Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password.
Max CVSS
4.6
EPSS Score
0.05%
Published
2000-04-20
Updated
2008-09-10
Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
Max CVSS
4.6
EPSS Score
0.34%
Published
2001-01-01
Updated
2008-09-05
Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-01-08
Updated
2018-10-30
tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with world-readable and writable permissions, which allows local users to access and modify sensitive files.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-05-16
Updated
2008-09-05
Linux-iSCSI iSCSI implementation installs the iscsi.conf file with world-readable permissions on some operating systems, including Red Hat Linux Limbo Beta #1, which could allow local users to gain privileges by reading the cleartext CHAP password.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-08-12
Updated
2016-10-18
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, allows local users to use a utility program to obtain the group password.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-10-04
Updated
2017-10-10
The default configuration of Cisco Unity 2.x and 3.x does not block international operator calls in the predefined restriction tables, which could allow authenticated users to place international calls using call forwarding.
Max CVSS
4.6
EPSS Score
0.05%
Published
2002-10-11
Updated
2008-09-10
Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup.
Max CVSS
4.6
EPSS Score
0.05%
Published
2003-03-31
Updated
2018-10-30
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet.
Max CVSS
4.7
EPSS Score
0.04%
Published
2004-11-23
Updated
2017-10-11
Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.
Max CVSS
4.3
EPSS Score
0.38%
Published
2004-08-06
Updated
2022-08-24
The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049.
Max CVSS
4.6
EPSS Score
0.06%
Published
2006-02-01
Updated
2017-10-11
Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770.
Max CVSS
4.6
EPSS Score
0.06%
Published
2006-02-01
Updated
2017-10-11
Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Secure ACS for UNIX 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) error, (2) SSL, and (3) Ok parameters.
Max CVSS
4.3
EPSS Score
88.50%
Published
2006-06-21
Updated
2018-10-18
Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657.
Max CVSS
4.3
EPSS Score
0.74%
Published
2006-06-21
Updated
2018-10-18
Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI commands," aka bug CSCse11005.
Max CVSS
4.6
EPSS Score
0.06%
Published
2006-07-18
Updated
2017-07-20
The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704.
Max CVSS
4.0
EPSS Score
0.24%
Published
2006-07-18
Updated
2017-07-20
Cisco NAC maintains an exception list that does not record device properties other than MAC address, which allows physically proximate attackers to bypass control methods and join a local network by spoofing the MAC address of a different type of device, as demonstrated by using the MAC address of a disconnected printer.
Max CVSS
4.6
EPSS Score
0.05%
Published
2006-09-26
Updated
2018-10-17
Cisco Secure Desktop (CSD) before 3.1.1.45 allows local users to escape out of the secure desktop environment by using certain applications that switch to the default desktop, aka "System Policy Evasion".
Max CVSS
4.6
EPSS Score
0.04%
Published
2006-11-08
Updated
2017-07-20
The installation of Cisco Secure Desktop (CSD) before 3.1.1.45 uses insecure default permissions (all users full control) for the CSD directory and its parent directory, which allow local users to gain privileges by replacing CSD executables, aka "Local Privilege Escalation".
Max CVSS
4.6
EPSS Score
0.04%
Published
2006-11-08
Updated
2017-07-20
Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN ACL configuration with an invalid checksum, which prevents WLAN ACLs from being loaded at boot time, and might allow remote attackers to bypass intended access restrictions, aka Bug ID CSCse58195.
Max CVSS
4.0
EPSS Score
3.18%
Published
2007-04-16
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before 3.3(5)sr3, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to CCMAdmin/serverlist.asp (aka the search-form) and possibly other unspecified vectors.
Max CVSS
4.3
EPSS Score
0.57%
Published
2007-05-24
Updated
2017-07-29
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified MeetingPlace Web Conferencing (MP) 5.3.235.0 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) Success Template (STPL) and (2) Failure Template (FTPL) parameters, which are not properly handled in an error message.
Max CVSS
4.3
EPSS Score
1.85%
Published
2007-08-09
Updated
2018-10-15
Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an administrator makes certain changes to a (1) VTY/AUX or (2) CONSOLE setting on a device without AAA enabled, which allows remote attackers to bypass authentication and obtain a terminal session, a different vulnerability than CVE-1999-0293 and CVE-2005-2105.
Max CVSS
4.3
EPSS Score
0.42%
Published
2007-08-31
Updated
2018-10-26
Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) user or (2) admin logon page, aka CSCsi10728.
Max CVSS
4.3
EPSS Score
0.26%
Published
2007-08-31
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in Cisco IOS allows remote attackers to inject arbitrary web script or HTML, and execute IOS commands, via unspecified vectors, aka PSIRT-2022590358. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
Max CVSS
4.3
EPSS Score
0.14%
Published
2007-10-18
Updated
2008-11-15
693 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!