Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-1467

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-08 Apr, 2021 | 04:06
Updated At-08 Nov, 2024 | 23:26
Rejected At-
Credits

Cisco Webex Meetings for Android Avatar Modification Vulnerability

A vulnerability in Cisco Webex Meetings for Android could allow an authenticated, remote attacker to modify the avatar of another user. This vulnerability is due to improper authorization checks. An attacker could exploit this vulnerability by sending a crafted request to the Cisco Webex Meetings client of a targeted user of a meeting in which they are both participants. A successful exploit could allow the attacker to modify the avatar of the targeted user.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:08 Apr, 2021 | 04:06
Updated At:08 Nov, 2024 | 23:26
Rejected At:
▼CVE Numbering Authority (CNA)
Cisco Webex Meetings for Android Avatar Modification Vulnerability

A vulnerability in Cisco Webex Meetings for Android could allow an authenticated, remote attacker to modify the avatar of another user. This vulnerability is due to improper authorization checks. An attacker could exploit this vulnerability by sending a crafted request to the Cisco Webex Meetings client of a targeted user of a meeting in which they are both participants. A successful exploit could allow the attacker to modify the avatar of the targeted user.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Webex Meetings
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
CWECWE-284CWE-284
Type: CWE
CWE ID: CWE-284
Description: CWE-284
Metrics
VersionBase scoreBase severityVector
3.14.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-andro-iac-f3UR8frB
vendor-advisory
x_refsource_CISCO
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-andro-iac-f3UR8frB
Resource:
vendor-advisory
x_refsource_CISCO
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-andro-iac-f3UR8frB
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-andro-iac-f3UR8frB
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ykramarz@cisco.com
Published At:08 Apr, 2021 | 04:15
Updated At:07 Nov, 2023 | 03:28

A vulnerability in Cisco Webex Meetings for Android could allow an authenticated, remote attacker to modify the avatar of another user. This vulnerability is due to improper authorization checks. An attacker could exploit this vulnerability by sending a crafted request to the Cisco Webex Meetings client of a targeted user of a meeting in which they are both participants. A successful exploit could allow the attacker to modify the avatar of the targeted user.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.14.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Secondary3.14.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Primary2.04.0MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:N
Type: Primary
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Type: Secondary
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Type: Primary
Version: 2.0
Base score: 4.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:N/I:P/A:N
CPE Matches

Cisco Systems, Inc.
cisco
>>webex_meetings>>Versions before 41.3(exclusive)
cpe:2.3:a:cisco:webex_meetings:*:*:*:*:*:android:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE-284Secondaryykramarz@cisco.com
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-284
Type: Secondary
Source: ykramarz@cisco.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-andro-iac-f3UR8frBykramarz@cisco.com
Vendor Advisory
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-andro-iac-f3UR8frB
Source: ykramarz@cisco.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

371Records found

CVE-2019-1942
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.18% / 40.10%
||
7 Day CHG~0.00%
Published-17 Jul, 2019 | 20:25
Updated-21 Nov, 2024 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Blind SQL Injection Vulnerability

A vulnerability in the sponsor portal web interface for Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input that includes SQL statements to an affected system. A successful exploit could allow the attacker to modify entries in some database tables, affecting the integrity of the data. At the time of publication, this vulnerability affected Cisco ISE running software releases 2.6.0 and prior.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-1906
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.13% / 33.81%
||
7 Day CHG~0.00%
Published-20 Jun, 2019 | 03:10
Updated-21 Nov, 2024 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Prime Infrastructure Virtual Domain Privilege Escalation Vulnerability

A vulnerability in the Virtual Domain system of Cisco Prime Infrastructure (PI) could allow an authenticated, remote attacker to change the virtual domain configuration, which could lead to privilege escalation. The vulnerability is due to improper validation of API requests. An attacker could exploit this vulnerability by manipulating requests sent to an affected PI server. A successful exploit could allow the attacker to change the virtual domain configuration and possibly elevate privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-prime_infrastructureCisco Prime Infrastructure
CWE ID-CWE-264
Not Available
CWE ID-CWE-20
Improper Input Validation
CVE-2019-1851
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.12% / 30.97%
||
7 Day CHG~0.00%
Published-16 May, 2019 | 01:20
Updated-21 Nov, 2024 | 19:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Arbitrary Client Certificate Creation Vulnerability

A vulnerability in the External RESTful Services (ERS) API of the Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to generate arbitrary certificates signed by the Internal Certificate Authority (CA) Services on ISE. This vulnerability is due to an incorrect implementation of role-based access control (RBAC). An attacker could exploit this vulnerability by crafting a specific HTTP request with administrative credentials. A successful exploit could allow the attacker to generate a certificate that is signed and trusted by the ISE CA with arbitrary attributes. The attacker could use this certificate to access other networks or assets that are protected by certificate authentication.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-285
Improper Authorization
CVE-2019-1765
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.1||HIGH
EPSS-0.13% / 33.36%
||
7 Day CHG~0.00%
Published-22 Mar, 2019 | 20:05
Updated-21 Nov, 2024 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IP Phone 8800 Series Path Traversal Vulnerability

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level permissions. An attacker could exploit this vulnerability by uploading invalid files to an affected device. A successful exploit could allow the attacker to write files in arbitrary locations on the filesystem. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ip_phone_8821-ex_firmwareip_phone_8821ip_conference_phone_8832_firmwareip_phone_8800ip_conference_phone_8832ip_phone_8821_firmwareip_phone_8821-exip_phone_8800_firmwareCisco Wireless IP Phone 8821 and 8821-EXCisco IP Conference Phone 8832 and the rest of the IP Phone 8800 Series
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2019-1679
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.14% / 34.09%
||
7 Day CHG~0.00%
Published-07 Feb, 2019 | 21:00
Updated-21 Nov, 2024 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server REST API Server-Side Request Forgery Vulnerability

