Cisco Security Advisory https://tools.cisco.com/security/center/psirtrss20/CiscoSecurityAdvisory.xml en-us 1992-2010 Cisco Systems, Inc. All rights reserved. Cisco Security Advisory Cisco Systems, Inc. 15 Cisco Web Security Appliance Native FTP Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Web%20Security%20Appliance%20Native%20FTP%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance Native FTP Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the native pass-through FTP functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to high CPU utilization.<br /> &nbsp;<br /> The vulnerability is due to how the FTP client terminates the FTP control connection when the data transfer is complete. An attacker could exploit this vulnerability by initiating FTP connections through the WSA. An exploit could allow the attacker to cause high CPU utilization of the Cisco WSA proxy process, causing a partial DoS condition. Successful exploitation depends on the FTP client the attacker uses and how that FTP client closes the FTP control connection.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance Native FTP Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the native pass-through FTP functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to high CPU utilization.<br /> &nbsp;<br /> The vulnerability is due to how the FTP client terminates the FTP control connection when the data transfer is complete. An attacker could exploit this vulnerability by initiating FTP connections through the WSA. An exploit could allow the attacker to cause high CPU utilization of the Cisco WSA proxy process, causing a partial DoS condition. Successful exploitation depends on the FTP client the attacker uses and how that FTP client closes the FTP control connection.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1440 Mon, 27 Jun 2016 18:40:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa Cisco IOS and Cisco IOS XE ntp Subsystem Unauthorized Access Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20and%20Cisco%20IOS%20XE%20ntp%20Subsystem%20Unauthorized%20Access%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and Cisco IOS XE ntp Subsystem Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the <em>ntp </em>subsystem of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to mobilize <em>ntp </em>associations.<br /> <br /> The vulnerability is due to missing authorization checks on certain <em>ntp </em>packets. An attacker could exploit this vulnerability by ingressing malicious packets to the <em>ntp </em>daemon. An exploit could allow the attacker to control the time of the affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and Cisco IOS XE ntp Subsystem Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the <em>ntp </em>subsystem of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to mobilize <em>ntp </em>associations.<br /> <br /> The vulnerability is due to missing authorization checks on certain <em>ntp </em>packets. An attacker could exploit this vulnerability by ingressing malicious packets to the <em>ntp </em>daemon. An exploit could allow the attacker to control the time of the affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1384 Thu, 23 Jun 2016 20:02:30 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios Vulnerability in GNU glibc Affecting Cisco Products: February 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Vulnerability%20in%20GNU%20glibc%20Affecting%20Cisco%20Products:%20February%202016&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Vulnerability in GNU glibc Affecting Cisco Products: February 2016" border='0' height='0' width='0'></img>On February 16, 2016, an industry-wide, critical vulnerability in the GNU C library (<em>glibc</em>) was publicly disclosed.<br /> <br /> Multiple Cisco products incorporate a version of <em>glibc </em>that may be&nbsp;affected by the vulnerability. The vulnerability could allow an unauthenticated, remote attacker to trigger a buffer overflow condition that may result in a denial of service (DoS) condition or allow the attacker to execute arbitrary code on an affected device.<br /> <br /> Cisco will release software updates that address this vulnerability.<br /> <br /> Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Vulnerability in GNU glibc Affecting Cisco Products: February 2016" border='0' height='0' width='0'></img>On February 16, 2016, an industry-wide, critical vulnerability in the GNU C library (<em>glibc</em>) was publicly disclosed.<br /> <br /> Multiple Cisco products incorporate a version of <em>glibc </em>that may be&nbsp;affected by the vulnerability. The vulnerability could allow an unauthenticated, remote attacker to trigger a buffer overflow condition that may result in a denial of service (DoS) condition or allow the attacker to execute arbitrary code on an affected device.<br /> <br /> Cisco will release software updates that address this vulnerability.<br /> <br /> Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2015-7547 Thu, 23 Jun 2016 19:30:54 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20May%202016&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016 " border='0' height='0' width='0'></img>On May 3, 2016, the OpenSSL Software Foundation released a security advisory that included six vulnerabilities. Of the six vulnerabilities disclosed, four of them may cause memory corruption or excessive memory usage, one could allow a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server supports AES-NI, and, lastly, one is specific to a product performing an operation with<em> </em>Extended Binary Coded Decimal Interchange Code (EBCDIC) encoding.<br /> <br /> Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities. <br /> <br /> This advisory will be updated as additional information becomes available. <br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016 " border='0' height='0' width='0'></img>On May 3, 2016, the OpenSSL Software Foundation released a security advisory that included six vulnerabilities. Of the six vulnerabilities disclosed, four of them may cause memory corruption or excessive memory usage, one could allow a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server supports AES-NI, and, lastly, one is specific to a product performing an operation with<em> </em>Extended Binary Coded Decimal Interchange Code (EBCDIC) encoding.