VARIoT IoT vulnerabilities database

Huawei OceanStor 5600 V3 with V300R003C00C10 and earlier versions allows attackers with administrator privilege to inject a command into a specific command's parameters, and run this injected command with root privilege. Huawei OceanStor 5600 is a storage product of China Huawei. HuaweiOceanStor5600 has a privilege escalation vulnerability. Huawei Storage Products are prone to an privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges and perform unauthorized actions. The vulnerability is caused by the lack of input validation in the program

A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Management Security Appliance (SMA) could allow an unauthenticated, remote attacker to impersonate the update server. More Information: CSCul88715, CSCul94617, CSCul94627. Known Affected Releases: 7.5.2-201 7.6.3-025 8.0.1-023 8.5.0-000 8.5.0-ER1-198 7.5.2-HP2-303 7.7.0-608 7.7.5-835 8.5.1-021 8.8.0-000 7.9.1-102 8.0.0-404 8.1.1-013 8.2.0-222. Known Fixed Releases: 8.0.2-069 8.0.2-074 8.5.7-042 9.1.0-032 8.5.2-027 9.6.1-019. Vendors have confirmed this vulnerability Bug ID CSCul88715 , CSCul94617 , CSCul94627 It is released as.A remote attacker could impersonate an update server. There is a middleman security bypass vulnerability in CiscoAsyncOSSoftware. Allows an attacker to exploit a vulnerability to perform an unauthorized operation by performing a man-in-the-middle attack. Cisco AsyncOS Software is prone to security-bypass vulnerability. This may lead to other attacks. This issue is being tracked by Cisco Bug ID's CSCul88715, CSCul94617 and CSCul94627. Cisco AsyncOS is an operating system used in these products

A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAMP processes without requiring a password. Stopping certain critical processes could cause a denial of service (DoS) condition, and certain security features could no longer be available. More Information: CSCvb40597. Known Affected Releases: 1. FireAMPConnectorEndpointSoftware is a Cisco security product that provides device-based visualization to control security threats that other security layers miss. A local denial of service vulnerability exists in Cisco FireAMPConnectorEndpointSoftware that could be exploited by a local attacker to initiate a denial of service attack. A local attacker can exploit this issue to cause a denial-of-service condition. This issue is tracked by Cisco Bug ID CSCvb40597

A vulnerability in the web management interface of the Cisco Unified Communications Manager IM and Presence Service could allow an unauthenticated, remote attacker to view information on web pages that should be restricted. More Information: CSCva49629. Known Affected Releases: 11.5(1). Known Fixed Releases: 11.5(1.12000.2) 12.0(0.98000.181). An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. This issue is being tracked by Cisco bug ID CSCva49629

A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances could allow an unauthenticated, remote attacker to bypass user filters that are configured for an affected device. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for both virtual and hardware versions of the following Cisco products: Cisco Email Security Appliances (ESAs) that are configured to use message or content filters that scan incoming email attachments; Cisco Web Security Appliances (WSAs) that are configured to use services that scan accessed web content. More Information: CSCva90076, CSCvb06764. Known Affected Releases: 10.0.0-125 8.5.7-042 9.7.2-047. Vendors have confirmed this vulnerability Bug ID CSCva90076 , CSCvb06764 It is released as.A remote attacker may be able to bypass the configured user filter. CiscoEmailSecurityAppliance is a Cisco email security appliance. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCva90076. Note:The issue affects all the devices running Cisco AsyncOS Software. The vulnerability stems from the fact that the program cannot properly filter certain TAR format files

A vulnerability in the web-based management interface of Cisco Emergency Responder could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. More Information: CSCvb06663. Known Affected Releases: 11.5(1.10000.4). Known Fixed Releases: 12.0(0.98000.14). The CiscoEmergencyResponder (ER) is an emergency call software in an IP communications system from Cisco. The software provides real-time location tracking of the database and the location of the caller. Other attacks are also possible. This issue is being tracked by Cisco Bug ID CSCvb06663

A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process unexpectedly restarting. More Information: CSCvb04312. Known Affected Releases: 9.0.1-162 9.1.1-074. Known Fixed Releases: 10.1.0-129 9.1.2-010. Cisco AsyncOS is a set of operating systems used in this product. An attacker could exploit this vulnerability to restart the agent process, resulting in a denial of service condition. This issue is being tracked by Cisco Bug ID CSCvb04312