A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to trigger an HTTP request from an affected server to an arbitrary host. This type of attack is commonly referred to as server-side request forgery (SSRF). The vulnerability is due to insufficient access controls for the REST API of Cisco Expressway Series and Cisco TelePresence VCS. An attacker could exploit this vulnerability by submitting a crafted HTTP request to the affected server. Versions prior to XC4.3.4 are affected.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-telepresence_conductortelepresence_video_communication_serverCisco TelePresence ConductorCisco Expressway SeriesCisco TelePresence Video Communication Server
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-20151
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.06% / 18.37%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 17:18
Updated-08 May, 2025 | 14:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability

A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is removed from the configuration. This vulnerability exists because of the way that the SNMPv3 configuration is stored in the Cisco IOS Software and Cisco IOS XE Software startup configuration. An attacker could exploit this vulnerability by polling an affected device from a source address that should have been denied. A successful exploit could allow the attacker to perform SNMP operations from a source that should be denied. Note: The attacker has no control of the SNMPv3 configuration. To exploit this vulnerability, the attacker must have valid SNMPv3 user credentials. For more information, see the section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco IOS XE Catalyst SD-WAN
CVE-2019-12619
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.26% / 49.60%
||
7 Day CHG~0.00%
Published-26 Jan, 2020 | 04:25
Updated-15 Nov, 2024 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Solution SQL Injection Vulnerability

A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input that includes SQL statements to an affected system. A successful exploit could allow the attacker to modify entries in some database tables, affecting the integrity of the data.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_100mvedge-5000vedge-100bvedge-2000sd-wan_firmwarevedge-100vedge-1000vedge_100wmCisco SD-WAN Solution
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-20965
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.02% / 4.72%
||
7 Day CHG~0.00%
Published-18 Jan, 2023 | 17:44
Updated-03 Aug, 2024 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to take privileges actions within the web-based management interface. This vulnerability is due to improper access control on a feature within the web-based management interface of the affected system. An attacker could exploit this vulnerability by accessing features through direct requests, bypassing checks within the application. A successful exploit could allow the attacker to take privileged actions within the web-based management interface that should be otherwise restricted. {{value}} ["%7b%7bvalue%7d%7d"])}]]

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-648
Incorrect Use of Privileged APIs
CVE-2018-0284
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.45% / 62.51%
||
7 Day CHG~0.00%
Published-08 Nov, 2018 | 16:00
Updated-26 Nov, 2024 | 14:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Meraki Local Status Page Privilege Escalation Vulnerability

A vulnerability in the local status page functionality of the Cisco Meraki MR, MS, MX, Z1, and Z3 product lines could allow an authenticated, remote attacker to modify device configuration files. The vulnerability occurs when handling requests to the local status page. An exploit could allow the attacker to establish an interactive session to the device with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device that is being exploited.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-meraki_z3meraki_z1meraki_msmeraki_mx_15_firmwaremeraki_mx_13_firmwaremeraki_mx_14_firmwaremeraki_ms_9_firmwaremeraki_mrmeraki_mr_24_firmwaremeraki_mxmeraki_mr_25_firmwaremeraki_ms_10_firmwareCisco Meraki M5Cisco Meraki Z3Cisco Meraki Z1Cisco Meraki MRCisco Meraki MX
CWE ID-CWE-264
Not Available
CVE-2018-0196
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.14% / 35.03%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-02 Dec, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to write arbitrary files to the operating system of an affected device. The vulnerability is due to insufficient input validation of HTTP requests that are sent to the web UI of the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web UI of the affected software. A successful exploit could allow the attacker to write arbitrary files to the operating system of an affected device. Cisco Bug IDs: CSCvb22645.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xeCisco IOS XE
CWE ID-CWE-20
Improper Input Validation
CVE-2017-6774
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.25% / 47.85%
||
7 Day CHG~0.00%
Published-17 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system files. The vulnerability is due to the inclusion of sensitive system files within specific FTP subdirectories. An attacker could exploit this vulnerability by overwriting sensitive configuration files through FTP. An exploit could allow the attacker to overwrite configuration files on an affected system. Cisco Bug IDs: CSCvd47739. Known Affected Releases: 21.0.v0.65839.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_5000_softwareStarOS for ASR 5000 Series Aggregated Services Routers
CWE ID-CWE-552
Files or Directories Accessible to External Parties
CVE-2017-6637
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.14% / 77.50%
||
7 Day CHG~0.00%
Published-22 May, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to delete any file from an affected system. The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to delete any file from the system. Cisco Bug IDs: CSCvc99618.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-prime_collaboration_provisioningCisco Prime Collaboration Provisioning
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-264
Not Available
CVE-2017-6785
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.17% / 38.74%
||
7 Day CHG~0.00%
Published-17 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in configuration modification permissions validation for Cisco Unified Communications Manager could allow an authenticated, remote attacker to perform a horizontal privilege escalation where one user can modify another user's configuration. The vulnerability is due to lack of proper Role Based Access Control (RBAC) when certain user configuration changes are requested. An attacker could exploit this vulnerability by sending an authenticated, crafted HTTP request to the targeted application. An exploit could allow the attacker to impact the integrity of the application where one user can modify the configuration of another user's information. Cisco Bug IDs: CSCve27331. Known Affected Releases: 10.5(2.10000.5), 11.0(1.10000.10), 11.5(1.10000.6).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unified_communications_managerUnified Communications Manager
CWE ID-CWE-20
Improper Input Validation
CVE-2017-6690
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.17% / 38.00%
||
7 Day CHG~0.00%
Published-13 Jun, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify arbitrary files on an affected system. More Information: CSCvd73726. Known Affected Releases: 21.0.v0.65839 21.3.M0.67005. Known Fixed Releases: 21.4.A0.67087 21.4.A0.67079 21.4.A0.67013 21.3.M0.67084 21.3.M0.67077 21.3.M0.66994 21.3.J0.66993 21.1.v0.67082 21.1.V0.67083.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asr_5000_softwareasr_5000Cisco StarOS
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34786
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 44.21%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 05:01
Updated-07 Nov, 2024 | 22:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco BroadWorks CommPilot Application Software Vulnerabilities

Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-broadworks_commpilot_application_softwareCisco BroadWorks
CWE ID-CWE-620
Unverified Password Change
CWE ID-CWE-287
Improper Authentication
CVE-2021-1522
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.11% / 30.82%
||
7 Day CHG~0.00%
Published-04 Aug, 2021 | 17:20
Updated-07 Nov, 2024 | 22:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Connected Mobile Experiences Strong Authentication Requirements Enforcement Bypass

A vulnerability in the change password API of Cisco Connected Mobile Experiences (CMX) could allow an authenticated, remote attacker to alter their own password to a value that does not comply with the strong authentication requirements that are configured on an affected device. This vulnerability exists because a password policy check is incomplete at the time a password is changed at server side using the API. An attacker could exploit this vulnerability by sending a specially crafted API request to the affected device. A successful exploit could allow the attacker to change their own password to a value that does not comply with the configured strong authentication requirements.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-connected_mobile_experiencesCisco Connected Mobile Experiences
CWE ID-CWE-255
Not Available
CWE ID-CWE-521
Weak Password Requirements
CVE-2021-1399
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.07% / 22.32%
||
7 Day CHG~0.00%
Published-08 Apr, 2021 | 04:05
Updated-08 Nov, 2024 | 23:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Unified Communications Manager Self Care Portal Authorization Bypass Vulnerability

A vulnerability in the Self Care Portal of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to modify data on an affected system without proper authorization. The vulnerability is due to insufficient validation of user-supplied data to the Self Care Portal. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to modify information without proper authorization.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unified_communications_managerCisco Unified Communications Manager
CWE ID-CWE-302
Authentication Bypass by Assumed-Immutable Data
CVE-2020-3308
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.08% / 24.24%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:50
Updated-26 Nov, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Signature Verification Bypass Vulnerability

A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_firewall_management_centerfirepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2018-0393
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.13% / 32.71%
||
7 Day CHG~0.00%
Published-18 Jul, 2018 | 23:00
Updated-29 Nov, 2024 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite could allow an authenticated, remote attacker to make policy changes in the Policy Builder interface. The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by accessing the Policy Builder interface and modifying an HTTP request. A successful exploit could allow the attacker to make changes to existing policies. Cisco Bug IDs: CSCvi35007.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-mobility_services_engine_3310_firmwaremobility_services_engine_3355_firmwaremobility_services_engine_3310mobility_services_engine_3355mobility_services_engine_3365mobility_services_engine_3365_firmwareCisco Policy Suite unknown
CWE ID-CWE-285
Improper Authorization
CVE-2015-6413
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4||MEDIUM
EPSS-0.17% / 38.69%
||
7 Day CHG~0.00%
Published-13 Dec, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 allows remote authenticated users to bypass intended read-only restrictions and upload Tandberg Linux Package (TLP) files by visiting an administrative page, aka Bug ID CSCuw55651.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_video_communication_server_softwaren/a
CVE-2009-2631
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-6.8||MEDIUM
EPSS-0.88% / 74.39%
||
7 Day CHG~0.00%
Published-04 Dec, 2009 | 11:00
Updated-16 Jun, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Clientless SSL VPN products break web browser domain-based security models

Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN's domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design

Action-Not Available
Vendor-aladdinstonesoftSonicWall Inc.Cisco Systems, Inc.Palo Alto Networks, Inc.
Product-safenet_securewire_access_gatewaye-class_ssl_vpnstonegateadaptive_security_appliancessl_vpnAdaptive Security Appliance Web SSL VPNPAN OS Web SSL VPN
CWE ID-CWE-284
Improper Access Control
CVE-2023-20260
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.02% / 3.75%
||
7 Day CHG~0.00%
Published-17 Jan, 2024 | 16:57
Updated-13 Nov, 2024 | 19:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An attacker could exploit this vulnerability by issuing a command on the CLI with malicious options. A successful exploit could allow the attacker to gain the escalated privileges of the root user on the underlying operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-prime_infrastructureevolved_programmable_network_managerCisco Prime InfrastructureCisco Evolved Programmable Network Manager (EPNM)
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2023-20224
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.40%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 21:43
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient input validation of user-supplied CLI arguments. An attacker could exploit this vulnerability by authenticating to an affected device and using crafted commands at the prompt. A successful exploit could allow the attacker to execute arbitrary commands as root. The attacker must have valid credentials on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-thousandeyes_enterprise_agentCisco ThousandEyes Recorder Application
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2023-20230
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.4||MEDIUM
EPSS-0.19% / 40.62%
||
7 Day CHG~0.00%
Published-23 Aug, 2023 | 18:21
Updated-01 Oct, 2024 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies (for example, access policies) created by users associated with a different security domain on an affected system. This vulnerability is due to improper access control when restricted security domains are used to implement multi-tenancy for policies outside the tenant boundaries. An attacker with a valid user account associated with a restricted security domain could exploit this vulnerability. A successful exploit could allow the attacker to read, modify, or delete policies created by users associated with a different security domain. Exploitation is not possible for policies under tenants that an attacker has no authorization to access.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-application_policy_infrastructure_controllerCisco Application Policy Infrastructure Controller (APIC)
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-20191
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.03% / 7.92%
||
7 Day CHG~0.00%
Published-13 Sep, 2023 | 16:41
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incomplete support for this feature. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device. There are workarounds that address this vulnerability. This advisory is part of the September 2023 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2023 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication .

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Software
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-20223
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.17% / 38.60%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 17:20
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco DNA Center could allow an unauthenticated, remote attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control enforcement on API requests. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-dna_centerCisco Digital Network Architecture Center (DNA Center)
CWE ID-CWE-284
Improper Access Control
CVE-2023-20267
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4||MEDIUM
EPSS-0.01% / 1.02%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 17:16
Updated-21 Nov, 2024 | 21:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restriction. A successful exploit could allow the attacker to bypass location-based IP address restrictions.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-284
Improper Access Control
CVE-2023-20261
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.12% / 32.24%
||
7 Day CHG~0.00%
Published-18 Oct, 2023 | 16:27
Updated-12 Jun, 2025 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system. This vulnerability is due to improper validation of parameters that are sent to the web UI. An attacker could exploit this vulnerability by logging in to Cisco Catalyst SD-WAN Manager and issuing crafted requests using the web UI. A successful exploit could allow the attacker to obtain arbitrary files from the underlying Linux file system of an affected system. To exploit this vulnerability, the attacker must be an authenticated user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_sd-wan_managerCisco SD-WAN vManage
CWE ID-CWE-284
Improper Access Control
CVE-2023-20237
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.05% / 15.30%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 21:00
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible. This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker access to internal subnets beyond the sphere of their intended access level.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-intersight_virtual_applianceintersight_assistintersight_connected_virtual_applianceintersight_private_virtual_applianceCisco Intersight Virtual Appliance
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-20065
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.51%
||
7 Day CHG~0.00%
Published-23 Mar, 2023 | 00:00
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_920-10sz-pdcatalyst_3850asr_907catalyst_9500hcatalyst_3850-16xs-scatalyst_3850-48pw-sasr_1000-esp200-xcatalyst_9300l-24t-4x-acatalyst_9300-48un-e4331_integrated_services_routercg522-easr_90064461_integrated_services_routercatalyst_9300-48p-acatalyst_9300-24s-aasr_901s-3sg-f-dasr_1000-esp100-xcatalyst_9300l-48t-4x-aasr_920-12sz-imcatalyst_8300catalyst_8500-4qccatalyst_3850-48u-lcatalyst_9800-80_wireless_controlleress-3300-ncp-acatalyst_8300-1n1s-6t8101-32fhcatalyst_9300l-24t-4g-easr_920-12cz-a_rcatalyst_3850-48xscatalyst_9800-clcatalyst_9300-48p-e1131_integrated_services_routercatalyst_9300-48t-ecatalyst_9600xcatalyst_3850-24xu-eess-3300-24t-con-e9800-40catalyst_9600catalyst_3850-48u-scatalyst_3850-16xs-ecatalyst_8510msrcatalyst_9200lcatalyst_3850-24xucatalyst_9300-48uxm-e1109_integrated_services_routercatalyst_9400catalyst_3850-48t-l1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_9600_supervisor_engine-1ess-3300-24t-con-acatalyst_9800-40catalyst_9300l-48p-4x-acatalyst_9800catalyst_9300-48u-aasr_902u1100-4p_integrated_services_routerasr_903asr_9920asr_9906catalyst_ie3200_rugged_switchcatalyst_3850-48t-ecg418-e1101_integrated_services_routerasr_920-24tz-m_r8101-32hasr_920-24sz-m_ress-3300-24t-ncp-acatalyst_3850-12s-sasr_9010asr_920-4sz-d_rcatalyst_3850-24u-sasr_99021100_integrated_services_routerasr_901-4c-ft-dcatalyst_9300l-24t-4x-ecatalyst_9800-40_wireless_controllerasr_1002-hx_rasr_1006-xasr_920-12cz-acatalyst_9300l-24p-4g-aess-3300-24t-ncp-easr_901-12c-ft-dcatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_3850-32xs-scatalyst_9500asr_9001asr_901s-3sg-f-ah4221_integrated_services_routercatalyst_3850-48f-lcatalyst_3850-24xu-lcatalyst_ie3400_heavy_duty_switchcatalyst_3850-24s-scatalyst_9300-48s-easr_1002-xasr_920-12cz-d_r8800_18-slotcatalyst_9300lcatalyst_ie3400_rugged_switch4451-x_integrated_services_routercatalyst_3850-48p-scatalyst_ie9300catalyst_8510csrasr_1002-hx1109-2p_integrated_services_routercatalyst_9200cxasr_920-10sz-pd_rcatalyst_8200asr_1000-esp100catalyst_9300-48t-acatalyst_3850-12s-ecatalyst_8500asr_920u-12sz-im8831catalyst_3850-24t-easr_900asr_901-6cz-ft-a4321_integrated_services_routercatalyst_3850-24xs-scatalyst_8300-1n1s-4t2x8804catalyst_ie3300_rugged_switchasr_1000catalyst_3850-48p-lcatalyst_8300-2n2s-4t2xasr_920-12sz-im_r88081100-8p_integrated_services_routercatalyst_9410rcatalyst_3850-nm-8-10gasr_901-12c-f-dcatalyst_3850-12xs-easr_901s-2sg-f-ahcatalyst_8540csrcatalyst_3850-32xs-e1100-6g_integrated_services_routercatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_9300l-48p-4g-ecatalyst_9300l-48t-4g-easr_9148202catalyst_3850-24p-scatalyst_3850-24u9800-lcatalyst_9300l_stackasr_920-12cz-dcatalyst_9300l-24p-4g-easr_920-4sz-d111x_integrated_services_routercatalyst_9800-l8201-32fhasr_1013catalyst_8540msrasr_920-24sz-imcatalyst_3850-nm-2-40gcbr-8catalyst_9300lmcatalyst_9300-24t-easr_9000vcatalyst_3850-48t-scatalyst_9407rcatalyst_3850-24pw-scatalyst_3850-24t-scatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_9800_embedded_wireless_controllercatalyst_9200catalyst_9300l-48p-4g-a1160_integrated_services_routercatalyst_9300l-48t-4g-aasr_920-24sz-mintegrated_services_virtual_routerasr_920-4sz-acatalyst_ie3200catalyst_3850-48p-ecatalyst_9800-80catalyst_8300-2n2s-6tasr_920-4sz-a_rcatalyst_9300l-48p-4x-eess-3300-con-aasr_901-6cz-ft-dasr_901-6cz-f-dess-3300-ncp-easr_9000catalyst_8500lcatalyst_9300-24s-ecatalyst_9300-48u-e1101-4p_integrated_services_routercatalyst_9300-48s-acatalyst_3850-24p-easr_1006catalyst_3850-48xs-f-scatalyst_9300-24t-acatalyst_9300l-24p-4x-acatalyst_9300asr_920-24sz-im_rcatalyst_3850-24xu-s4451_integrated_services_routerasr_9901catalyst_3850-24xs-ecatalyst_9400_supervisor_engine-1ess-3300-con-ecatalyst_ie3400catalyst_3850-24u-lcatalyst_9300l-24t-4g-a9800-clcatalyst_3850-48f-sasr_901-4c-f-d8800_8-slotasr_1001-hx_rcatalyst_9800-l-ccatalyst_3850-48f-e4000_integrated_services_router1000_integrated_services_routercatalyst_9300-48uxm-aasr_102388128818catalyst_9300-24p-aasr_1001esr6300catalyst_3850-48xs-easr_9904catalyst_9300-24u-acatalyst_3850-48uasr_1001-hxcatalyst_ie33008102-64hasr_1009-x8201catalyst_9300-24u-easr_901-6cz-f-acatalyst_3850-12x48ucatalyst_9300xcatalyst_9300-48un-aasr_1001-x_rasr_901-6cz-fs-dcatalyst_9300-24p-easr_1002-x_rasr_901s-4sg-f-dcatalyst_3850-48xs-f-easr_1002catalyst_9800-l-fasr_902asr_1004catalyst_9300l-48t-4x-ecatalyst_3850-24p-l1120_integrated_services_routercatalyst_3850-24xsasr_99038800_4-slotess9300-10x-e4431_integrated_services_router9800-80asr_901-6cz-fs-acatalyst_3850-24u-ecatalyst_3850-48xs-sios_xe1111x-8p_integrated_services_routerasr_9910asr_9912asr_99221109-4p_integrated_services_router8800_12-slotasr_1001-xasr_901s-2sg-f-dcatalyst_9300-24ux-e4351_integrated_services_routerasr_920-24tz-mCisco IOS XE Software
CWE ID-CWE-284
Improper Access Control
CVE-2022-20762
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.57%
||
7 Day CHG~0.00%
Published-06 Apr, 2022 | 18:13
Updated-06 Nov, 2024 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure Privilege Escalation Vulnerability

