Filtered by vendor Cisco
Subscriptions
Total
6622 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-20170 | 1 Cisco | 1 Identity Services Engine | 2025-12-16 | 6 Medium |
| A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root. | ||||
| CVE-2023-20135 | 1 Cisco | 1 Ios Xr | 2025-12-16 | 5.7 Medium |
| A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to a time-of-check, time-of-use (TOCTOU) race condition when an install query regarding an ISO image is performed during an install operation that uses an ISO image. An attacker could exploit this vulnerability by modifying an ISO image and then carrying out install requests in parallel. A successful exploit could allow the attacker to execute arbitrary code on an affected device. | ||||
| CVE-2023-20101 | 1 Cisco | 1 Emergency Responder | 2025-12-16 | 9.8 Critical |
| A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static user credentials for the root account that are typically reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user. | ||||
| CVE-2023-20063 | 1 Cisco | 2 Firepower Threat Defense, Secure Firewall Management Center | 2025-12-16 | 8.2 High |
| A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device. | ||||
| CVE-2023-20048 | 1 Cisco | 1 Secure Firewall Management Center | 2025-12-16 | 9.9 Critical |
| A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute certain unauthorized configuration commands on a Firepower Threat Defense (FTD) device that is managed by the FMC Software. This vulnerability is due to insufficient authorization of configuration commands that are sent through the web service interface. An attacker could exploit this vulnerability by authenticating to the FMC web services interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute certain configuration commands on the targeted FTD device. To successfully exploit this vulnerability, an attacker would need valid credentials on the FMC Software. | ||||
| CVE-2025-20158 | 1 Cisco | 10 Desk Phone 9841, Desk Phone 9841 Firmware, Desk Phone 9851 and 7 more | 2025-12-15 | 4.4 Medium |
| A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials with SSH access on the affected device. SSH access is disabled by default. This vulnerability is due to insufficient validation of user-supplied input by the debug shell of an affected device. An attacker could exploit this vulnerability by sending a crafted SSH client command to the CLI. A successful exploit could allow the attacker to access sensitive information on the underlying operating system. | ||||
| CVE-2025-20350 | 1 Cisco | 38 Desk Phone 9841, Desk Phone 9841 Firmware, Desk Phone 9851 and 35 more | 2025-12-04 | 7.5 High |
| A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to a buffer overflow when an affected device processes HTTP packets. An attacker could exploit this vulnerability by sending crafted HTTP input to the device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default. | ||||
| CVE-2025-20351 | 1 Cisco | 38 Desk Phone 9841, Desk Phone 9841 Firmware, Desk Phone 9851 and 35 more | 2025-12-04 | 6.1 Medium |
| A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI. This vulnerability exists because the web UI of an affected device does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Note: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default. | ||||
| CVE-2025-20289 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Software | 2025-12-04 | 4.8 Medium |
| Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on the affected device. | ||||
| CVE-2025-20303 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Software | 2025-12-04 | 5.4 Medium |
| Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on the affected device. | ||||
| CVE-2025-20305 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Software | 2025-12-04 | 4.3 Medium |
| A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because certain files lack proper data protection mechanisms. An attacker with read-only Administrator privileges could exploit this vulnerability by performing actions where the results should only be viewable to a high-privileged user. A successful exploit could allow the attacker to view passwords that are normally not visible to read-only administrators. | ||||
| CVE-2025-20304 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Software | 2025-12-04 | 5.4 Medium |
| Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on the affected device. | ||||
| CVE-2025-20329 | 1 Cisco | 2 Roomos, Telepresence Collaboration Endpoint | 2025-12-01 | 4.9 Medium |
| A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability exists because certain unencrypted credentials are stored when SIP media component logging is enabled. An attacker could exploit this vulnerability by accessing the audit logs on an affected system and obtaining credentials to which they may not normally have access. A successful exploit could allow the attacker to use those credentials to access confidential information, some of which may contain personally identifiable information (PII). Note: To access the logs that are stored in the Webex Cloud or stored on the device itself, an attacker must have valid administrative credentials. | ||||
| CVE-2025-20346 | 1 Cisco | 2 Catalyst Center, Digital Network Architecture Center | 2025-12-01 | 4.3 Medium |
| A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials. This vulnerability is due to improper role-based access control (RBAC). An attacker could exploit this vulnerability by logging in to an affected system and modifying certain policy configurations. A successful exploit could allow the attacker to modify policy configurations that are reserved for the Administrator role. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer. | ||||
| CVE-2025-20377 | 1 Cisco | 2 Unified Contact Center Express, Unified Intelligence Center | 2025-11-21 | 4.3 Medium |
| A vulnerability in the API subsystem of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to obtain sensitive information from an affected system. This vulnerability is due to improper validation of requests to certain API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive information on the affected system that should be restricted. To exploit this vulnerability, the attacker must have valid user credentials on the affected system. | ||||
| CVE-2025-20349 | 1 Cisco | 2 Catalyst Center, Dna Center | 2025-11-19 | 6.3 Medium |
| A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to inject arbitrary commands that would then be executed in a restricted container with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer. | ||||
| CVE-2025-20353 | 1 Cisco | 1 Catalyst Center | 2025-11-19 | 6.1 Medium |
| A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. | ||||
| CVE-2025-20343 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Software | 2025-11-19 | 8.6 High |
| A vulnerability in the RADIUS setting Reject RADIUS requests from clients with repeated failures on Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause Cisco ISE to restart unexpectedly. This vulnerability is due to a logic error when processing a RADIUS access request for a MAC address that is already a rejected endpoint. An attacker could exploit this vulnerability by sending a specific sequence of multiple crafted RADIUS access request messages to Cisco ISE. A successful exploit could allow the attacker to cause a denial of service (DoS) condition when Cisco ISE restarts. | ||||
| CVE-2025-20374 | 1 Cisco | 1 Unified Contact Center Express | 2025-11-17 | 4.9 Medium |
| A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to perform a directory traversal and access arbitrary resources. This vulnerability is due to an insufficient input validation associated to specific UI features. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to arbitrary files on the underlying operating system. To exploit this vulnerability, the attacker must have valid administrative credentials. | ||||
| CVE-2025-20375 | 1 Cisco | 1 Unified Contact Center Express | 2025-11-17 | 6.5 Medium |
| A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files. This vulnerability is due to an insufficient input validation associated to specific UI features. An attacker could exploit this vulnerability by uploading a crafted file to the web UI. A successful exploit could allow the attacker to upload arbitrary files to a vulnerable system and execute them, gaining access to the underlying operating system. To exploit this vulnerability, the attacker must have valid administrative credentials. | ||||