated_services_router867vae_integrated_services_routerc897vaw_integrated_services_router887_multi-mode_vdsl2\/asdl2\+_potsvg3x0_analog_voice_gateway881w_integrated_services_routerCisco IOS
CWE ID-CWE-287
Improper Authentication
CVE-2020-3174
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.10% / 28.86%
||
7 Day CHG~0.00%
Published-26 Feb, 2020 | 16:50
Updated-15 Nov, 2024 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability

A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. A successful exploit could allow the attacker to populate the ARP table with incorrect entries, which could lead to traffic disruptions.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_93180lc-exnexus_9332pqnexus_3172tqnexus_93108tc-exnx-osnexus_3636c-rnexus_9508nexus_93120txnexus_93128txnexus_9336pq_aci_spinemds_9506nexus_3548-xlnexus_31128pqnexus_3132q-vnexus_9332cnexus_9364cnexus_3164qnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3524-xnexus_3132c-znexus_31108tc-vnexus_9348gc-fxpnexus_3172mds_9718nexus_9272qnexus_3464cmds_9148snexus_93216tc-fx2mds_9513nexus_36180yc-rmds_9148tnexus_93180yc-fxmds_9132tnexus_3264qnexus_3432d-snexus_34180ycnexus_9000vmds_9509nexus_31108pc-vmds_9706nexus_3524mds_9216nexus_3548nexus_3132qnexus_3016mds_9216anexus_9372pxnexus_92304qcnexus_92160yc-xnexus_9504nexus_3048nexus_9372tx-enexus_93108tc-fxnexus_93360yc-fx2nexus_3524-xlnexus_9396txnexus_3232c_nexus_7000nexus_92300ycnexus_3064nexus_9396pxmds_9222imds_9216inexus_3264c-enexus_93240yc-fx2nexus_9372txnexus_3548-xnexus_3132q-xlnexus_3064-tmds_9710nexus_3172tq-xlnexus_93180yc-exnexus_3408-snexus_9372px-enexus_9236cnexus_9516nexus_3172pq-xlnexus_7700Cisco NX-OS Software 7.3(2)D1(1d)
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2020-3222
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.08% / 23.39%
||
7 Day CHG~0.00%
Published-03 Jun, 2020 | 17:41
Updated-15 Nov, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Web UI Unauthenticated Proxy Service Vulnerability

A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to bypass access control restrictions on an affected device. The vulnerability is due to the presence of a proxy service at a specific endpoint of the web UI. An attacker could exploit this vulnerability by connecting to the proxy service. An exploit could allow the attacker to bypass access restrictions on the network by proxying their access request through the management network of the affected device. As the proxy is reached over the management virtual routing and forwarding (VRF), this could reduce the effectiveness of the bypass.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software 16.10.1
CWE ID-CWE-17
Not Available
CVE-2020-26140
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.43% / 61.56%
||
7 Day CHG~0.00%
Published-11 May, 2021 | 19:34
Updated-04 Aug, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.