A vulnerability in the Common Execution Environment (CEE) ConfD CLI of Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure (SMI) software could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to insufficient access control in the affected CLI. An attacker could exploit this vulnerability by authenticating as a CEE ConfD CLI user and executing a specific CLI command. A successful exploit could allow an attacker to access privileged containers with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ultra_cloud_core_-_subscriber_microservices_infrastructureCisco Ultra Cloud Core - Subscriber Microservices Infrastructure
CWE ID-CWE-284
Improper Access Control
CVE-2022-20728
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.01% / 1.04%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 18:45
Updated-06 Nov, 2024 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Access Points VLAN Bypass from Native VLAN Vulnerability

A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are destined to a wireless client if they are received on the native VLAN. An attacker could exploit this vulnerability by obtaining access to the native VLAN and directing traffic directly to the client through their MAC/IP combination. A successful exploit could allow the attacker to bypass VLAN separation and potentially also bypass any Layer 3 protection mechanisms that are deployed.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-aironet_1562icatalyst_9130ax_firmwareaironet_1850ecatalyst_iw6300aironet_1830_firmwarecatalyst_9105ax_firmwareaironet_3800ecatalyst_9117ax_firmwareaironet_1815taironet_3800i_firmwarecatalyst_9124ax_firmwareaironet_1562eaironet_3800e_firmwarecatalyst_9115ax_firmwareaironet_2800i_firmwareaironet_1542iaironet_2800iaironet_3800paironet_1830aironet_1815i_firmwareaironet_3800p_firmwareaironet_1850e_firmwareaironet_1815icatalyst_9105axaironet_1815waironet_4800aironet_1542daironet_4800_firmwareaironet_1850i_firmwareaironet_1815w_firmwarecatalyst_9115axaironet_1542i_firmwareaironet_1815m_firmwareaironet_1840_firmwareaironet_1562dcatalyst_iw6300_firmwarecatalyst_9120axaironet_1562d_firmwareaironet_1815t_firmwareaironet_2800e_firmwareaironet_3800icatalyst_9117axcatalyst_9120ax_firmwareaironet_1840catalyst_9130axaironet_1850iaironet_1562e_firmwareaironet_1562i_firmwareaironet_1815maironet_2800ecatalyst_9124axaironet_1542d_firmwareCisco Aironet Access Point Software (IOS XE Controller)
CWE ID-CWE-284
Improper Access Control
CVE-2022-20777
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-9.9||CRITICAL
EPSS-13.77% / 94.02%
||
7 Day CHG~0.00%
Published-04 May, 2022 | 17:05
Updated-06 Nov, 2024 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Enterprise NFV Infrastructure Software Vulnerabilities