<br /> <br /> Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities. <br /> <br /> This advisory will be updated as additional information becomes available. <br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-2105,CVE-2016-2106,CVE-2016-2107,CVE-2016-2108,CVE-2016-2109,CVE-2016-2176 Wed, 22 Jun 2016 17:22:16 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl Cisco WebEx Meeting Center Improved Logging Capabilities http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160526-wmc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20WebEx%20Meeting%20Center%20Improved%20Logging%20Capabilities&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco WebEx Meeting Center Improved Logging Capabilities" border='0' height='0' width='0'></img>Cisco WebEx Meeting Center user accounts are subject to enumeration via Personal Meeting Rooms (PMRs). This advisory documents that an administrative update has been made to improve the logging of connections to the PMRs.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160526-wmc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160526-wmc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco WebEx Meeting Center Improved Logging Capabilities" border='0' height='0' width='0'></img>Cisco WebEx Meeting Center user accounts are subject to enumeration via Personal Meeting Rooms (PMRs). This advisory documents that an administrative update has been made to improve the logging of connections to the PMRs.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160526-wmc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160526-wmc</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1410 Wed, 22 Jun 2016 17:15:19 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160526-wmc Cisco Prime Collaboration Deployment SQL Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160621-pcd?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Collaboration%20Deployment%20SQL%20Injection%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Deployment SQL Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the interface of the Cisco Prime Collaboration Deployment SQL database could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries.<br /> <br /> The vulnerability is due to a lack of input validation for user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious SQL statements to an affected system. A successful exploit could allow the attacker to determine the presence of certain values in the database.<br /> <br /> For additional information, please refer to <a href="https://www.owasp.org/index.php/SQL_Injection"> https://www.owasp.org/index.php/SQL_Injection</a>.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160621-pcd">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160621-pcd</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Deployment SQL Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the interface of the Cisco Prime Collaboration Deployment SQL database could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries.<br /> <br /> The vulnerability is due to a lack of input validation for user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious SQL statements to an affected system. A successful exploit could allow the attacker to determine the presence of certain values in the database.<br /> <br /> For additional information, please refer to <a href="https://www.owasp.org/index.php/SQL_Injection"> https://www.owasp.org/index.php/SQL_Injection</a>.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160621-pcd">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160621-pcd</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1437 Wed, 22 Jun 2016 14:36:37 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160621-pcd Cisco Email Security Appliance .zip File Scanning Security Bypass Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-esa?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Email%20Security%20Appliance%20.zip%20File%20Scanning%20Security%20Bypass%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Email Security Appliance .zip File Scanning Security Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the anti-spam filter of the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass anti-spam filtering functionality on an affected system.<br /> &nbsp;<br /> The vulnerability is due to improper handling of content in <em>.zip</em> files. An attacker could exploit this vulnerability by sending a malicious <em>.zip</em> file that contains embedded executable content, which could be used to cause additional harm to the system.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-esa">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-esa</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Email Security Appliance .zip File Scanning Security Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the anti-spam filter of the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass anti-spam filtering functionality on an affected system.<br /> &nbsp;<br /> The vulnerability is due to improper handling of content in <em>.zip</em> files. An attacker could exploit this vulnerability by sending a malicious <em>.zip</em> file that contains embedded executable content, which could be used to cause additional harm to the system.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-esa">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-esa</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1438 Wed, 22 Jun 2016 14:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-esa Cisco Unified Contact Center Enterprise Web-Based Management Interface Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-ucce?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Contact%20Center%20Enterprise%20Web-Based%20Management%20Interface%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Contact Center Enterprise Web-Based Management Interface Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP web-based management interface of Cisco Unified Contact Center Enterprise Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system.<br /> &nbsp;<br /> The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by persuading a user to click a specific link.