Action-Not Available
Vendor-alfan/aIntel CorporationArista Networks, Inc.Siemens AGCisco Systems, Inc.
Product-catalyst_9117_ap_firmwarewebex_room_kit_firmwareip_phone_8861ac_9560_firmwareir829gw-lte-ga-zk9_firmwareac_8265_firmware1100-8pscalance_w786-2_firmwareir829gw-lte-ga-ck9c-100_firmwarecatalyst_9115axe_firmware1109-2p_firmwareproset_ac_9560_firmwaremeraki_z3webex_room_70_single_g2catalyst_9120_ap_firmwareaironet_1562eo-90_firmwareaironet_1810_firmwareac_9560killer_wi-fi_6_ax1650_firmwareaironet_2800i_firmwaremeraki_gr60_firmwareproset_wireless_7265_\(rev_d\)aironet_17021101-4p_firmwareir829gw-lte-vz-ak9aironet_3800p_firmwarecatalyst_9124axicatalyst_9115axiaironet_2702aironet_4800catalyst_9117aximeraki_mr70c-110aironet_3800proset_wi-fi_6_ax201_firmwaremeraki_mr55catalyst_iw6300_firmwarewebex_dx70_firmwaremeraki_mr33_firmwarescalance_w748-1_firmwaremeraki_mx68cw_firmwarewebex_board_85s_firmwarec-110_firmwaremeraki_mr34_firmwaremeraki_mr52aironet_1562d_firmwareir829-2lte-ea-bk9scalance_w1750daironet_3800iwebex_room_70_dual_firmwareaironet_1810w_firmwareir829gw-lte-ga-sk9_firmwarescalance_w774-1aironet_1552hmeraki_mx65w_firmwarescalance_w1788-1webex_room_55_dualcatalyst_9120axp_firmwareaironet_1815_firmwarescalance_w786-1meraki_mr42proset_ac_9560c-235c-230c-200_firmwaremeraki_mr86meraki_mr36_firmwarecatalyst_9120axe_firmwareproset_ac_9260_firmwaremeraki_mr32_firmwarec-230_firmwareir829gw-lte-ga-ck9_firmwarewi-fi_6_ax200_firmwareaironet_3800e_firmwaremeraki_mr42_firmwareproset_ac_9462_firmwarewebex_room_kit_mini_firmwaremeraki_mr46eproset_wireless_7265_\(rev_d\)_firmwareaironet_1532killer_wi-fi_6e_ax1675ir829gw-lte-vz-ak9_firmwarecatalyst_9117axi_firmwarewebex_room_70_dual_g2_firmwareir829-2lte-ea-ak9_firmwareproset_wi-fi_6e_ax210_firmwaremeraki_gr10_firmwareaironet_1542i_firmwarescalance_w761-1aironet_1572webex_room_kitmeraki_mr32scalance_w722-1_firmwareaironet_1852meraki_mx68wesw-6300-con-x-k9catalyst_iw6300_dcw_firmwarescalance_wam766-1_6ghz_firmwarecatalyst_9105axiaironet_2800e_firmwarescalance_wam763-1_firmwarescalance_w734-1_firmwareaironet_1552c-235_firmware1109-4pip_phone_8861_firmwaremeraki_mr33webex_board_70saironet_3800_firmwareawus036h_firmwareaironet_3702webex_room_kit_miniaironet_1800i_firmwarecatalyst_iw6300_dcwesw-6300-con-x-k9_firmwaremeraki_mr76catalyst_iw6300_acmeraki_mr53e_firmwareaironet_18421100-8p_firmwareproset_ac_3165scalance_w788-1_firmwarecatalyst_iw6300_ac_firmwaremeraki_mr46e_firmwaremeraki_mx68w_firmwarekiller_wi-fi_6e_ax1675_firmwaremeraki_mr46_firmwarewebex_dx80scalance_w1788-2_firmwarecatalyst_9130_approset_ac_9462meraki_mr12_firmwareaironet_1542iaironet_1842_firmwareaironet_3800pwebex_room_55_firmwaremeraki_mr84meraki_mx67cwir829gw-lte-ga-zk9ip_phone_8821_firmwarecatalyst_9120axpaironet_2800_firmwareac_8260_firmwarec-250webex_board_55_firmware1100_firmwarescalance_wum763-1_firmwarescalance_w1748-1w-118meraki_mr20_firmwarec-100scalance_w734-1ip_phone_6861scalance_w774-1_firmwarescalance_wum763-1proset_ac_9260catalyst_9105_firmwaremeraki_mx68cwproset_ac_8260catalyst_9120axi_firmwarewebex_room_55_dual_firmwarescalance_w721-1_firmwaremeraki_mr52_firmwarecatalyst_9115_approset_wi-fi_6e_ax210scalance_w1788-2ia_firmwarescalance_wum766-1_6ghzscalance_w721-1meraki_mr46meraki_mr56catalyst_9130_ap_firmwarecatalyst_9130_firmwarescalance_w748-11109-2pwebex_room_55catalyst_9120axemeraki_mr42e_firmwarekiller_wi-fi_6_ax1650meraki_mr55_firmwarekiller_ac_1550_firmwareir829-2lte-ea-ek9catalyst_9115axi_firmwareir829-2lte-ea-ek9_firmwarescalance_w786-2ia_firmwarew-118_firmwareproset_ac_8260_firmwareaironet_1815i_firmwarecatalyst_9117aironet_1572_firmwaremeraki_mr72webex_room_70c-65_firmwarecatalyst_9130axiaironet_2800webex_dx80_firmwarescalance_w778-1_firmwarescalance_w788-2_firmwarec-120_firmwareawus036hcatalyst_9115_firmwareproset_ac_9461_firmwareaironet_1562e_firmwarec-75meraki_mr74_firmwaremeraki_mx67w_firmwaremeraki_gr10aironet_1810aironet_1562imeraki_mx67wmeraki_mr84_firmwaremeraki_mr53ip_phone_8832scalance_w761-1_firmware1100-4p_firmwareaironet_iw3702_firmwarecatalyst_9105axwesw6300aironet_1832_firmwareaironet_3702_firmwarescalance_wum766-1scalance_w1750d_firmwarescalance_wam766-1_6ghzproset_ac_8265aironet_1552_firmwarecatalyst_9130axe_firmwarewebex_dx70c-130_firmwarec-120meraki_mr70_firmwareaironet_2800icatalyst_9105axi_firmwaremeraki_z3ccatalyst_iw6300_dc_firmwareac_9260_firmwarew-68aironet_1832aironet_1815icatalyst_9120_apmeraki_mr26_firmwareip_phone_8865_firmwareaironet_4800_firmwareip_phone_8865meraki_mr53_firmwareip_phone_8832_firmwaremeraki_mr76_firmwaremeraki_mr34ip_phone_6861_firmwareaironet_1562i_firmwarescalance_w1788-2iaaironet_1800imeraki_mr20scalance_w786-2o-105aironet_1560ir829gw-lte-na-ak9_firmwaremeraki_mr44meraki_mr12meraki_mr66_firmwarecatalyst_9130axi_firmwarescalance_wum766-1_firmwarewi-fi_6_ax200meraki_mr45_firmwarescalance_w778-1webex_room_70_single_firmwarescalance_w1788-1_firmwarescalance_w738-1_firmwaremeraki_z3c_firmwareproset_ac_8265_firmware1101-4paironet_ap803_firmwareir829gw-lte-ga-ek9aironet_1800c-65catalyst_9124_firmware1100-4pmeraki_mr62_firmwarescalance_w1748-1_firmwareesw6300_firmwarecatalyst_9130c-75_firmwareaironet_1562dscalance_wum766-1_6ghz_firmwarecatalyst_9115_ap_firmwareo-105_firmwarescalance_w786-2iameraki_mr45catalyst_9120axiscalance_wam763-1ir829gw-lte-na-ak9catalyst_9115axewebex_room_70_firmwareproset_ac_3165_firmwaremeraki_mx65wc-260_firmwarewi-fi_6_ax201catalyst_9124axd_firmwarewebex_board_55sscalance_wam766-1_firmwarec-130meraki_mr53eaironet_1542d_firmwarecatalyst_9105scalance_w738-1scalance_w1788-2proset_ac_3168c-2001109-4p_firmwarecatalyst_iw6300wi-fi_6_ax201_firmwarewebex_board_70aironet_1810waironet_iw3702scalance_w722-1ir829-2lte-ea-bk9_firmwarecatalyst_9130axemeraki_z3_firmwarecatalyst_9105axw_firmwarecatalyst_9117_firmwarec-250_firmwarewebex_room_70_single_g2_firmwarewebex_board_55aironet_1560_firmwarescalance_w786-1_firmwarecatalyst_iw6300_dcaironet_1815webex_board_85sc-260webex_room_70_dualaironet_1852_firmwareac_8265proset_ac_3168_firmwarecatalyst_9124axi_firmwareo-90webex_room_70_dual_g2meraki_mr72_firmwarecatalyst_9120_firmwareaironet_ap803meraki_gr60aironet_2702_firmwarescalance_w788-1catalyst_9117_apmeraki_mr62aironet_2800eaironet_1800_firmwaremeraki_mr42ekiller_ac_1550aironet_1702_firmwaremeraki_mr30hmeraki_mx64w_firmwarewebex_room_70_singlecatalyst_9124webex_board_70_firmwaremeraki_mx64wmeraki_mr56_firmwarew-68_firmwaremeraki_mr26aironet_3800ewebex_board_55s_firmwaremeraki_mr86_firmware1100meraki_mx67cw_firmwareaironet_3800i_firmwareac_8260scalance_wam766-1meraki_mr44_firmwareproset_wi-fi_6_ax201scalance_w788-2proset_wi-fi_6_ax200ir829-2lte-ea-ak9ip_phone_8821catalyst_9115ir829gw-lte-ga-sk9aironet_1542dcatalyst_9120meraki_mr36meraki_mr66catalyst_9124axdaironet_1552h_firmwareproset_wi-fi_6_ax200_firmwaremeraki_mr74ac_9260webex_board_70s_firmwaremeraki_mr30h_firmwareproset_ac_9461ir829gw-lte-ga-ek9_firmwareaironet_1532_firmwaren/a
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2022-20931
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.82%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 15:30
Updated-31 Jul, 2025 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Touch 10 Device Downgrade Attack Vulnerability