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an attacker to escape from the guest virtual machine (VM) to the host machine, inject commands that execute at the root level, or leak system data from the host to the VM. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-enterprise_nfv_infrastructure_softwareCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-284
Improper Access Control
CVE-2017-12340
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.2||MEDIUM
EPSS-0.05% / 14.61%
||
7 Day CHG~0.00%
Published-30 Nov, 2017 | 09:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco NX-OS System Software running on Cisco MDS Multilayer Director Switches, Cisco Nexus 7000 Series Switches, and Cisco Nexus 7700 Series Switches could allow an authenticated, local attacker to access the Bash shell of an affected device's operating system, even if the Bash shell is disabled on the system. The vulnerability is due to insufficient sanitization of user-supplied parameters that are passed to certain functions of the Python scripting sandbox of the affected system. An attacker could exploit this vulnerability to escape the scripting sandbox and enter the Bash shell of the operating system with the privileges of the authenticated user for the affected system. To exploit this vulnerability, the attacker must have local access to the affected system and be authenticated to the affected system with administrative or Python execution privileges. Cisco Bug IDs: CSCvd86513.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-nx-osCisco Multilayer Director, Nexus 7000 Series, and Nexus 7700 Series Switches
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CWE ID-CWE-284
Improper Access Control
CVE-2020-3122
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.03% / 8.55%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 18:22
Updated-31 Jul, 2025 | 19:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Content Security Management Appliance Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to obtain sensitive network information.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_email_and_web_manager_m690xsecure_email_and_web_manager_m195asyncossecure_email_and_web_manager_m695secure_email_and_web_manager_m380secure_email_and_web_manager_m680secure_email_and_web_manager_m190secure_email_and_web_manager_m390secure_email_and_web_manager_m390xsecure_email_and_web_manager_m395secure_email_and_web_manager_m170secure_email_and_web_manager_m690Cisco IronPort Security Management ApplianceCisco Secure Email and Web Manager
CWE ID-CWE-284
Improper Access Control
CVE-2024-20263
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.02% / 3.18%
||
7 Day CHG~0.00%
Published-26 Jan, 2024 | 17:27
Updated-13 Nov, 2024 | 14:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability with the access control list (ACL) management within a stacked switch configuration of Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. This vulnerability is due to incorrect processing of ACLs on a stacked configuration when either the primary or backup switches experience a full stack reload or power cycle. An attacker could exploit this vulnerability by sending crafted traffic through an affected device. A successful exploit could allow the attacker to bypass configured ACLs, causing traffic to be dropped or forwarded in an unexpected manner. The attacker does not have control over the conditions that result in the device being in the vulnerable state. Note: In the vulnerable state, the ACL would be correctly applied on the primary devices but could be incorrectly applied to the backup devices.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sf550x-48mpcbs250-48t-4x_firmwarecbs350-48t-4gcbs350-24mgp-4x_firmwarecbs350-8xtcbs350-8p-2gcbs350-24xtsg350x-24mpsg550x-48p_firmwarecbs250-8p-e-2g_firmwaresg550x-48tcbs250-48p-4x_firmwarecbs250-24pp-4g_firmwarecbs250-8pp-e-2g_firmwarecbs350-48p-4gcbs350-24xts_firmwaresg350x-48_firmwaresg550xg-8f8t_firmwaresg350xg-24tcbs350-12xt_firmwarecbs350-8xt_firmwarecbs350-48ngp-4x_firmwaresg350x-24_firmwaresg550x-48mp_firmwarecbs350-24t-4x_firmwarecbs350-16t-e-2g_firmwarecbs350-48p-4g_firmwaresf550x-24mp_firmwarecbs350-16p-e-2g_firmwarecbs350-24p-4xcbs250-8pp-dsg350x-24mp_firmwarecbs350-24mgp-4xsf550x-48p_firmwaresg550x-48pcbs250-24fp-4gcbs350-8mgp-2xcbs250-24p-4xcbs350-24p-4gcbs250-16p-2g_firmwarecbs350-24xtssg350x-48mp_firmwaresg550xg-24f_firmwarecbs350-48p-4x_firmwarecbs350-16p-2g_firmwarecbs350-24fp-4g_firmwaresg350x-24cbs250-8t-e-2gcbs350-8mp-2x_firmwarecbs350-8fp-e-2gsf550x-48_firmwarecbs350-12xs_firmwarecbs350-16t-e-2gcbs350-48xt-4xsg550xg-8f8tcbs350-12xtcbs350-24p-4g_firmwaresg550xg-24tcbs350-24t-4xcbs350-24s-4g_firmwarecbs350-48fp-4g_firmwarecbs350-24p-4x_firmwarecbs350-16t-2gcbs250-48pp-4gcbs350-48p-4xcbs350-48t-4x_firmwarecbs250-48t-4gcbs350-24t-4g_firmwarecbs350-48t-4xcbs350-24ngp-4x_firmwarecbs350-48xt-4x_firmwarecbs250-16t-2gcbs350-8t-e-2g_firmwarecbs350-8fp-2g_firmwarecbs350-8mgp-2x_firmwarecbs250-24fp-4xsg550x-24_firmwarecbs350-8fp-2gcbs350-48fp-4gcbs250-48p-4g_firmwarecbs350-8s-e-2gcbs250-48t-4g_firmwaresg350xg-48t_firmwarecbs250-8t-dsf550x-48mp_firmwarecbs250-24p-4g_firmwaresf550x-24_firmwaresg350xg-2f10cbs350-24t-4gcbs250-8t-e-2g_firmwaresf550x-48psg550x-24mppsf550x-24sg350xg-24f_firmwarecbs250-24fp-4g_firmwaresg350x-48cbs350-48fp-4xcbs250-16p-2gcbs250-8fp-e-2g_firmwarecbs350-12xssg550x-24mp_firmwarecbs250-24t-4gcbs250-24p-4x_firmwarecbs350-8t-e-2gsg350xg-24t_firmwarecbs250-48p-4xsg550x-48_firmwaresf550x-24p_firmwaresg350x-24p_firmwarecbs350-24fp-4x_firmwaresg550x-24cbs350-24s-4gcbs250-8pp-e-2gcbs350-16t-2g_firmwaresg350xg-2f10_firmwarecbs250-24p-4gcbs250-24t-4x_firmwarecbs350-8p-e-2g_firmwaresg350xg-48tsf550x-48cbs250-24t-4g_firmwaresg550xg-24fcbs350-24xssg350x-48pcbs250-24fp-4x_firmwarecbs350-8mp-2xsg550x-24mpcbs350-16p-e-2gsg550x-48mpcbs350-8p-2g_firmwarecbs350-16fp-2gcbs350-24ngp-4xsf550x-24pcbs350-8p-e-2gcbs350-48fp-4x_firmwarecbs350-24fp-4xcbs250-24pp-4gsg550x-24p_firmwarecbs250-48pp-4g_firmwarecbs250-8p-e-2gcbs350-24fp-4gsg550x-24psg550xg-24t_firmwaresg550x-48t_firmwaresg350x-48mpcbs350-16fp-2g_firmwarecbs350-48ngp-4xsg550x-48sg350x-48p_firmwarecbs250-8t-d_firmwaresg350x-24pcbs250-48t-4xcbs350-8fp-e-2g_firmwaresf550x-24mpcbs250-24t-4xcbs250-8fp-e-2gcbs350-16p-2gsg550x-24mpp_firmwarecbs350-8s-e-2g_firmwarecbs350-48t-4g_firmwaresg350xg-24fcbs350-12np-4x_firmwarecbs350-24xt_firmwarecbs350-12np-4xcbs250-16t-2g_firmwarecbs350-16xtscbs350-16xts_firmwarecbs250-8pp-d_firmwarecbs250-48p-4gcbs350-24xs_firmwareCisco Small Business Smart and Managed Switches
CWE ID-CWE-284
Improper Access Control
CVE-2022-20918
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.13% / 32.87%
||
7 Day CHG~0.00%
Published-10 Nov, 2022 | 17:29
Updated-26 Nov, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Simple Network Management Protocol (SNMP) access controls for Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module, Cisco Firepower Management Center (FMC) Software, and Cisco Next-Generation Intrusion Prevention System (NGIPS) Software could allow an unauthenticated, remote attacker to perform an SNMP GET request using a default credential. This vulnerability is due to the presence of a default credential for SNMP version 1 (SNMPv1) and SNMP version 2 (SNMPv2). An attacker could exploit this vulnerability by sending an SNMPv1 or SNMPv2 GET request to an affected device. A successful exploit could allow the attacker to retrieve sensitive information from the device using the default credential. This attack will only be successful if SNMP is configured, and the attacker can only perform SNMP GET requests; write access using SNMP is not allowed.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_firewall_management_centerfirepower_services_software_for_asaCisco Firepower Management CenterCisco FirePOWER Services Software for ASA
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-287
Improper Authentication
CVE-2024-20261
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.19% / 41.25%
||
7 Day CHG~0.00%
Published-22 May, 2024 | 16:53
Updated-30 Jul, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a logic error when a specific class of encrypted archive files is inspected. An attacker could exploit this vulnerability by sending a crafted, encrypted archive file through the affected device. A successful exploit could allow the attacker to send an encrypted archive file, which could contain malware and should have been blocked and dropped at the Cisco FTD device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Softwarefirepower_management_center
CWE ID-CWE-284
Improper Access Control
CVE-2024-20397
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.2||MEDIUM
EPSS-0.07% / 21.81%
||
7 Day CHG~0.00%
Published-04 Dec, 2024 | 16:13
Updated-08 Apr, 2025 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Image Verification Bypass Vulnerability