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-ucce">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-ucce</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Contact Center Enterprise Web-Based Management Interface Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP web-based management interface of Cisco Unified Contact Center Enterprise Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system.<br /> &nbsp;<br /> The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by persuading a user to click a specific link.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-ucce">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-ucce</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1439 Wed, 22 Jun 2016 13:30:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-ucce Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv3?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20RV110W,%20RV130W,%20and%20RV215W%20Routers%20HTTP%20Request%20Buffer%20Overflow%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco&nbsp;RV110W Wireless-N VPN Firewalls, Cisco&nbsp;RV130W Wireless-N Multifunction VPN Routers, and Cisco&nbsp;RV215W Wireless-N VPN Routers could allow an authenticated, remote attacker to cause a buffer overflow on a targeted system, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper sanitization of user-supplied input for fields in HTTP requests that are sent when a user configures an affected device by using the web-based management interface for the device. An attacker could exploit this vulnerability by sending an HTTP request that contains configuration commands with a crafted payload. A successful exploit could allow the attacker to cause a buffer overflow on the targeted system, which could cause the device to reload unexpectedly and result in a DoS condition.<br /> <br /> Cisco has released firmware updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv3">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv3</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco&nbsp;RV110W Wireless-N VPN Firewalls, Cisco&nbsp;RV130W Wireless-N Multifunction VPN Routers, and Cisco&nbsp;RV215W Wireless-N VPN Routers could allow an authenticated, remote attacker to cause a buffer overflow on a targeted system, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper sanitization of user-supplied input for fields in HTTP requests that are sent when a user configures an affected device by using the web-based management interface for the device. An attacker could exploit this vulnerability by sending an HTTP request that contains configuration commands with a crafted payload. A successful exploit could allow the attacker to cause a buffer overflow on the targeted system, which could cause the device to reload unexpectedly and result in a DoS condition.<br /> <br /> Cisco has released firmware updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv3">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv3</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1398 Tue, 21 Jun 2016 22:03:18 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv3 Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20RV110W,%20RV130W,%20and%20RV215W%20Routers%20HTTP%20Request%20Buffer%20Overflow%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco&nbsp;RV110W Wireless-N VPN Firewalls, Cisco&nbsp;RV130W Wireless-N Multifunction VPN Routers, and Cisco&nbsp;RV215W Wireless-N VPN Routers could allow an authenticated, remote attacker to cause a buffer overflow on a targeted system, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper sanitization of user-supplied input for fields in HTTP requests that are sent when a user configures an affected device by using the web-based management interface for the device. An attacker could exploit this vulnerability by sending an HTTP request that contains configuration commands with a crafted payload. A successful exploit could allow the attacker to cause a buffer overflow on the targeted system, which could cause the device to reload unexpectedly and result in a DoS condition.<br /> <br /> Cisco has released firmware updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco&nbsp;RV110W Wireless-N VPN Firewalls, Cisco&nbsp;RV130W Wireless-N Multifunction VPN Routers, and Cisco&nbsp;RV215W Wireless-N VPN Routers could allow an authenticated, remote attacker to cause a buffer overflow on a targeted system, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper sanitization of user-supplied input for fields in HTTP requests that are sent when a user configures an affected device by using the web-based management interface for the device. An attacker could exploit this vulnerability by sending an HTTP request that contains configuration commands with a crafted payload. A successful exploit could allow the attacker to cause a buffer overflow on the targeted system, which could cause the device to reload unexpectedly and result in a DoS condition.<br /> <br /> Cisco has released firmware updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv2</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1397 Tue, 21 Jun 2016 22:03:14 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv2 Cisco RV110W, RV130W, and RV215W Routers Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20RV110W,%20RV130W,%20and%20RV215W%20Routers%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco RV110W, RV130W, and RV215W Routers Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco&nbsp;RV110W Wireless-N VPN Firewalls, Cisco&nbsp;RV130W Wireless-N Multifunction VPN Routers, and Cisco&nbsp;RV215W Wireless-N VPN Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface for a targeted device.<br /> <br /> The vulnerability is due to improper input validation of certain parameters that are sent to an affected device via the HTTP GET or HTTP POST method. An unauthenticated, remote attacker could exploit this vulnerability by persuading a user to follow a link that is designed to submit malicious input to an affected device. A successful exploit could allow the attacker to execute arbitrary script in the context of the web-based management interface for the device or allow the attacker to access sensitive browser-based information.