A vulnerability in the version control of Cisco TelePresence CE Software for Cisco Touch 10 Devices could allow an unauthenticated, adjacent attacker to install an older version of the software on an affected device. This vulnerability is due to insufficient version control. An attacker could exploit this vulnerability by installing an older version of Cisco TelePresence CE Software on an affected device. A successful exploit could allow the attacker to take advantage of vulnerabilities in older versions of the software.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-telepresence_collaboration_endpointCisco TelePresence Endpoint Software (TC/CE)
CWE ID-CWE-527
Exposure of Version-Control Repository to an Unauthorized Control Sphere
CVE-2019-1758
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.22% / 44.60%
||
7 Day CHG~0.00%
Published-28 Mar, 2019 | 00:20
Updated-21 Nov, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability

A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-iosCisco IOS Software
CWE ID-CWE-287
Improper Authentication
CVE-2017-12213
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.24% / 46.88%
||
7 Day CHG~0.00%
Published-07 Sep, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the dynamic access control list (ACL) feature of Cisco IOS XE Software running on Cisco Catalyst 4000 Series Switches could allow an unauthenticated, adjacent attacker to cause dynamic ACL assignment to fail and the port to fail open. This could allow the attacker to pass traffic to the default VLAN of the affected port. The vulnerability is due to an uncaught error condition that may occur during the reassignment of the auth-default-ACL dynamic ACL to a switch port after 802.1x authentication fails. A successful exploit of this issue could allow a physically adjacent attacker to bypass 802.1x authentication and cause the affected port to fail open, allowing the attacker to pass traffic to the default VLAN of the affected switch port. Cisco Bug IDs: CSCvc72751.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_4000ios_xeCisco Catalyst 4000 Series Switches
CWE ID-CWE-287
Improper Authentication
CVE-2023-20260
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.02% / 3.72%
||
7 Day CHG~0.00%
Published-17 Jan, 2024 | 16:57
Updated-13 Nov, 2024 | 19:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An attacker could exploit this vulnerability by issuing a command on the CLI with malicious options. A successful exploit could allow the attacker to gain the escalated privileges of the root user on the underlying operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-prime_infrastructureevolved_programmable_network_managerCisco Prime InfrastructureCisco Evolved Programmable Network Manager (EPNM)
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2023-20261
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.12% / 32.25%
||
7 Day CHG-0.02%
Published-18 Oct, 2023 | 16:27
Updated-12 Jun, 2025 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system. This vulnerability is due to improper validation of parameters that are sent to the web UI. An attacker could exploit this vulnerability by logging in to Cisco Catalyst SD-WAN Manager and issuing crafted requests using the web UI. A successful exploit could allow the attacker to obtain arbitrary files from the underlying Linux file system of an affected system. To exploit this vulnerability, the attacker must be an authenticated user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_sd-wan_managerCisco SD-WAN vManage
CWE ID-CWE-284
Improper Access Control
CVE-2023-20267
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4||MEDIUM
EPSS-0.01% / 0.99%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 17:16
Updated-21 Nov, 2024 | 21:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restriction. A successful exploit could allow the attacker to bypass location-based IP address restrictions.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-284
Improper Access Control
CVE-2016-1474
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.43% / 61.55%
||
7 Day CHG~0.00%
Published-08 Aug, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Prime Infrastructure 2.2(2) does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCuw65846, a different vulnerability than CVE-2015-6434.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-prime_infrastructuren/a
CWE ID-CWE-284
Improper Access Control
CVE-2023-20191
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.03% / 7.84%
||
7 Day CHG~0.00%
Published-13 Sep, 2023 | 16:41
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incomplete support for this feature. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device. There are workarounds that address this vulnerability. This advisory is part of the September 2023 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2023 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication .

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Software
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-20065
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.45%
||
7 Day CHG~0.00%
Published-23 Mar, 2023 | 00:00
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_920-10sz-pdcatalyst_3850asr_907catalyst_9500hcatalyst_3850-16xs-scatalyst_3850-48pw-sasr_1000-esp200-xcatalyst_9300l-24t-4x-acatalyst_9300-48un-e4331_integrated_services_routercg522-easr_90064461_integrated_services_routercatalyst_9300-48p-acatalyst_9300-24s-aasr_901s-3sg-f-dasr_1000-esp100-xcatalyst_9300l-48t-4x-aasr_920-12sz-imcatalyst_8300catalyst_8500-4qccatalyst_3850-48u-lcatalyst_9800-80_wireless_controlleress-3300-ncp-acatalyst_8300-1n1s-6t8101-32fhcatalyst_9300l-24t-4g-easr_920-12cz-a_rcatalyst_3850-48xscatalyst_9800-clcatalyst_9300-48p-e1131_integrated_services_routercatalyst_9300-48t-ecatalyst_9600xcatalyst_3850-24xu-eess-3300-24t-con-e9800-40catalyst_9600catalyst_3850-48u-scatalyst_3850-16xs-ecatalyst_8510msrcatalyst_9200lcatalyst_3850-24xucatalyst_9300-48uxm-e1109_integrated_services_routercatalyst_9400catalyst_3850-48t-l1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_9600_supervisor_engine-1ess-3300-24t-con-acatalyst_9800-40catalyst_9300l-48p-4x-acatalyst_9800catalyst_9300-48u-aasr_902u1100-4p_integrated_services_routerasr_903asr_9920asr_9906catalyst_ie3200_rugged_switchcatalyst_3850-48t-ecg418-e1101_integrated_services_routerasr_920-24tz-m_r8101-32hasr_920-24sz-m_ress-3300-24t-ncp-acatalyst_3850-12s-sasr_9010asr_920-4sz-d_rcatalyst_3850-24u-sasr_99021100_integrated_services_routerasr_901-4c-ft-dcatalyst_9300l-24t-4x-ecatalyst_9800-40_wireless_controllerasr_1002-hx_rasr_1006-xasr_920-12cz-acatalyst_9300l-24p-4g-aess-3300-24t-ncp-easr_901-12c-ft-dcatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_3850-32xs-scatalyst_9500asr_9001asr_901s-3sg-f-ah4221_integrated_services_routercatalyst_3850-48f-lcatalyst_3850-24xu-lcatalyst_ie3400_heavy_duty_switchcatalyst_3850-24s-scatalyst_9300-48s-easr_1002-xasr_920-12cz-d_r8800_18-slotcatalyst_9300lcatalyst_ie3400_rugged_switch4451-x_integrated_services_routercatalyst_3850-48p-scatalyst_ie9300catalyst_8510csrasr_1002-hx1109-2p_integrated_services_routercatalyst_9200cxasr_920-10sz-pd_rcatalyst_8200asr_1000-esp100catalyst_9300-48t-acatalyst_3850-12s-ecatalyst_8500asr_920u-12sz-im8831catalyst_3850-24t-easr_900asr_901-6cz-ft-a4321_integrated_services_routercatalyst_3850-24xs-scatalyst_8300-1n1s-4t2x8804catalyst_ie3300_rugged_switchasr_1000catalyst_3850-48p-lcatalyst_8300-2n2s-4t2xasr_920-12sz-im_r88081100-8p_integrated_services_routercatalyst_9410rcatalyst_3850-nm-8-10gasr_901-12c-f-dcatalyst_3850-12xs-easr_901s-2sg-f-ahcatalyst_8540csrcatalyst_3850-32xs-e1100-6g_integrated_services_routercatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_9300l-48p-4g-ecatalyst_9300l-48t-4g-easr_9148202catalyst_3850-24p-scatalyst_3850-24u9800-lcatalyst_9300l_stackasr_920-12cz-dcatalyst_9300l-24p-4g-easr_920-4sz-d111x_integrated_services_routercatalyst_9800-l8201-32fhasr_1013catalyst_8540msrasr_920-24sz-imcatalyst_3850-nm-2-40gcbr-8catalyst_9300lmcatalyst_9300-24t-easr_9000vcatalyst_3850-48t-scatalyst_9407rcatalyst_3850-24pw-scatalyst_3850-24t-scatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_9800_embedded_wireless_controllercatalyst_9200catalyst_9300l-48p-4g-a1160_integrated_services_routercatalyst_9300l-48t-4g-aasr_920-24sz-mintegrated_services_virtual_routerasr_920-4sz-acatalyst_ie3200catalyst_3850-48p-ecatalyst_9800-80catalyst_8300-2n2s-6tasr_920-4sz-a_rcatalyst_9300l-48p-4x-eess-3300-con-aasr_901-6cz-ft-dasr_901-6cz-f-dess-3300-ncp-easr_9000catalyst_8500lcatalyst_9300-24s-ecatalyst_9300-48u-e1101-4p_integrated_services_routercatalyst_9300-48s-acatalyst_3850-24p-easr_1006catalyst_3850-48xs-f-scatalyst_9300-24t-acatalyst_9300l-24p-4x-acatalyst_9300asr_920-24sz-im_rcatalyst_3850-24xu-s4451_integrated_services_routerasr_9901catalyst_3850-24xs-ecatalyst_9400_supervisor_engine-1ess-3300-con-ecatalyst_ie3400catalyst_3850-24u-lcatalyst_9300l-24t-4g-a9800-clcatalyst_3850-48f-sasr_901-4c-f-d8800_8-slotasr_1001-hx_rcatalyst_9800-l-ccatalyst_3850-48f-e4000_integrated_services_router1000_integrated_services_routercatalyst_9300-48uxm-aasr_102388128818catalyst_9300-24p-aasr_1001esr6300catalyst_3850-48xs-easr_9904catalyst_9300-24u-acatalyst_3850-48uasr_1001-hxcatalyst_ie33008102-64hasr_1009-x8201catalyst_9300-24u-easr_901-6cz-f-acatalyst_3850-12x48ucatalyst_9300xcatalyst_9300-48un-aasr_1001-x_rasr_901-6cz-fs-dcatalyst_9300-24p-easr_1002-x_rasr_901s-4sg-f-dcatalyst_3850-48xs-f-easr_1002catalyst_9800-l-fasr_902asr_1004catalyst_9300l-48t-4x-ecatalyst_3850-24p-l1120_integrated_services_routercatalyst_3850-24xsasr_99038800_4-slotess9300-10x-e4431_integrated_services_router9800-80asr_901-6cz-fs-acatalyst_3850-24u-ecatalyst_3850-48xs-sios_xe1111x-8p_integrated_services_routerasr_9910asr_9912asr_99221109-4p_integrated_services_router8800_12-slotasr_1001-xasr_901s-2sg-f-dcatalyst_9300-24ux-e4351_integrated_services_routerasr_920-24tz-mCisco IOS XE Software
CWE ID-CWE-284
Improper Access Control
CVE-2016-1406
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.30% / 52.87%
||
7 Day CHG+0.03%
Published-25 May, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID CSCuy12409.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-prime_infrastructureevolved_programmable_network_managern/a
CWE ID-CWE-284
Improper Access Control
CVE-2016-1301
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.27% / 50.59%
||
7 Day CHG~0.00%
Published-07 Feb, 2016 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RBAC implementation in Cisco ASA-CX Content-Aware Security software before 9.3.1.1(112) and Cisco Prime Security Manager (PRSM) software before 9.3.1.1(112) allows remote authenticated users to change arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuo94842.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asa_cx_context-aware_security_softwareprime_security_managern/a
CWE ID-CWE-284
Improper Access Control
CVE-2023-20223
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.17% / 38.62%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 17:20
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco DNA Center could allow an unauthenticated, remote attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control enforcement on API requests. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-dna_centerCisco Digital Network Architecture Center (DNA Center)
CWE ID-CWE-284
Improper Access Control
CVE-2023-20237
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.05% / 15.27%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 21:00
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible. This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker access to internal subnets beyond the sphere of their intended access level.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-intersight_virtual_applianceintersight_assistintersight_connected_virtual_applianceintersight_private_virtual_applianceCisco Intersight Virtual Appliance
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2016-1315
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.26%
||
7 Day CHG~0.00%
Published-12 Feb, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The proxy engine in Cisco Advanced Malware Protection (AMP), when used with Email Security Appliance (ESA) 9.5.0-201, 9.6.0-051, and 9.7.0-125, allows remote attackers to bypass intended content restrictions via a malformed e-mail message containing an encoded file, aka Bug ID CSCux45338.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-email_security_appliance_firmewaren/a
CWE ID-CWE-284
Improper Access Control
CVE-2016-1302
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.22% / 45.07%
||
7 Day CHG~0.00%
Published-07 Feb, 2016 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.

Action-Not Available
Vendor-zzincn/aSamsungCisco Systems, Inc.Zyxel Networks CorporationSun Microsystems (Oracle Corporation)
Product-nexus_9272qnexus_9504nexus_93120txnexus_93180yc-exnexus_93108tc-exnexus_92304qcnexus_9396txnx-osnexus_9236cnexus_9372txnexus_92160yc-xgs1900-10hp_firmwarenexus_9508nexus_9372pxnexus_9332pqkeymouse_firmwarenexus_9336pq_aci_spinex14j_firmwarenexus_9516opensolarisnexus_93128txnexus_9396pxn/a
CWE ID-CWE-284
Improper Access Control
CVE-2023-20224
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.34%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 21:43
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient input validation of user-supplied CLI arguments. An attacker could exploit this vulnerability by authenticating to an affected device and using crafted commands at the prompt. A successful exploit could allow the attacker to execute arbitrary commands as root. The attacker must have valid credentials on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-thousandeyes_enterprise_agentCisco ThousandEyes Recorder Application
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2009-2631
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-6.8||MEDIUM
EPSS-0.88% / 74.38%
||
7 Day CHG~0.00%
Published-04 Dec, 2009 | 11:00
Updated-16 Jun, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Clientless SSL VPN products break web browser domain-based security models

Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN's domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design

Action-Not Available
Vendor-aladdinstonesoftSonicWall Inc.Cisco Systems, Inc.Palo Alto Networks, Inc.
Product-safenet_securewire_access_gatewaye-class_ssl_vpnstonegateadaptive_security_appliancessl_vpnAdaptive Security Appliance Web SSL VPNPAN OS Web SSL VPN
CWE ID-CWE-284
Improper Access Control
CVE-2024-20465
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.09% / 26.71%
||
7 Day CHG~0.00%
Published-25 Sep, 2024 | 16:29
Updated-24 Oct, 2024 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on Cisco Industrial Ethernet 4000, 4010, and 5000 Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the incorrect handling of IPv4 ACLs on switched virtual interfaces when an administrator enables and disables Resilient Ethernet Protocol (REP). An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-iosIOSios
CWE ID-CWE-284
Improper Access Control
CVE-2024-20302
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.4||MEDIUM
EPSS-0.12% / 31.85%
||
7 Day CHG~0.00%
Published-03 Apr, 2024 | 16:21
Updated-11 Apr, 2025 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the tenant security implementation of Cisco Nexus Dashboard Orchestrator (NDO) could allow an authenticated, remote attacker to modify or delete tenant templates on an affected system. This vulnerability is due to improper access controls within tenant security. An attacker who is using a valid user account with write privileges and either a Site Manager or Tenant Manager role could exploit this vulnerability. A successful exploit could allow the attacker to modify or delete tenant templates under non-associated tenants, which could disrupt network traffic.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_dashboard_orchestratorCisco Nexus Dashboard Orchestrator
CWE ID-CWE-284
Improper Access Control
CVE-2024-20279
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.11% / 29.68%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 16:19
Updated-01 Aug, 2025 | 15:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Application Policy Infrastructure Controller Unauthorized Policy Actions Vulnerability

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to modify the behavior of default system policies, such as quality of service (QoS) policies, on an affected system. This vulnerability is due to improper access control when restricted security domains are used to implement multi-tenancy. An attacker with a valid user account associated with a restricted security domain could exploit this vulnerability. A successful exploit could allow the attacker to read, modify, or delete child policies created under default system policies, which are implicitly used by all tenants in the fabric, resulting in disruption of network traffic. Exploitation is not possible for policies under tenants that an attacker has no authorization to access.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-application_policy_infrastructure_controllerCisco Application Policy Infrastructure Controller (APIC)
CWE ID-CWE-284
Improper Access Control
CVE-2024-20397
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.2||MEDIUM
EPSS-0.07% / 21.77%
||
7 Day CHG+0.01%
Published-04 Dec, 2024 | 16:13
Updated-08 Apr, 2025 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Image Verification Bypass Vulnerability