A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification.  This vulnerability is due to insecure bootloader settings. An attacker could exploit this vulnerability by executing a series of bootloader commands. A successful exploit could allow the attacker to bypass NX-OS image signature verification and load unverified software.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco NX-OS SoftwareCisco Unified Computing System (Managed)Cisco NX-OS System Software in ACI Mode
CWE ID-CWE-284
Improper Access Control
CVE-2024-20315
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.03% / 7.92%
||
7 Day CHG~0.00%
Published-13 Mar, 2024 | 16:45
Updated-15 Apr, 2025 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to improper assignment of lookup keys to internal interface contexts. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access resources behind the affected device that were supposed to be protected by a configured ACL.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco IOS XR Softwareios_xr_software
CWE ID-CWE-284
Improper Access Control
CVE-2024-20373
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.91% / 74.84%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 14:52
Updated-01 Aug, 2025 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and Cisco IOS XE SNMP Extended ACL Bypass Vulnerability

A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.  This vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 ACLs that are attached to the SNMP server configuration without a warning message. This can result in no ACL being applied to the SNMP listening process. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP operations that should be denied. The attacker has no control of the SNMP ACL configuration and would still need a valid SNMP version 2c (SNMPv2c) community string or SNMP version 3 (SNMPv3) user credentials. SNMP with IPv6 ACL configurations is not affected. For more information, see the section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xe_sd-wanCisco IOS XE Catalyst SD-WANios_xe_catalyst_sd-wan
CWE ID-CWE-284
Improper Access Control
CVE-2024-20319
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.02% / 2.77%
||
7 Day CHG~0.00%
Published-13 Mar, 2024 | 16:47
Updated-07 Jul, 2025 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to bypass configured management plane protection policies and access the Simple Network Management Plane (SNMP) server of an affected device. This vulnerability is due to incorrect UDP forwarding programming when using SNMP with management plane protection. An attacker could exploit this vulnerability by attempting to perform an SNMP operation using broadcast as the destination address that could be processed by an affected device that is configured with an SNMP server. A successful exploit could allow the attacker to communicate to the device on the configured SNMP ports. Although an unauthenticated attacker could send UDP datagrams to the configured SNMP port, only an authenticated user can retrieve or modify data using SNMP requests.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Softwareios_xr
CWE ID-CWE-284
Improper Access Control
CVE-2024-20322
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.08% / 24.26%
||
7 Day CHG~0.00%
Published-13 Mar, 2024 | 16:43
Updated-05 Aug, 2025 | 14:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the access control list (ACL) processing on Pseudowire interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to improper assignment of lookup keys to internal interface contexts. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access resources behind the affected device that were supposed to be protected by a configured ACL.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-8201-32fh-o8122-64ehf-oncs_540-12z20g-sys-a8011-4g24y4h-incs_540-fh-csr-sys8404ncs_57c1-48q6-sysncs_540x-16z8q2c-dios_xrncs_55a1-48q6h8111-32eh-oncs_5502-se8102-64hncs_5516ncs_540x-6z18g-sys-d8101-32h-oncs_5502ncs_55a2-mod-sncs_560-48212-48fh-mncs_55a1-36h-se8201-32fh8201ncs_540-28z4c-sys-dncs_540x-16z4g8q2c-d8608ncs_540-28z4c-sys-ancs_57d2-18dd-sys8202-32fh-mncs_55a2-mod-hd-s8501-sys-mt8700ncs_5508ncs_55a2-mod-se-s8101-32fh-oncs_540x-8z16g-sys-d8202ncs_55a1-24h8101-32fh8818ncs_540-6z14s-sys-dncs_540x-acc-sysncs_540x-6z18g-sys-a8804ncs_540x-8z16g-sys-ancs_560-78122-64eh-o8712-mod-mncs_57b1-6d24-sysncs_540x-16z4g8q2c-ancs_540x-12z16g-sys-dncs_540-6z18g-sys-ancs_540-24z8q2c-sysncs_57c3-mod-sysncs_540-12z20g-sys-dncs_540-fh-aggncs_540-24q2c2dd-sysncs_540x-12z16g-sys-ancs_540x-4z14g2q-dncs_55a1-36h8102-64h-oncs_55a1-24q6h-sncs_540-24q8l2dd-sys88128201-24h8fh8808ncs_55048711-32fh-mncs_540-acc-sysncs_540x-4z14g2q-ancs_5501-sencs_540-6z18g-sys-dncs_57b1-5dse-sysncs_5501ncs_55a1-24q6h-ss8102-28fh-dpu-oCisco IOS XR Softwareios_xr_software
CWE ID-CWE-284
Improper Access Control
CVE-2024-20465
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.09% / 26.71%
||
7 Day CHG~0.00%
Published-25 Sep, 2024 | 16:29
Updated-24 Oct, 2024 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on Cisco Industrial Ethernet 4000, 4010, and 5000 Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the incorrect handling of IPv4 ACLs on switched virtual interfaces when an administrator enables and disables Resilient Ethernet Protocol (REP). An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-iosIOSios