A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level. More Information: CSCvb81344. Known Affected Releases: 1.0. This issue is being tracked by Cisco Bug ID CSCvb81344

A vulnerability in the web-based management interface of Cisco Firepower Management Center running FireSIGHT System software could allow an authenticated, remote attacker to view the Remote Storage Password. More Information: CSCvb19366. Known Affected Releases: 5.4.1.6. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. This issue is being tracked by Cisco bug ID CSCvb19366

A vulnerability in Cisco IOS on Catalyst Switches and Nexus 9300 Series Switches could allow an unauthenticated, adjacent attacker to cause a Layer 2 network storm. More Information: CSCuu69332, CSCux07028. Known Affected Releases: 15.2(3)E. Known Fixed Releases: 12.2(50)SE4 12.2(50)SE5 12.2(50)SQ5 12.2(50)SQ6 12.2(50)SQ7 12.2(52)EY4 12.2(52)SE1 12.2(53)EX 12.2(53)SE 12.2(53)SE1 12.2(53)SE2 12.2(53)SG10 12.2(53)SG11 12.2(53)SG2 12.2(53)SG9 12.2(54)SG1 12.2(55)EX3 12.2(55)SE 12.2(55)SE1 12.2(55)SE10 12.2(55)SE2 12.2(55)SE3 12.2(55)SE4 12.2(55)SE5 12.2(55)SE6 12.2(55)SE7 12.2(55)SE8 12.2(55)SE9 12.2(58)EZ 12.2(58)SE1 12.2(58)SE2 12.2(60)EZ 12.2(60)EZ1 12.2(60)EZ2 12.2(60)EZ3 12.2(60)EZ4 12.2(60)EZ5 12.2(60)EZ6 12.2(60)EZ7 12.2(60)EZ8 15.0(1)EY2 15.0(1)SE 15.0(1)SE2 15.0(1)SE3 15.0(2)EA 15.0(2)EB 15.0(2)EC 15.0(2)ED 15.0(2)EH 15.0(2)EJ 15.0(2)EJ1 15.0(2)EK1 15.0(2)EX 15.0(2)EX1 15.0(2)EX3 15.0(2)EX4 15.0(2)EX5 15.0(2)EY 15.0(2)EY1 15.0(2)EY2 15.0(2)EZ 15.0(2)SE 15.0(2)SE1 15.0(2)SE2 15.0(2)SE3 15.0(2)SE4 15.0(2)SE5 15.0(2)SE6 15.0(2)SE7 15.0(2)SE9 15.0(2)SG10 15.0(2)SG3 15.0(2)SG6 15.0(2)SG7 15.0(2)SG8 15.0(2)SG9 15.0(2a)EX5 15.1(2)SG 15.1(2)SG1 15.1(2)SG2 15.1(2)SG3 15.1(2)SG4 15.1(2)SG5 15.1(2)SG6 15.2(1)E 15.2(1)E1 15.2(1)E2 15.2(1)E3 15.2(1)EY 15.2(2)E 15.2(2)E3 15.2(2b)E. Cisco IOS Software is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. This issue is being tracked by Cisco Bug IDs CSCuu69332 and CSCux07028

A vulnerability in the implementation of X.509 Version 3 for SSH authentication functionality in Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on an affected system. More Information: CSCuv89417. Known Affected Releases: 15.5(2.25)T. Known Fixed Releases: 15.2(4)E1 15.2(4)E2 15.2(4)E3 15.2(4)EA4 15.2(4.0r)EB 15.2(4.1.27)EB 15.2(4.4.2)EA4 15.2(4.7.1)EC 15.2(4.7.2)EC 15.2(5.1.1)E 15.2(5.5.63)E 15.2(5.5.64)E 15.4(1)IA1.80 15.5(3)M1.1 15.5(3)M2 15.5(3)S1.4 15.5(3)S2 15.6(0.22)S0.12 15.6(1)T0.1 15.6(1)T1 15.6(1.15)T 15.6(1.17)S0.7 15.6(1.17)SP 15.6(1.22.1a)T0 15.6(2)S 15.6(2)SP 16.1(1.24) 16.1.2 16.2(0.247) 16.3(0.11) 3.8(1)E Denali-16.1.2. This may lead to further attacks. This issue is tracked by Cisco Bug ID CSCuv89417. An attacker could exploit this vulnerability to impersonate a user by sending an invalid X.50 signature to an affected system

