VARIoT IoT vulnerabilities database

Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read arbitrary files via a crafted resource request, aka Bug ID CSCus95603. An attacker can exploit this issue to download arbitrary files. Information obtained may aid in further attacks. This issue being tracked by Cisco Bug ID CSCus95603. This solution provides a user environment that integrates voice, video and Web conferencing

Cisco ONS 15454 System Software 10.30 and 10.301 allows remote attackers to cause a denial of service (tNetTask CPU consumption or card reset) via a flood of (1) IP or (2) Ethernet traffic, aka Bug ID CSCus57263. Cisco ONS 15454 System Software is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the control card on an affected device to reset, denying service to legitimate users. This issue is being tracked by Cisco bug ID CSCus57263. Cisco ONS 15454 System Software is a set of multi-service provisioning platform for Cisco optical transmission products of American Cisco (Cisco)

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in the Management Center component in Cisco FireSIGHT System Software 6.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified fields, aka Bug IDs CSCus93566, CSCut31557, and CSCut47196. Vendors have confirmed this vulnerability Bug ID CSCus93566 , CSCut31557 ,and CSCut47196 It is released as.By any third party through any unspecified field Web Script or HTML May be inserted. The Cisco FireSIGHT Management Center centrally manages the network security and operational capabilities of Cisco ASA and Cisco FirePOWER Network Security appliances with FirePOWER Services. An attacker can exploit these vulnerabilities to execute arbitrary HTML script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, or perform unauthorized actions. Other attacks are also possible. Cisco FireSIGHT System Software 6.0.0 is vulnerable. This issue being tracked by Cisco Bug ID's CSCus93566, CSCut31557 and CSCut47196

The IKEv1 implementation in Cisco ASA Software 7.x, 8.0.x, 8.1.x, and 8.2.x before 8.2.2.13 allows remote authenticated users to bypass XAUTH authentication via crafted IKEv1 packets, aka Bug ID CSCus47259. Cisco Adaptive Security Appliance Software IKEv1 The implementation of XAUTH A vulnerability exists that prevents authentication. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is tracked by Cisco Bug ID CSCus47259. The platform provides features such as highly secure access to data and network resources. The following versions are affected: Cisco ASA Software 7.x releases, 8.0.x releases, 8.1.x releases, 8.2.x releases prior to 8.2.2.13

Cisco AnyConnect Secure Mobility Client before 3.1(8009) and 4.x before 4.0(2052) on Linux does not properly implement unspecified internal functions, which allows local users to obtain root privileges via crafted vpnagent options, aka Bug ID CSCus86790. Vendors have confirmed this vulnerability Bug ID CSCus86790 It is released as.Crafted by local users vpnagent Through the options root You may get permission. A local attacker may exploit this issue to gain elevated root privileges on the device. This issue is being tracked by Cisco Bug ID CSCus86790. The vulnerability stems from the incorrect implementation of internal functions in the program

Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) for Microsoft Outlook allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCuu51400. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCuu51400

Cisco Unified MeetingPlace 8.6(1.2) does not properly validate session IDs in http URLs, which allows remote attackers to obtain sensitive session information via a crafted URL, aka Bug ID CSCuu60338. Cisco Unified MeetingPlace is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. This issue is being tracked by Cisco Bug Id CSCuu60338. This solution provides a user environment that integrates voice, video and Web conferencing

The Thycotic Password Manager Secret Server application through 2.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. The vulnerability stems from the fact that the program does not verify the X.509 certificate on the SSL server side

Cross-site request forgery (CSRF) vulnerability in Cisco Headend Digital Broadband Delivery System allows remote attackers to hijack the authentication of arbitrary users. The system provides content protection, video on demand, and dbd backup and recovery. A remote attacker could exploit this vulnerability to perform unauthorized operations. Other attacks are also possible

The web-based user interface in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCus97452. This case XML External entity (XXE) Vulnerability related to the problem. Cisco Unified MeetingPlace is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may lead to further attacks. This issue is being tracked by Cisco bug ID CSCus97452. This solution provides a user environment that integrates voice, video and Web conferencing

Cross-site request forgery (CSRF) vulnerability in IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband Switch firmware 3.4.0000 and earlier. IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband Switches are products of IBM Corporation of the United States. The former is an Ethernet adapter product; the latter is a switch product. Allows an attacker to exploit the vulnerability to gain unauthorized access to gain access to affected applications. Other attacks are also possible. The vulnerability is caused by the program not correctly validating the input submitted by the user