<br /> <br /> Cisco has released firmware updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco RV110W, RV130W, and RV215W Routers Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco&nbsp;RV110W Wireless-N VPN Firewalls, Cisco&nbsp;RV130W Wireless-N Multifunction VPN Routers, and Cisco&nbsp;RV215W Wireless-N VPN Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface for a targeted device.<br /> <br /> The vulnerability is due to improper input validation of certain parameters that are sent to an affected device via the HTTP GET or HTTP POST method. An unauthenticated, remote attacker could exploit this vulnerability by persuading a user to follow a link that is designed to submit malicious input to an affected device. A successful exploit could allow the attacker to execute arbitrary script in the context of the web-based management interface for the device or allow the attacker to access sensitive browser-based information.<br /> <br /> Cisco has released firmware updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1396 Tue, 21 Jun 2016 22:03:12 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv1 Cisco RV110W, RV130W, and RV215W Routers Arbitrary Code Execution Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20RV110W,%20RV130W,%20and%20RV215W%20Routers%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco RV110W, RV130W, and RV215W Routers Arbitrary Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code as <em>root</em> on a targeted system.<br /> &nbsp;<br /> The vulnerability is due to insufficient sanitization of HTTP user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request with custom user data. An exploit could allow the attacker to execute arbitrary code with <em>root</em>-level privileges on the affected system, which could be leveraged to conduct further attacks.<br /> <br /> Cisco has released firmware updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco RV110W, RV130W, and RV215W Routers Arbitrary Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code as <em>root</em> on a targeted system.<br /> &nbsp;<br /> The vulnerability is due to insufficient sanitization of HTTP user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request with custom user data. An exploit could allow the attacker to execute arbitrary code with <em>root</em>-level privileges on the affected system, which could be leveraged to conduct further attacks.<br /> <br /> Cisco has released firmware updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2016-1395 Tue, 21 Jun 2016 19:49:05 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv Cisco ASR 5000 Series Packet Data Network Gateway Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160621-asr?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ASR%205000%20Series%20Packet%20Data%20Network%20Gateway%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASR 5000 Series Packet Data Network Gateway Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the implementation of General Packet Radio Switching Tunneling Protocol Version 1 (GTPv1) in Cisco ASR 5000 Series Packet Data Network Gateways could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to an unexpected restart of the Session Manager process for the device.<br /> <br /> The vulnerability is due to improper input validation of GTPv1 packet headers. An attacker could exploit this vulnerability by sending a crafted GTPv1 packet to a targeted device. A successful exploit could allow the attacker to cause the Session Manager process for the device to restart unexpectedly, resulting in a DoS condition.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160621-asr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160621-asr</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASR 5000 Series Packet Data Network Gateway Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the implementation of General Packet Radio Switching Tunneling Protocol Version 1 (GTPv1) in Cisco ASR 5000 Series Packet Data Network Gateways could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to an unexpected restart of the Session Manager process for the device.<br /> <br /> The vulnerability is due to improper input validation of GTPv1 packet headers. An attacker could exploit this vulnerability by sending a crafted GTPv1 packet to a targeted device. A successful exploit could allow the attacker to cause the Session Manager process for the device to restart unexpectedly, resulting in a DoS condition.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160621-asr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160621-asr</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1436 Tue, 21 Jun 2016 11:30:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160621-asr Cisco Integrated Services Routers OpenSSH TCP Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-isr?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Integrated%20Services%20Routers%20OpenSSH%20TCP%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Integrated Services Routers OpenSSH TCP Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the handling of Secure Shell (SSH) TCP packets in the Cisco Integrated Services Routers (ISR) models 800, 819, and 829, could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to low memory on the device.<br /> <br /> The vulnerability is due to the handling of out-of-order, or otherwise invalid, TCP packets on an SSH connection to the device. An attacker could exploit this vulnerability by connecting via SSH to the device and then crafting TCP packets which are out of order or have invalid flags. An exploit could allow the attacker to cause the device to report low-memory warnings which could in turn cause a partial DoS condition.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-isr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-isr</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Integrated Services Routers OpenSSH TCP Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the handling of Secure Shell (SSH) TCP packets in the Cisco Integrated Services Routers (ISR) models 800, 819, and 829, could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to low memory on the device.