VARIoT IoT vulnerabilities database

A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects Cisco AsyncOS Software releases 9.7.1 and later, prior to the first fixed release, for both virtual and hardware Cisco Email Security Appliances, if the AMP feature is configured to scan incoming email attachments. More Information: CSCuy99453. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 10.0.0-125 9.7.1-207 9.7.2-047. Vendors have confirmed this vulnerability Bug ID CSCuy99453 It is released as. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. http://cwe.mitre.org/data/definitions/19.htmlService disruption by a third party (DoS) Status and scanning and email forwarding will be stopped There is a possibility. The Cisco AsyncOS operating system is designed to enhance the security and performance of Cisco Email Security appliances. A remote denial of service vulnerability exists in Cisco AsyncOS 9.7.1 and later, which is exploited by an unauthenticated remote attacker to cause a denial of service. An attacker can exploit this issue to cause a denial-of-service condition. Cisco AsyncOS Software versions 9.7.1 and later are affected

A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to the AMP process unexpectedly restarting. Affected Products: Cisco AsyncOS Software for Email Security Appliances (ESA) versions 9.5 and later up to the first fixed release, Cisco AsyncOS Software for Web Security Appliances (WSA) all versions prior to the first fixed release. More Information: CSCux56406, CSCux59928. Known Affected Releases: 9.6.0-051 9.7.0-125 8.8.0-085 9.5.0-444 WSA10.0.0-000. Known Fixed Releases: 9.7.1-066 WSA10.0.0-233. Vendors have confirmed this vulnerability Bug CSCux56406 and CSCux59928 It is released as.Service disruption by a third party (DoS) There is a possibility of being put into a state. CiscoEmailandWebSecurityAppliance is a product of Cisco. A denial of service vulnerability exists in CiscoEmail and WebSecurityAppliance. An unauthenticated remote attacker exploited the vulnerability to cause a denial of service attack. Multiple Cisco Products are prone to a denial-of-service vulnerability. This issue is being tracked by Cisco Bug IDs CSCux56406 and CSCux59928. Cisco ESA versions after 9.5 and AMP of WSA have a denial of service vulnerability

Huawei USG5500 with software V300R001C00 and V300R001C00 allows attackers to bypass the anti-DDoS module of the USGs to cause a denial of service condition on the backend server. Huawei USG5500 The backend server disrupts service operation (DoS) There are vulnerabilities that are put into a state.By the attacker, USG of anti-DDoS By avoiding modules, back-end servers are disrupted in service operations (DoS) There is a possibility of being put into a state. HuaweiUS55500 is a firewall product of Huawei Technologies of China. A security vulnerability exists in the HuaweiUSG5500V300R001C00 and V300R001C10. The remote attacker can use the vulnerability to send a large number of HTTP packets to bypass the DDOS defense module of the USG product for denial of service attacks. Huawei USG Products are prone to a security-bypass vulnerability. An attacker may exploit this issue to bypass certain security restrictions and cause denial-of-service conditions

A vulnerability in the web framework code of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. More Information: CSCva47092. Known Affected Releases: 4.10(1). Vendors have confirmed this vulnerability Bug ID CSCva47092 It is released as.A third party may perform a cross-site scripting attack. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug IDs CSCva47092. The solution supports the simplification of radio dispatching operations and improves the ability to respond to accidents, emergencies, and facility incidents

A vulnerability in the web framework code of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary SQL commands on the database. More Information: CSCva46542. Known Affected Releases: 1.3(0.876). Vendors have confirmed this vulnerability Bug ID CSCva46542 It is released as.Any user on the database by the remotely authenticated user SQL The command may be executed. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. This issue is being tracked by Cisco Bug ID CSCva46542. The platform monitors the network by collecting real-time information on the network, users and devices, and formulating and implementing corresponding policies

A cross-site request forgery (CSRF) vulnerability in the web interface of the Cisco Hosted Collaboration Mediation Fulfillment application could allow an unauthenticated, remote attacker to execute unwanted actions. More Information: CSCva54241. Known Affected Releases: 11.5(1). Known Fixed Releases: 11.5(0.98000.216). Vendors have confirmed this vulnerability Bug ID CSCva54241 It is released as.An unintended action may be performed by a third party. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. This issue is being tracked by Cisco Bug ID CSCva54241. The software provides functions such as configuring, managing and monitoring services of Cisco HCM-F. A remote attacker could exploit this vulnerability to submit arbitrary requests