A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification.  This vulnerability is due to insecure bootloader settings. An attacker could exploit this vulnerability by executing a series of bootloader commands. A successful exploit could allow the attacker to bypass NX-OS image signature verification and load unverified software.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco NX-OS SoftwareCisco Unified Computing System (Managed)Cisco NX-OS System Software in ACI Mode
CWE ID-CWE-284
Improper Access Control
CVE-2024-20315
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.03% / 7.85%
||
7 Day CHG~0.00%
Published-13 Mar, 2024 | 16:45
Updated-15 Apr, 2025 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to improper assignment of lookup keys to internal interface contexts. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access resources behind the affected device that were supposed to be protected by a configured ACL.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco IOS XR Softwareios_xr_software
CWE ID-CWE-284
Improper Access Control
CVE-2024-20261
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.19% / 41.27%
||
7 Day CHG~0.00%
Published-22 May, 2024 | 16:53
Updated-30 Jul, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a logic error when a specific class of encrypted archive files is inspected. An attacker could exploit this vulnerability by sending a crafted, encrypted archive file through the affected device. A successful exploit could allow the attacker to send an encrypted archive file, which could contain malware and should have been blocked and dropped at the Cisco FTD device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Softwarefirepower_management_center
CWE ID-CWE-284
Improper Access Control
CVE-2024-20325
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.07% / 22.33%
||
7 Day CHG~0.00%
Published-21 Feb, 2024 | 16:09
Updated-06 May, 2025 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Live Data server of Cisco Unified Intelligence Center could allow an unauthenticated, local attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control implementations on cluster configuration CLI requests. An attacker could exploit this vulnerability by sending a cluster configuration CLI request to specific directories on an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unified_intelligence_centerCisco Unified Intelligence Centerunified_intelligence_center
CWE ID-CWE-284
Improper Access Control
CVE-2024-20291
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-11.56% / 93.36%
||
7 Day CHG~0.00%
Published-28 Feb, 2024 | 16:16
Updated-30 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device. This vulnerability is due to incorrect hardware programming that occurs when configuration changes are made to port channel member ports. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access network resources that should be protected by an ACL that was applied on port channel subinterfaces.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_3524-xlnexus_9808nexus_9372px-enexus_93600cd-gxnexus_3000_in_standalone_nx-os_modenexus_9364d-gx2anexus_93108tc-exnexus_9316d-gxnexus_93108tc-fx3pnexus_93180yc-fx3hnexus_9000vnexus_3548-xnexus_93216tc-fx2nexus_3172tq-32tnexus_93360yc-fx2nexus_3172tq-xlnexus_92348gc-xnexus_93240yc-fx2nexus_3464cnexus_31108tc-vnexus_9332cnexus_9804nexus_31128pqnexus_9364c-gxnexus_34180ycnexus_3132q-xlnexus_9336pq_aci_spinenexus_9336c-fx2nexus_3548-xlnexus_93180yc-ex-24nexus_93180yc-exnexus_92300ycnexus_9348d-gx2anexus_9348gc-fxpnexus_3048nexus_9332pqnexus_3524-xnexus_3132c-znexus_9364c-h1nexus_3172tqnexus_3264qnexus_3264c-enexus_9348gc-fx3nexus_31108pc-vnx-osnexus_93108tc-ex-24nexus_9000_in_standalone_nx-os_modenexus_93180yc-fx-24nexus_9364e-sg2nexus_93180yc-fxnexus_9236cnexus_3432d-snexus_9372tx-enexus_3408-snexus_93180yc-fx3snexus_93180lc-exnexus_3164qnexus_9508nexus_9336c-fx2-enexus_3132q-vnexus_93120txnexus_9408nexus_9332d-gx2bnexus_93108tc-fxnexus_9396txnexus_93108tc-fx3nexus_9332d-h2rnexus_9364cnexus_92160yc-xnexus_3172pqnexus_93108tc-fx3hnexus_34200yc-smnexus_36180yc-rnexus_9272qnexus_3232cnexus_93108tc-fx-24nexus_3172pq-xlnexus_92348gc-fx3nexus_92304qcnexus_93180yc-fx3nexus_93400ld-h1Cisco NX-OS Softwarenx-os
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-20283
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.22% / 45.02%
||
7 Day CHG+0.06%
Published-03 Apr, 2024 | 16:25
Updated-07 May, 2025 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to learn cluster deployment information on an affected device. This vulnerability is due to improper access controls on a specific API endpoint. An attacker could exploit this vulnerability by sending queries to the API endpoint. A successful exploit could allow an attacker to access metrics and information about devices in the Nexus Dashboard cluster.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_dashboardCisco Nexus Dashboard
CWE ID-CWE-284
Improper Access Control
CVE-2024-20343
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 27.68%
||
7 Day CHG~0.00%
Published-11 Sep, 2024 | 16:38
Updated-12 Sep, 2024 | 12:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software CLI Arbitrary File Read Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the arguments that are passed to a specific CLI command. An attacker could exploit this vulnerability by logging in to an affected device with low-privileged credentials and using the affected command. A successful exploit could allow the attacker access files in read-only mode on the Linux file system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco IOS XR Software
CWE ID-CWE-284
Improper Access Control
CVE-2024-20322
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.08% / 24.23%
||
7 Day CHG~0.00%
Published-13 Mar, 2024 | 16:43
Updated-05 Aug, 2025 | 14:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the access control list (ACL) processing on Pseudowire interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to improper assignment of lookup keys to internal interface contexts. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access resources behind the affected device that were supposed to be protected by a configured ACL.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-8201-32fh-o8122-64ehf-oncs_540-12z20g-sys-a8011-4g24y4h-incs_540-fh-csr-sys8404ncs_57c1-48q6-sysncs_540x-16z8q2c-dios_xrncs_55a1-48q6h8111-32eh-oncs_5502-se8102-64hncs_5516ncs_540x-6z18g-sys-d8101-32h-oncs_5502ncs_55a2-mod-sncs_560-48212-48fh-mncs_55a1-36h-se8201-32fh8201ncs_540-28z4c-sys-dncs_540x-16z4g8q2c-d8608ncs_540-28z4c-sys-ancs_57d2-18dd-sys8202-32fh-mncs_55a2-mod-hd-s8501-sys-mt8700ncs_5508ncs_55a2-mod-se-s8101-32fh-oncs_540x-8z16g-sys-d8202ncs_55a1-24h8101-32fh8818ncs_540-6z14s-sys-dncs_540x-acc-sysncs_540x-6z18g-sys-a8804ncs_540x-8z16g-sys-ancs_560-78122-64eh-o8712-mod-mncs_57b1-6d24-sysncs_540x-16z4g8q2c-ancs_540x-12z16g-sys-dncs_540-6z18g-sys-ancs_540-24z8q2c-sysncs_57c3-mod-sysncs_540-12z20g-sys-dncs_540-fh-aggncs_540-24q2c2dd-sysncs_540x-12z16g-sys-ancs_540x-4z14g2q-dncs_55a1-36h8102-64h-oncs_55a1-24q6h-sncs_540-24q8l2dd-sys88128201-24h8fh8808ncs_55048711-32fh-mncs_540-acc-sysncs_540x-4z14g2q-ancs_5501-sencs_540-6z18g-sys-dncs_57b1-5dse-sysncs_5501ncs_55a1-24q6h-ss8102-28fh-dpu-oCisco IOS XR Softwareios_xr_software
CWE ID-CWE-284
Improper Access Control
CVE-2024-20319
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.02% / 2.73%
||
7 Day CHG~0.00%
Published-13 Mar, 2024 | 16:47
Updated-07 Jul, 2025 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to bypass configured management plane protection policies and access the Simple Network Management Plane (SNMP) server of an affected device. This vulnerability is due to incorrect UDP forwarding programming when using SNMP with management plane protection. An attacker could exploit this vulnerability by attempting to perform an SNMP operation using broadcast as the destination address that could be processed by an affected device that is configured with an SNMP server. A successful exploit could allow the attacker to communicate to the device on the configured SNMP ports. Although an unauthenticated attacker could send UDP datagrams to the configured SNMP port, only an authenticated user can retrieve or modify data using SNMP requests.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Softwareios_xr
CWE ID-CWE-284
Improper Access Control
CVE-2024-20263
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.02% / 3.16%
||
7 Day CHG~0.00%
Published-26 Jan, 2024 | 17:27
Updated-13 Nov, 2024 | 14:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability with the access control list (ACL) management within a stacked switch configuration of Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. This vulnerability is due to incorrect processing of ACLs on a stacked configuration when either the primary or backup switches experience a full stack reload or power cycle. An attacker could exploit this vulnerability by sending crafted traffic through an affected device. A successful exploit could allow the attacker to bypass configured ACLs, causing traffic to be dropped or forwarded in an unexpected manner. The attacker does not have control over the conditions that result in the device being in the vulnerable state. Note: In the vulnerable state, the ACL would be correctly applied on the primary devices but could be incorrectly applied to the backup devices.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sf550x-48mpcbs250-48t-4x_firmwarecbs350-48t-4gcbs350-24mgp-4x_firmwarecbs350-8xtcbs350-8p-2gcbs350-24xtsg350x-24mpsg550x-48p_firmwarecbs250-8p-e-2g_firmwaresg550x-48tcbs250-48p-4x_firmwarecbs250-24pp-4g_firmwarecbs250-8pp-e-2g_firmwarecbs350-48p-4gcbs350-24xts_firmwaresg350x-48_firmwaresg550xg-8f8t_firmwaresg350xg-24tcbs350-12xt_firmwarecbs350-8xt_firmwarecbs350-48ngp-4x_firmwaresg350x-24_firmwaresg550x-48mp_firmwarecbs350-24t-4x_firmwarecbs350-16t-e-2g_firmwarecbs350-48p-4g_firmwaresf550x-24mp_firmwarecbs350-16p-e-2g_firmwarecbs350-24p-4xcbs250-8pp-dsg350x-24mp_firmwarecbs350-24mgp-4xsf550x-48p_firmwaresg550x-48pcbs250-24fp-4gcbs350-8mgp-2xcbs250-24p-4xcbs350-24p-4gcbs250-16p-2g_firmwarecbs350-24xtssg350x-48mp_firmwaresg550xg-24f_firmwarecbs350-48p-4x_firmwarecbs350-16p-2g_firmwarecbs350-24fp-4g_firmwaresg350x-24cbs250-8t-e-2gcbs350-8mp-2x_firmwarecbs350-8fp-e-2gsf550x-48_firmwarecbs350-12xs_firmwarecbs350-16t-e-2gcbs350-48xt-4xsg550xg-8f8tcbs350-12xtcbs350-24p-4g_firmwaresg550xg-24tcbs350-24t-4xcbs350-24s-4g_firmwarecbs350-48fp-4g_firmwarecbs350-24p-4x_firmwarecbs350-16t-2gcbs250-48pp-4gcbs350-48p-4xcbs350-48t-4x_firmwarecbs250-48t-4gcbs350-24t-4g_firmwarecbs350-48t-4xcbs350-24ngp-4x_firmwarecbs350-48xt-4x_firmwarecbs250-16t-2gcbs350-8t-e-2g_firmwarecbs350-8fp-2g_firmwarecbs350-8mgp-2x_firmwarecbs250-24fp-4xsg550x-24_firmwarecbs350-8fp-2gcbs350-48fp-4gcbs250-48p-4g_firmwarecbs350-8s-e-2gcbs250-48t-4g_firmwaresg350xg-48t_firmwarecbs250-8t-dsf550x-48mp_firmwarecbs250-24p-4g_firmwaresf550x-24_firmwaresg350xg-2f10cbs350-24t-4gcbs250-8t-e-2g_firmwaresf550x-48psg550x-24mppsf550x-24sg350xg-24f_firmwarecbs250-24fp-4g_firmwaresg350x-48cbs350-48fp-4xcbs250-16p-2gcbs250-8fp-e-2g_firmwarecbs350-12xssg550x-24mp_firmwarecbs250-24t-4gcbs250-24p-4x_firmwarecbs350-8t-e-2gsg350xg-24t_firmwarecbs250-48p-4xsg550x-48_firmwaresf550x-24p_firmwaresg350x-24p_firmwarecbs350-24fp-4x_firmwaresg550x-24cbs350-24s-4gcbs250-8pp-e-2gcbs350-16t-2g_firmwaresg350xg-2f10_firmwarecbs250-24p-4gcbs250-24t-4x_firmwarecbs350-8p-e-2g_firmwaresg350xg-48tsf550x-48cbs250-24t-4g_firmwaresg550xg-24fcbs350-24xssg350x-48pcbs250-24fp-4x_firmwarecbs350-8mp-2xsg550x-24mpcbs350-16p-e-2gsg550x-48mpcbs350-8p-2g_firmwarecbs350-16fp-2gcbs350-24ngp-4xsf550x-24pcbs350-8p-e-2gcbs350-48fp-4x_firmwarecbs350-24fp-4xcbs250-24pp-4gsg550x-24p_firmwarecbs250-48pp-4g_firmwarecbs250-8p-e-2gcbs350-24fp-4gsg550x-24psg550xg-24t_firmwaresg550x-48t_firmwaresg350x-48mpcbs350-16fp-2g_firmwarecbs350-48ngp-4xsg550x-48sg350x-48p_firmwarecbs250-8t-d_firmwaresg350x-24pcbs250-48t-4xcbs350-8fp-e-2g_firmwaresf550x-24mpcbs250-24t-4xcbs250-8fp-e-2gcbs350-16p-2gsg550x-24mpp_firmwarecbs350-8s-e-2g_firmwarecbs350-48t-4g_firmwaresg350xg-24fcbs350-12np-4x_firmwarecbs350-24xt_firmwarecbs350-12np-4xcbs250-16t-2g_firmwarecbs350-16xtscbs350-16xts_firmwarecbs250-8pp-d_firmwarecbs250-48p-4gcbs350-24xs_firmwareCisco Small Business Smart and Managed Switches
CWE ID-CWE-284
Improper Access Control
CVE-2024-20373
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.91% / 74.82%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 14:52
Updated-01 Aug, 2025 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and Cisco IOS XE SNMP Extended ACL Bypass Vulnerability