<br /> <br /> The vulnerability is due to the handling of out-of-order, or otherwise invalid, TCP packets on an SSH connection to the device. An attacker could exploit this vulnerability by connecting via SSH to the device and then crafting TCP packets which are out of order or have invalid flags. An exploit could allow the attacker to cause the device to report low-memory warnings which could in turn cause a partial DoS condition.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-isr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-isr</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2015-6289 Mon, 20 Jun 2016 20:45:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-isr Cisco IOS XE Software SNMP Subsystem Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-iosxe?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20XE%20Software%20SNMP%20Subsystem%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XE Software SNMP Subsystem Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the SNMP subsystem of Cisco IOS XE software could allow an authenticated, remote attacker to create a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to an attempt to double free a region of memory when processing a series of SNMP read requests that contains certain criteria for a specific object ID (OID). An attacker who can authenticate to an affected device may submit a series of valid but specially formed SNMP requests designed to trigger the vulnerability. Successful exploitation will cause the device to restart because of an attempt to access an invalid memory region.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-iosxe">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-iosxe</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XE Software SNMP Subsystem Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the SNMP subsystem of Cisco IOS XE software could allow an authenticated, remote attacker to create a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to an attempt to double free a region of memory when processing a series of SNMP read requests that contains certain criteria for a specific object ID (OID). An attacker who can authenticate to an affected device may submit a series of valid but specially formed SNMP requests designed to trigger the vulnerability. Successful exploitation will cause the device to restart because of an attempt to access an invalid memory region.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-iosxe">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-iosxe</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1428 Mon, 20 Jun 2016 15:09:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-iosxe Cisco 8800 Series IP Phone Directory Traversal Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ip-phone?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%208800%20Series%20IP%20Phone%20Directory%20Traversal%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco 8800 Series IP Phone Directory Traversal Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the license upload interface of Cisco 8800 Series IP Phones could allow an authenticated, remote attacker to delete arbitrary files from the filesystem.<br /> <br /> The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by uploading invalid files to an affected device via the certificate upload interface for the device. A successful exploit could allow the attacker to delete files in arbitrary locations on the filesystem.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ip-phone">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ip-phone</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco 8800 Series IP Phone Directory Traversal Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the license upload interface of Cisco 8800 Series IP Phones could allow an authenticated, remote attacker to delete arbitrary files from the filesystem.<br /> <br /> The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by uploading invalid files to an affected device via the certificate upload interface for the device. A successful exploit could allow the attacker to delete files in arbitrary locations on the filesystem.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ip-phone">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ip-phone</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1434 Mon, 20 Jun 2016 14:30:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ip-phone Cisco 8800 Series IP Phone Filesystem Permission Enforcement Unauthorized Access Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ipp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%208800%20Series%20IP%20Phone%20Filesystem%20Permission%20Enforcement%20Unauthorized%20Access%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco 8800 Series IP Phone Filesystem Permission Enforcement Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the mounted filesystem of Cisco 8800 Series IP Phones could allow an authenticated, remote attacker to access any file, including the right to change the file mode, on a targeted device.<br /> <br /> The vulnerability is due to insufficient enforcement of filesystem permissions. An attacker could exploit this vulnerability by leveraging another exploit that allows the attacker to gain access to an unprivileged shell. A successful exploit could allow the attacker to modify or replace existing system files with malicious files.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ipp">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ipp</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco 8800 Series IP Phone Filesystem Permission Enforcement Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the mounted filesystem of Cisco 8800 Series IP Phones could allow an authenticated, remote attacker to access any file, including the right to change the file mode, on a targeted device.<br /> <br /> The vulnerability is due to insufficient enforcement of filesystem permissions. An attacker could exploit this vulnerability by leveraging another exploit that allows the attacker to gain access to an unprivileged shell. A successful exploit could allow the attacker to modify or replace existing system files with malicious files.