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. More Information: CSCvb68043. Known Affected Releases: 4.3(2039) 4.3(748). Known Fixed Releases: 4.3(4019) 4.4(225). A local attacker may exploit this issue to execute arbitrary commands with elevated SYSTEM privileges. This issue is being tracked by Cisco Bug ID CSCvb68043

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management Center and FireSIGHT System Software are affected when they are configured to use a file policy that has the Block Malware action. More Information: CSCvb27494. Known Affected Releases: 6.0.1.1 6.1.0. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvb27494

A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack. More Information: CSCuw15041. Known Affected Releases: 1.2(1.199). Vendors have confirmed this vulnerability Bug ID CSCuw15041 It is released as.Remote attacker could disrupt service operation (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to cause a denial-of-service condition; denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuw15041. The platform monitors the network by collecting real-time information on the network, users and devices, and formulating and implementing corresponding policies. Active Directory integration is one of the active directory components. The vulnerability stems from the program's improper handling of Password Authentication Protocol (PAP) authentication requests. A remote attacker can exploit this vulnerability by altering the correct PAP authentication request to cause subsequent authentication requests to the Active Directory domain to fail

A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. Affected Products: This vulnerability affects specific releases of the Cisco IOx subsystem of Cisco IOS and IOS XE Software. More Information: CSCvb23331. Known Affected Releases: 15.2(6.0.57i)E CAF-1.1.0.0. Cisco IOx is a set of applications that provide unified hosting capabilities for the Cisco IoT network infrastructure (Cisco routers, switches, etc.). An attacker can exploit this issue using directory-traversal characters ('../') to access or read arbitrary files that contain sensitive information or to access files outside of the restricted directory to obtain sensitive information and perform other attacks. This issue is being tracked by Cisco Bug ID CSCvb23331

A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface. More Information: CSCut43268. Known Affected Releases: 10.5(1) 10.6. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCut43268. This solution supports simplified unified communication and video collaboration network management through a unified management console, and rapid deployment of communication sites. The vulnerability stems from the fact that the program does not fully detect the parameters entered by the web server

A vulnerability in the Zone-Based Firewall feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to pass traffic that should otherwise have been dropped based on the configuration. More Information: CSCuz21015. Known Affected Releases: 15.3(3)M3. Known Fixed Releases: 15.6(2)T0.1 15.6(2.0.1a)T0 15.6(2.19)T 15.6(3)M. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Remote attackers can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is tracked by Cisco Bug ID CSCuz21015

A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) Switches could allow an unauthenticated, remote attacker to conduct a persistent cross-site scripting (XSS) attack against a user of the affected interface on an affected device. More Information: CSCvb37346. Known Affected Releases: 9.1.1-036 9.7.1-066. Vendors have confirmed this vulnerability CSCvb37346 It is released as.A remote attacker could conduct a cross-site scripting attack. A cross-site scripting vulnerability exists in CiscoAsyncOSSoftwareforESA that stems from insufficient filtering of user-submitted input. An attacker could exploit this vulnerability to execute arbitrary script code in a user's browser. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCvb37346

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco ASR 5000 Series Software could allow an unauthenticated, remote attacker to cause a reload of the ipsecmgr process. More Information: CSCvb38398. Known Affected Releases: 20.2.3 20.2.3.65026. Known Fixed Releases: 21.1.M0.65431 21.1.PP0.65733 21.1.R0.65467 21.1.R0.65496 21.1.VC0.65434 21.1.VC0.65489 21.2.A0.65437. Vendors have confirmed this vulnerability Bug ID CSCvb38398 It is released as.By a remote attacker, ipsecmgr The process may be reloaded. Cisco ASR5000 Series Software is a 5000 series wireless controller product from Cisco. The attacker exploited this vulnerability to send a specially crafted IKEv2 packet causing the ipsecmgr process to crash. An attacker can exploit this issue to restart the affected process, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCvb38398

A vulnerability in the Cisco Intercloud Fabric (ICF) Director could allow an unauthenticated, remote attacker to connect to internal services with an internal account. Affected Products: Cisco Nexus 1000V InterCloud is affected. More Information: CSCus99379. Known Affected Releases: 2.2(1). Cisco IntercloudFabricDirector is a device developed by Cisco. An attacker can exploit this issue to bypass the authentication mechanism and gain unauthorized access. This may lead to further attacks. This issue is tracked by Cisco Bug ID CSCus99379