A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.  This vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 ACLs that are attached to the SNMP server configuration without a warning message. This can result in no ACL being applied to the SNMP listening process. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP operations that should be denied. The attacker has no control of the SNMP ACL configuration and would still need a valid SNMP version 2c (SNMPv2c) community string or SNMP version 3 (SNMPv3) user credentials. SNMP with IPv6 ACL configurations is not affected. For more information, see the section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xe_sd-wanCisco IOS XE Catalyst SD-WANios_xe_catalyst_sd-wan
CWE ID-CWE-284
Improper Access Control
CVE-2021-34795
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-10||CRITICAL
EPSS-1.26% / 78.54%
||
7 Day CHG~0.00%
Published-04 Nov, 2021 | 15:35
Updated-07 Nov, 2024 | 21:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities

Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol is enabled Perform command injection Modify the configuration For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_pon_switch_cgp-ont-4pv_firmwarecatalyst_pon_switch_cgp-ont-1p_firmwarecatalyst_pon_switch_cgp-ont-4pvcatalyst_pon_switch_cgp-ont-1pcatalyst_pon_switch_cgp-ont-4pvccatalyst_pon_switch_cgp-ont-4pcatalyst_pon_switch_cgp-ont-4pvc_firmwarecatalyst_pon_switch_cgp-ont-4tvcw_firmwarecatalyst_pon_switch_cgp-ont-4tvcwcatalyst_pon_switch_cgp-ont-4p_firmwareCisco Catalyst PON Series
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default
CVE-2020-3284
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.1||HIGH
EPSS-3.82% / 87.67%
||
7 Day CHG~0.00%
Published-06 Nov, 2020 | 18:16
Updated-13 Nov, 2024 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability

A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-a99-rp2-trncs-5502_firmwarencs-55a1-24q6h-sa9k-rsp5-tr_firmwarencs-55a1-24q6h-s_firmwarencs-55a1-36h-s_firmwarea9k-rsp5-se_firmwaren540-24z8q2c-m_firmwarea9k-rsp880-sencs-55a2-mod-s_firmwarencs1001_firmwarea99-rp3-sea99-rsp-se_firmwarea9k-rsp880-lt-se_firmwarencs-55a2-mod-hx-s_firmwarencs-5501ncs5001ncs-55a2-mod-se-s_firmwarencs-5501-sen540-28z4c-sys-a\/d_firmwarea99-rp2-sea9k-rsp880-lt-sea99-rp3-tr_firmwarencs-55a1-36h-sa99-rsp-sencs-5502-se_firmwarencs-55a2-mod-se-sncs-5501_firmwarea9k-rsp880-lt-tra99-rp3-trn540x-12z16g-sys-a\/d_firmwarea99-rsp-trn540-28z4c-sys-a\/dncs-55a2-mod-sncs-55a1-36h-se-s_firmwaren540-acc-sys_firmwarencs-55a1-24h_firmwarencs55-a1-48q6hncs5001_firmwarea9k-rsp880-tra9k-rsp880-se_firmwarea99-rp3-se_firmwarencs1004n540-acc-sysncs1002_firmwarencs5011ncs1001ncs-5502a99-rp2-tr_firmwarencs5002n540x-16z4g8q2c-a\/dncs-55a2-mod-se-h-s_firmwarea99-rsp-tr_firmwarea9k-rsp5-sencs5002_firmwarencs-55a2-mod-hd-snc55-rp-easr-9901-rpasr-9901-rp_firmwarencs-5501-se_firmwarea9k-rsp880-lt-tr_firmwarencs-55a2-mod-hd-s_firmwarenc55-rpios_xra9k-rsp880-tr_firmwaren560-7-sys_firmwaren540-24z8q2c-mn540-12z20g-sys-a\/dn560-4-sys_firmwarencs-55a2-mod-hx-sn560-7-sysncs1004_firmwaren540x-16z4g8q2c-a\/d_firmwarencs5011_firmwarencs1002ncs55-a1-48q6h_firmwarea99-rp2-se_firmwarenc55-rp-e_firmwarencs-5502-sen560-4-sysncs-55a1-24hncs-55a1-36h-se-sn540-12z20g-sys-a\/d_firmwarea9k-rsp5-trncs-55a2-mod-se-h-snc55-rp_firmwaren540x-12z16g-sys-a\/dCisco IOS XR Software
CWE ID-CWE-284
Improper Access Control
CVE-2021-34794
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.36% / 57.45%
||
7 Day CHG~0.00%
Published-27 Oct, 2021 | 18:56
Updated-07 Nov, 2024 | 21:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Access Control Vulnerability

A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to query SNMP data. This vulnerability is due to ineffective access control. An attacker could exploit this vulnerability by sending an SNMPv3 query to an affected device from a host that is not permitted by the SNMPv3 access control list. A successful exploit could allow the attacker to send an SNMP query to an affected device and retrieve information from the device. The attacker would need valid credentials to perform the SNMP query.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_5585-x_firmwareasa_5505_firmwareasa_5580_firmwareasa_5515-xasa_5545-x_firmwareasa_5545-xasa_5525-x_firmwareasa_5505asa_5555-xasa_5580asa_5515-x_firmwareasa_5525-xasa_5555-x_firmwareasa_5585-xasa_5512-x_firmwareasa_5512-xfirepower_threat_defenseCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-284
Improper Access Control
CVE-2015-4302
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.70% / 70.96%
||
7 Day CHG~0.00%
Published-19 Aug, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web interface in Cisco FireSIGHT Management Center 5.3.1.4 allows remote attackers to delete arbitrary system policies via modified parameters in a POST request, aka Bug ID CSCuu25390.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-firesight_system_softwaren/a
CWE ID-CWE-284
Improper Access Control
CVE-2021-34696
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.18% / 40.38%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:25
Updated-07 Nov, 2024 | 21:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco ASR 900 and ASR 920 Series Aggregation Services Routers Access Control List Bypass Vulnerability

A vulnerability in the access control list (ACL) programming of Cisco ASR 900 and ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect programming of hardware when an ACL is configured using a method other than the configuration CLI. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_920-10sz-pdasr_920-24sz-m_rasr_920-12cz-aasr_920-24sz-imasr_907asr_920-12cz-d_rasr_920-4sz-d_rasr_920-24sz-mios_xeasr_903asr_920-4sz-aasr_920-12sz-im_rasr_920-12cz-a_rasr_920-10sz-pd_rasr_920-12cz-dasr_920-24sz-im_rasr_902asr_920-12sz-imasr_920-4sz-a_rasr_920-4sz-dasr_920-24tz-m_rasr_920u-12sz-imasr_920-24tz-mCisco IOS XE Software
CWE ID-CWE-284
Improper Access Control
CVE-2021-34753
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.06% / 17.06%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 16:14
Updated-07 Aug, 2025 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Ethernet Industrial Protocol Policy Bypass Vulnerabilities

A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. This vulnerability is due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit this vulnerability by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should trigger and drop for the ENIP packet.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defense_softwareCisco Firepower Threat Defense Softwarefirepower_threat_defense_software
CWE ID-CWE-284
Improper Access Control
CVE-2021-34724
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.12% / 32.42%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-07 Nov, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_routerasr_1001-x_r1160_integrated_services_routerasr_1002-hxasr_1000_series_route_processor_\(rp2\)asr_1000_series_route_processor_\(rp3\)1100_integrated_services_router1109-2p_integrated_services_routerasr_1001-hx_r4331_integrated_services_router4461_integrated_services_routerasr_1002-hx_rasr_1002-x_rasr_1000-xasr_1009-xasr_1000-esp100asr_1002ios_xe_sd-wan4000_integrated_services_router1000_integrated_services_router1109_integrated_services_routerasr_1004111x_integrated_services_router1120_integrated_services_routerasr_1006-x1111x_integrated_services_routerasr_10134321_integrated_services_routerasr_10231101-4p_integrated_services_router4431_integrated_services_routerasr_10011100-4p_integrated_services_routerasr_1000csr_1000v1100-4g\/6g_integrated_services_router4221_integrated_services_router1111x-8p_integrated_services_routerasr_1000_seriesasr_10061100-8p_integrated_services_router1109-4p_integrated_services_routerasr_1001-x1101_integrated_services_routerasr_1001-hx4451_integrated_services_routerasr_1002-x4351_integrated_services_router422_integrated_services_routerCisco IOS XE SD-WAN Software
CWE ID-CWE-284
Improper Access Control
CVE-2018-15466
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.60% / 68.61%
||
7 Day CHG~0.00%
Published-11 Jan, 2019 | 15:00
Updated-19 Nov, 2024 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Policy Suite Graphite Unauthenticated Read-Only Access Vulnerability

A vulnerability in the Graphite web interface of the Policy and Charging Rules Function (PCRF) of Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access the Graphite web interface. The attacker would need to have access to the internal VLAN where CPS is deployed. The vulnerability is due to lack of authentication. An attacker could exploit this vulnerability by directly connecting to the Graphite web interface. An exploit could allow the attacker to access various statistics and Key Performance Indicators (KPIs) regarding the Cisco Policy Suite environment.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-policy_suite_for_mobileCisco Policy Suite (CPS) Software
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2018-15459
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 34.66%
||
7 Day CHG~0.00%
Published-23 Jan, 2019 | 22:00
Updated-20 Nov, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Privilege Escalation Vulnerability

A vulnerability in the administrative web interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to gain additional privileges on an affected device. The vulnerability is due to improper controls on certain pages in the web interface. An attacker could exploit this vulnerability by authenticating to the device with an administrator account and sending a crafted HTTP request. A successful exploit could allow the attacker to create additional Admin accounts with different user roles. An attacker could then use these accounts to perform actions within their scope. The attacker would need valid Admin credentials for the device. This vulnerability cannot be exploited to add a Super Admin account.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-284
Improper Access Control
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found