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ipp">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ipp</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1435 Mon, 20 Jun 2016 14:30:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ipp Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Products%20IPv6%20Neighbor%20Discovery%20Crafted%20Packet%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the IP Version 6 (IPv6) packet processing functions of multiple Cisco products could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service (DoS) condition on the device.<br /> <br /> The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 Neighbor Discovery (ND) packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on the device.<br /> <br /> This vulnerability is not Cisco specific: any IPv6 processing unit not capable of dropping such packets early in the processing path or in hardware is affected by this vulnerability.<br /> <br /> Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the IP Version 6 (IPv6) packet processing functions of multiple Cisco products could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service (DoS) condition on the device.<br /> <br /> The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 Neighbor Discovery (ND) packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on the device.<br /> <br /> This vulnerability is not Cisco specific: any IPv6 processing unit not capable of dropping such packets early in the processing path or in hardware is affected by this vulnerability.<br /> <br /> Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1409 Mon, 20 Jun 2016 13:57:40 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6 Cisco IOS Software Link Layer Discovery Protocol Processing Code Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-ios?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20Software%20Link%20Layer%20Discovery%20Protocol%20Processing%20Code%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS Software Link Layer Discovery Protocol Processing Code Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Link Layer Discovery Protocol (LLDP) packet processing code of Cisco IOS Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash. <br /> <br /> The vulnerability is due to improper handling of crafted LLDP packets. An attacker could exploit this vulnerability by sending a specially crafted LLDP packet. An exploit could allow the attacker to cause a Denial of Service (DoS) condition on an affected platform.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-ios">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-ios</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS Software Link Layer Discovery Protocol Processing Code Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Link Layer Discovery Protocol (LLDP) packet processing code of Cisco IOS Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash. <br /> <br /> The vulnerability is due to improper handling of crafted LLDP packets. An attacker could exploit this vulnerability by sending a specially crafted LLDP packet. An exploit could allow the attacker to cause a Denial of Service (DoS) condition on an affected platform.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-ios">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-ios</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1424 Fri, 17 Jun 2016 00:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-ios Cisco cBR-8 Series Converged Broadband Router SNMP Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160617-cbr?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20cBR-8%20Series%20Converged%20Broadband%20Router%20SNMP%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco cBR-8 Series Converged Broadband Router SNMP Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Simple Network Management Protocol&nbsp;(SNMP) subsystem of Cisco&nbsp;IOS XE Software running on Cisco cBR-8 Series Converged Broadband Routers could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.<br /> &nbsp;<br /> The vulnerability exists because the affected platform does not properly trap SNMP read requests for a specific object ID that is not supported by the platform. When such a request is processed, the SNMP process may attempt to reference a pointer with a NULL value. To exploit this vulnerability, an attacker who can authenticate to an affected device may submit a specific, valid SNMP request. A successful exploit will cause the supervisor card that serviced the request to restart, due to an attempt to access an invalid memory region, and result in a DoS condition.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160617-cbr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160617-cbr</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco cBR-8 Series Converged Broadband Router SNMP Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Simple Network Management Protocol&nbsp;(SNMP) subsystem of Cisco&nbsp;IOS XE Software running on Cisco cBR-8 Series Converged Broadband Routers could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.<br /> &nbsp;<br /> The vulnerability exists because the affected platform does not properly trap SNMP read requests for a specific object ID that is not supported by the platform. When such a request is processed, the SNMP process may attempt to reference a pointer with a NULL value. To exploit this vulnerability, an attacker who can authenticate to an affected device may submit a specific, valid SNMP request. A successful exploit will cause the supervisor card that serviced the request to restart, due to an attempt to access an invalid memory region, and result in a DoS condition.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160617-cbr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160617-cbr</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1432 Fri, 17 Jun 2016 12:30:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160617-cbr Cisco Firepower Management Center Persistent Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160617-fmc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Firepower%20Management%20Center%20Persistent%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Firepower Management Center Persistent Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP framework of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against an affected device.