A vulnerability in the display of email messages in the Messages in Quarantine (MIQ) view in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a user to click a malicious link in the MIQ view. The malicious link could be used to facilitate a cross-site scripting (XSS) or HTML injection attack. More Information: CSCuz02235. Known Affected Releases: 8.0.2-069. Known Fixed Releases: 9.1.1-038 9.7.2-047. Vendors have confirmed this vulnerability Bug ID CSCuz02235 It is released as.By any third party Web Script or HTML May be inserted. The Cisco AsyncOS operating system is designed to enhance the security and performance of Cisco Email Security appliances. A security vulnerability exists in Cisco AsyncOS that allows an attacker to exploit the vulnerability to bypass certain security restrictions and perform unauthorized operations. This issue is being tracked by Cisco Bug ID CSCuz02235

A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. Affected Products: all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco ESA and Cisco WSA, both virtual and hardware appliances, if the software is configured with message or content filters to scan incoming email attachments. More Information: CSCuw03606, CSCux59734. Known Affected Releases: 8.0.0-000 8.5.6-106 9.0.0-000 9.1.0-032 9.6.0-042 9.5.0-444 WSA10.0.0-000. Known Fixed Releases: 9.1.1-038 9.7.1-066. Vendors have confirmed this vulnerability Bug ID CSCuw03606 and CSCux59734 It is released as. Supplementary information : CWE Vulnerability type by CWE-388: Error Handling ( Error handling ) Has been identified. http://cwe.mitre.org/data/definitions/388.htmlA third party may bypass user filters configured on the device. The Cisco AsyncOS operating system is designed to enhance the security and performance of Cisco Email Security appliances. 0-000

A vulnerability in the configured security policies, including drop email filtering, in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass a configured drop filter by using an email with a corrupted attachment. More Information: CSCuz01651. Known Affected Releases: 10.0.9-015 9.7.1-066 9.9.6-026. Vendors have confirmed this vulnerability Bug CSCuz01651 It is released as. Supplementary information : CWE Vulnerability type by CWE-388: Error Handling ( Error handling ) Has been identified. The Cisco AsyncOS operating system is designed to enhance the security and performance of Cisco Email Security appliances. Cisco AsyncOS has a security bypass vulnerability that allows an attacker to exploit the vulnerability to bypass certain security restrictions and perform unauthorized operations. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCuz01651. The appliance offers spam protection, email encryption, data loss prevention, and more. The following releases are affected: Cisco ESA 10.0.9-015, 9.7.1-066, 9.9.6-026

A vulnerability in local FTP to the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition when the FTP application unexpectedly quits. More Information: CSCux68539. Known Affected Releases: 9.1.0-032 9.7.1-000. Known Fixed Releases: 9.1.1-038. Vendors have confirmed this vulnerability Bug CSCux68539 It is released as.Service disruption by a third party (DoS) There is a possibility of being put into a state. Cisco Email Security Appliance is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCux68539. The appliance offers spam protection, email encryption, data loss prevention, and more. A denial of service vulnerability exists in Cisco ESA versions 9.1.0-032 and 9.7.1-000

A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of the targeted device. Emails that should have been quarantined could instead be processed. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco ESA and Cisco WSA on both virtual and hardware appliances that are configured with message or content filters to scan incoming email attachments. More Information: CSCuy54740, CSCuy75174. Known Affected Releases: 9.7.1-066 9.5.0-575 WSA10.0.0-000. Known Fixed Releases: 10.0.0-125 9.1.1-038 9.7.2-047. Vendors have confirmed this vulnerability Bug ID CSCuy54740 and CSCuy75174 It is released as.A third party could bypass the filtering function. Cisco AsyncOS for Email and Web Security Appliances are products of Cisco. CiscoAsyncOSforEmailSecurityAppliances is a set of operating systems used by Cisco Systems in the E-mail Security Appliance (ESA). Cisco Web Security Appliance (WSA) is a network security appliance. A remote security bypass vulnerability exists in CiscoAsyncOSforEmail and WebSecurityAppliances. An attacker could exploit the vulnerability to bypass certain security restrictions and perform unauthorized operations. This may aid in further attacks This issue is tracked by Cisco Bug IDs CSCuy54740 and CSCuy75174