Cross-site request forgery (CSRF) vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack the authentication of administrators. The appliance provides features such as a dedicated encrypted traffic management platform, easy-to-use policy enforcement points, and an adaptive security solution. Successfully exploiting these vulnerabilities will allow attackers to perform certain unauthorized actions, hijack an arbitrary session, gain access to the sensitive information or compromise the affected application. Other attacks are also possible. It is the core of encrypted traffic management, can provide visibility to SSL traffic, and supports the addition of SSL inspection functions to advanced threat protection solutions programs and existing network security architecture. A remote attacker could exploit this vulnerability to perform unauthorized operations

CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks, via a crafted request, aka Bug ID CSCur25580. Vendors have confirmed this vulnerability Bug ID CSCur25580 It is released as. Supplementary information : CWE Vulnerability type by CWE-93: Improper Neutralization of CRLF Sequences (CRLF injection ) Has been identified. The system provides content protection, video on demand, and dbd backup and recovery. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into having a false sense of trust

Cisco Headend System Release allows remote attackers to cause a denial of service (DHCP and TFTP outage) via a flood of crafted UDP traffic, aka Bug ID CSCus04097. The Cisco Headend System Release is a front-end broadband digital transmission system. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCus04097

Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release allow remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood or (2) another type of TCP traffic flood, aka Bug IDs CSCus50642, CSCus50662, CSCus50625, CSCus50657, and CSCus68315. Cisco DTACS and Cisco Headend System Release are a front-end broadband digital transmission system. Multiple Cisco products are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. This issue is being tracked by Cisco Bug IDs CSCus50642, CSCus50662, CSCus50625, CSCus50657, and CSCus68315. The vulnerability is caused by the program not restricting the traffic of TCP port

Cisco Headend System Release allows remote attackers to read temporary script files or archive files, and consequently obtain sensitive information, via a crafted header in an HTTP request, aka Bug ID CSCus44909. The Cisco Headend System Release is a front-end broadband digital transmission system. An attacker can exploit this issue to download arbitrary files from the Web server and obtain potentially sensitive information. This issue is being tracked by Cisco bug ID CSCus44909

Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote attackers to inject arbitrary cookies via a crafted HTTP request, aka Bug ID CSCuh25408. A successful attack may allow attackers to insert a crafted HTTP header into an HTTP response that could cause a web page redirection to a possible malicious website; this may aid in launching further attacks. This issue is tracked by Cisco Bug Id CSCuh25408. Cisco Conductor for Videoscape is a video platform that integrates digital TV, online content, social media and communication applications

The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that matches one of these sessions, aka Bug IDs CSCun94946 and CSCun96847. Vendors have confirmed this vulnerability Bug ID CSCun94946 ,and CSCun96847 It is released as.A third party may be able to circumvent restricted access to resources through forged traffic that matches the session. Both Cisco IOS and IOSXESoftware are operating systems developed by Cisco for its network devices. Zone-BasedFirewall (ZBFW) is one of the policy firewall components. The ZBFW feature in Cisco IOS and IOSXESoftware has a security bypass vulnerability that stems from a program failing to properly check the current session's data flow. This vulnerability can be exploited by remote attackers to inject and pass fake data streams, bypassing security restrictions and gaining unauthorized access to resources. This may aid in further attacks. This issue is tracked by Cisco Bug IDs CSCun94946 and CSCun96847

The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not include the HTTPOnly flag in a Set-Cookie header for the administrator's cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, a different vulnerability than CVE-2015-2855. It is the core of encrypted traffic management, providing visibility into SSL traffic and supporting the addition of SSL checking to advanced threat protection solutions. The solution and the existing network security architecture. The HTTPOnly flag could not be set in the Set-Cookie header of the administrator cookie

The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not set the secure flag for the administrator's cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session, a different vulnerability than CVE-2015-4138. It is the core of encrypted traffic management, providing visibility into SSL traffic and supporting the addition of SSL checking to advanced threat protection solutions. The solution and the existing network security architecture. Successfully exploiting these vulnerabilities will allow attackers to perform certain unauthorized actions, hijack an arbitrary session, gain access to the sensitive information or compromise the affected application. Other attacks are also possible