CWE ID-CWE-284
Improper Access Control
CVE-2024-20325
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.07% / 22.37%
||
7 Day CHG~0.00%
Published-21 Feb, 2024 | 16:09
Updated-06 May, 2025 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Live Data server of Cisco Unified Intelligence Center could allow an unauthenticated, local attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control implementations on cluster configuration CLI requests. An attacker could exploit this vulnerability by sending a cluster configuration CLI request to specific directories on an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unified_intelligence_centerCisco Unified Intelligence Centerunified_intelligence_center
CWE ID-CWE-284
Improper Access Control
CVE-2024-20291
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-11.56% / 93.36%
||
7 Day CHG~0.00%
Published-28 Feb, 2024 | 16:16
Updated-30 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device. This vulnerability is due to incorrect hardware programming that occurs when configuration changes are made to port channel member ports. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access network resources that should be protected by an ACL that was applied on port channel subinterfaces.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_3524-xlnexus_9808nexus_9372px-enexus_93600cd-gxnexus_3000_in_standalone_nx-os_modenexus_9364d-gx2anexus_93108tc-exnexus_9316d-gxnexus_93108tc-fx3pnexus_93180yc-fx3hnexus_9000vnexus_3548-xnexus_93216tc-fx2nexus_3172tq-32tnexus_93360yc-fx2nexus_3172tq-xlnexus_92348gc-xnexus_93240yc-fx2nexus_3464cnexus_31108tc-vnexus_9332cnexus_9804nexus_31128pqnexus_9364c-gxnexus_34180ycnexus_3132q-xlnexus_9336pq_aci_spinenexus_9336c-fx2nexus_3548-xlnexus_93180yc-ex-24nexus_93180yc-exnexus_92300ycnexus_9348d-gx2anexus_9348gc-fxpnexus_3048nexus_9332pqnexus_3524-xnexus_3132c-znexus_9364c-h1nexus_3172tqnexus_3264qnexus_3264c-enexus_9348gc-fx3nexus_31108pc-vnx-osnexus_93108tc-ex-24nexus_9000_in_standalone_nx-os_modenexus_93180yc-fx-24nexus_9364e-sg2nexus_93180yc-fxnexus_9236cnexus_3432d-snexus_9372tx-enexus_3408-snexus_93180yc-fx3snexus_93180lc-exnexus_3164qnexus_9508nexus_9336c-fx2-enexus_3132q-vnexus_93120txnexus_9408nexus_9332d-gx2bnexus_93108tc-fxnexus_9396txnexus_93108tc-fx3nexus_9332d-h2rnexus_9364cnexus_92160yc-xnexus_3172pqnexus_93108tc-fx3hnexus_34200yc-smnexus_36180yc-rnexus_9272qnexus_3232cnexus_93108tc-fx-24nexus_3172pq-xlnexus_92348gc-fx3nexus_92304qcnexus_93180yc-fx3nexus_93400ld-h1Cisco NX-OS Softwarenx-os
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-20283
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.22% / 45.02%
||
7 Day CHG+0.06%
Published-03 Apr, 2024 | 16:25
Updated-07 May, 2025 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to learn cluster deployment information on an affected device. This vulnerability is due to improper access controls on a specific API endpoint. An attacker could exploit this vulnerability by sending queries to the API endpoint. A successful exploit could allow an attacker to access metrics and information about devices in the Nexus Dashboard cluster.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_dashboardCisco Nexus Dashboard
CWE ID-CWE-284
Improper Access Control
CVE-2024-20343
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 27.68%
||
7 Day CHG~0.00%
Published-11 Sep, 2024 | 16:38
Updated-12 Sep, 2024 | 12:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software CLI Arbitrary File Read Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the arguments that are passed to a specific CLI command. An attacker could exploit this vulnerability by logging in to an affected device with low-privileged credentials and using the affected command. A successful exploit could allow the attacker access files in read-only mode on the Linux file system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco IOS XR Software
CWE ID-CWE-284
Improper Access Control
CVE-2016-1302
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.22% / 45.07%
||
7 Day CHG~0.00%
Published-07 Feb, 2016 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.

Action-Not Available
Vendor-zzincn/aSamsungCisco Systems, Inc.Zyxel Networks CorporationSun Microsystems (Oracle Corporation)
Product-nexus_9272qnexus_9504nexus_93120txnexus_93180yc-exnexus_93108tc-exnexus_92304qcnexus_9396txnx-osnexus_9236cnexus_9372txnexus_92160yc-xgs1900-10hp_firmwarenexus_9508nexus_9372pxnexus_9332pqkeymouse_firmwarenexus_9336pq_aci_spinex14j_firmwarenexus_9516opensolarisnexus_93128txnexus_9396pxn/a
CWE ID-CWE-284
Improper Access Control
CVE-2016-1315
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.27%
||
7 Day CHG~0.00%
Published-12 Feb, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The proxy engine in Cisco Advanced Malware Protection (AMP), when used with Email Security Appliance (ESA) 9.5.0-201, 9.6.0-051, and 9.7.0-125, allows remote attackers to bypass intended content restrictions via a malformed e-mail message containing an encoded file, aka Bug ID CSCux45338.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-email_security_appliance_firmewaren/a
CWE ID-CWE-284
Improper Access Control
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 7
  • 8
  • Next
Details not found