<br /> <br /> The vulnerability is due to insufficient filtering of output data. An attacker could exploit this vulnerability by persuading a user to follow a link to a malicious site or by intercepting a user request and injecting malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script in the context of the site or access sensitive browser-based information.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160617-fmc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160617-fmc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Firepower Management Center Persistent Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP framework of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against an affected device.<br /> <br /> The vulnerability is due to insufficient filtering of output data. An attacker could exploit this vulnerability by persuading a user to follow a link to a malicious site or by intercepting a user request and injecting malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script in the context of the site or access sensitive browser-based information.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160617-fmc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160617-fmc</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1431 Fri, 17 Jun 2016 11:30:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160617-fmc Cisco IOS Software Link Layer Discovery Protocol Processing Code Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-ios1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20Software%20Link%20Layer%20Discovery%20Protocol%20Processing%20Code%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS Software Link Layer Discovery Protocol Processing Code Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Link Layer Discovery Protocol (LLDP) packet processing code of Cisco IOS could allow an unauthenticated, adjacent attacker to cause the crash of an affected device. <br /> <br /> The vulnerability is due to improper handling of crafted LLDP packets. An attacker could exploit this vulnerability by sending a specially crafted LLDP packet. An exploit could allow the attacker to cause a Denial of Service (DoS) condition on an affected platform.&nbsp;<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-ios1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-ios1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS Software Link Layer Discovery Protocol Processing Code Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Link Layer Discovery Protocol (LLDP) packet processing code of Cisco IOS could allow an unauthenticated, adjacent attacker to cause the crash of an affected device. <br /> <br /> The vulnerability is due to improper handling of crafted LLDP packets. An attacker could exploit this vulnerability by sending a specially crafted LLDP packet. An exploit could allow the attacker to cause a Denial of Service (DoS) condition on an affected platform.&nbsp;<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-ios1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-ios1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1425 Fri, 17 Jun 2016 00:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-ios1 Cisco Prime Network Registrar System Configuration Protocol Information Disclosure Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-pnr?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Network%20Registrar%20System%20Configuration%20Protocol%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Network Registrar System Configuration Protocol Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the System Configuration Protocol (SCP) core messaging interface of the Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> The vulnerability is due to lack of proper authentication controls for SCP messages. An attacker could exploit this vulnerability by sending specific SCP protocol messages to the targeted application. An exploit could allow the attacker to learn sensitive information about the application.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-pnr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-pnr</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Network Registrar System Configuration Protocol Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the System Configuration Protocol (SCP) core messaging interface of the Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> The vulnerability is due to lack of proper authentication controls for SCP messages. An attacker could exploit this vulnerability by sending specific SCP protocol messages to the targeted application. An exploit could allow the attacker to learn sensitive information about the application.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-pnr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-pnr</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1427 Thu, 16 Jun 2016 21:15:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-pnr Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20Network%20Time%20Protocol%20Daemon%20Affecting%20Cisco%20Products:%20June%202016&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016" border='0' height='0' width='0'></img>Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (NTP) server.<br /> <br /> On June 2, 2016, the NTP Consortium of the Network Time Foundation released a security notice that details five issues regarding DoS vulnerabilities and logic issues that may allow an attacker to shift a system's time.&nbsp;<br /> <br /> The new vulnerabilities disclosed in this document are as follows:<br /> <br /> <ul> <li>Network Time Protocol CRYPTO-NAK Denial of Service Vulnerability</li> <li>Network Time Protocol Bad Authentication Demobilizes Ephemeral Associations Vulnerability</li> <li>Network Time Protocol Processing Spoofed Server Packets Vulnerability</li> <li>Network Time Protocol Autokey Association Reset Vulnerability</li> <li>Network Time Protocol Broadcast Interleave Vulnerability</li> </ul> Additional details about each vulnerability are in the&nbsp;<a href="http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security">NTP Consortium Security Notice</a>.<br /> <br /> Cisco will release software updates that address these vulnerabilities.