ION memory management module in Huawei Mate 8 phones with software NXT-AL10C00B197 and earlier versions, NXT-DL10C00B197 and earlier versions, NXT-TL10C00B197 and earlier versions, NXT-CL10C00B197 and earlier versions allows attackers to cause a denial of service (restart). HuaweiMate8 is a smartphone from China Huawei. There are local denial of service vulnerabilities in more than 8 versions of huaweimate. A local attacker could exploit the vulnerability to restart the device, resulting in a denial of service. Huawei Mate 8 is prone to a local denial-of-service vulnerability. The following versions are vulnerable: Mate 8 NXT-AL10C00B197 and prior versions are affected. Mate 8 NXT-DL10C00B197 and prior versions are affected. Mate 8 NXT-TL10C00B197 and prior versions are affected. Mate 8 NXT-CL10C00B197 and prior versions are affected. Huawei Mate 8 is a smartphone product of China's Huawei (Huawei). Attackers can exploit this vulnerability by enticing users to install malicious applications to send specific parameters to the phone, causing the system to restart

ION memory management module in Huawei P9 phones with software EVA-AL10C00B192 and earlier versions, EVA-DL10C00B192 and earlier versions, EVA-TL10C00B192 and earlier versions, EVA-CL10C00B192 and earlier versions allows attackers to obtain sensitive information from uninitialized memory. Huawei SmartPhones is the smartphone of China Huawei. Huawei SmartPhones has an information disclosure vulnerability. An attacker could exploit this vulnerability to obtain sensitive information. Huawei Smart Phone is prone to a local information-disclosure vulnerability. The Huawei Smart Phone P9 is a smartphone from the Chinese company Huawei

Huawei Honor 6, Honor 6 Plus, Honor 7 phones with software versions earlier than 6.9.16 could allow attackers to disable the PXN defense mechanism by invoking related drive code to crash the system or escalate privilege. HuaweiHonor is a smartphone product of China Huawei. Huawei mobile phone has a PXN protection mechanism failure security vulnerability. Due to the security vulnerabilities of PXN (Privileged Execute-Never) protection mechanism in the driver code of Huawei mobile phones, the attacker can induce users to install malicious applications. The application can close the PXN protection mechanism by calling the relevant driver code, resulting in rejection. Service attack. Multiple Huawei Products are prone to a local privilege-escalation. An attacker can exploit this issue to gain elevated privileges or crash the system resulting in a denial-of-service condition. Note: This issue was previously titled 'Multiple Huawei Products CVE-2016-8768 Local Denial of Service Vulnerability'. The title and technical details have been changed to better reflect the underlying component affected

HPThinkPwnUEFIBIOS is a device of Hewlett-Packard (HP). HPThinkPwnUEFIBIOS 'SmmRuntime' has a remote elevation of privilege vulnerability that allows an attacker to exploit arbitrary exploits and perform unauthorized actions. HP ThinkPwn UEFI BIOS is prone to a remote privilege-escalation vulnerability

Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F and 11.1 47.14 allows a remote attacker to steal session cookies of a legitimate AAA user via manipulation of Host header. Citrix NetScaler ADC Contains an unauthorized redirect vulnerability. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible. The vulnerability affects the following versions of Citrix NetScaler ADC: Version 11.0 prior to 11.0 Build 65.31/65.35F are vulnerable. Version 10.5 prior to 10.5 Build 61.11 are vulnerable. Version 10.1 prior to 10.1 Build 135.8 are vulnerable. Citrix NetScaler ADC (Application Delivery Controller) is a controller from Citrix Systems that provides application delivery control and load balancing functions

Ruckus Wireless H500 web management interface CSRF. An attacker could exploit the vulnerability to perform unauthorized actions

Ruckus Wireless H500 web management interface authentication bypass. The Ruckus Wireless H500 is an indoor wall switch access point for Ruckus Wireless in the United States. Webmanagementinterface is one of the web-based management interfaces. An attacker could exploit the vulnerability to bypass security restrictions by sending a request with a specially crafted string

Ruckus Wireless H500 web management interface denial of service. The Ruckus Wireless H500 is an indoor wall switch access point for Ruckus Wireless in the United States. Webmanagementinterface is one of the web-based management interfaces. An attacker could exploit the vulnerability to cause a denial of service

An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted SGI file. Apple Mac OS X is prone to multiple remote code-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the user. Failed exploit attempts will likely cause a denial-of-service condition. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. ImageIO is one of the static methods used to perform common image I/O operations. A security vulnerability exists in the ImageIO component of Apple macOS Sierra prior to 10.12.1