<br /> <br /> Workarounds that address one or more of these vulnerabilities may be available and will be documented in the Cisco bug for each affected product.<br /> <br /> This advisory is available at the following link:&nbsp;<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd</a><br /> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016" border='0' height='0' width='0'></img>Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (NTP) server.<br /> <br /> On June 2, 2016, the NTP Consortium of the Network Time Foundation released a security notice that details five issues regarding DoS vulnerabilities and logic issues that may allow an attacker to shift a system's time.&nbsp;<br /> <br /> The new vulnerabilities disclosed in this document are as follows:<br /> <br /> <ul> <li>Network Time Protocol CRYPTO-NAK Denial of Service Vulnerability</li> <li>Network Time Protocol Bad Authentication Demobilizes Ephemeral Associations Vulnerability</li> <li>Network Time Protocol Processing Spoofed Server Packets Vulnerability</li> <li>Network Time Protocol Autokey Association Reset Vulnerability</li> <li>Network Time Protocol Broadcast Interleave Vulnerability</li> </ul> Additional details about each vulnerability are in the&nbsp;<a href="http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security">NTP Consortium Security Notice</a>.<br /> <br /> Cisco will release software updates that address these vulnerabilities.<br /> <br /> Workarounds that address one or more of these vulnerabilities may be available and will be documented in the Cisco bug for each affected product.<br /> <br /> This advisory is available at the following link:&nbsp;<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd</a><br /> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-4953,CVE-2016-4954,CVE-2016-4955,CVE-2016-4956,CVE-2016-4957 Wed, 15 Jun 2016 15:51:32 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd Cisco Application Policy Infrastructure Controller Binary Files Privilege Escalation Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Application%20Policy%20Infrastructure%20Controller%20Binary%20Files%20Privilege%20Escalation%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application Policy Infrastructure Controller Binary Files Privilege Escalation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the installation procedure for Cisco&nbsp;Application Policy Infrastructure Controller&nbsp;(APIC) devices could allow an authenticated, local attacker to gain <em>root</em>-level privileges.<br /> <br /> The vulnerability is due to the use of incorrect installation and permissions settings for binary files during installation of the system software on a device. An attacker could exploit this vulnerability by logging in to the device and escalating their privileges. A successful exploit could allow the attacker to gain <em>root</em>-level privileges and take full control of the device.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application Policy Infrastructure Controller Binary Files Privilege Escalation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the installation procedure for Cisco&nbsp;Application Policy Infrastructure Controller&nbsp;(APIC) devices could allow an authenticated, local attacker to gain <em>root</em>-level privileges.<br /> <br /> The vulnerability is due to the use of incorrect installation and permissions settings for binary files during installation of the system software on a device. An attacker could exploit this vulnerability by logging in to the device and escalating their privileges. A successful exploit could allow the attacker to gain <em>root</em>-level privileges and take full control of the device.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1420 Thu, 09 Jun 2016 20:34:41 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic Cisco Aironet 3800 Series Access Point Platforms ARP Request Handling Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160608-aironet?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Aironet%203800%20Series%20Access%20Point%20Platforms%20ARP%20Request%20Handling%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Aironet 3800 Series Access Point Platforms ARP Request Handling Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability exists in Cisco Access Point (AP) platforms when processing Address Resolution Protocol (ARP) packets that could allow an unauthenticated, adjacent attacker to inject crafted entries into the ARP table and eventually cause a reload of the affected device.<br /> <br /> The vulnerability is due to improper processing of illegal ARP packets. An attacker could exploit this vulnerability by sending crafted ARP packets to be processed by an affected device. An exploit could allow the attacker to inject crafted entries in the ARP table and eventually cause a reload of the device.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160608-aironet">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160608-aironet</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Aironet 3800 Series Access Point Platforms ARP Request Handling Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability exists in Cisco Access Point (AP) platforms when processing Address Resolution Protocol (ARP) packets that could allow an unauthenticated, adjacent attacker to inject crafted entries into the ARP table and eventually cause a reload of the affected device.<br /> <br /> The vulnerability is due to improper processing of illegal ARP packets. An attacker could exploit this vulnerability by sending crafted ARP packets to be processed by an affected device. An exploit could allow the attacker to inject crafted entries in the ARP table and eventually cause a reload of the device.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160608-aironet">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160608-aironet</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1419 Thu, 09 Jun 2016 13:30:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160608-aironet Cisco IP Phone 8800 Series Web Application Buffer Overflow Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IP%20Phone%208800%20Series%20Web%20Application%20Buffer%20Overflow%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IP Phone 8800 Series Web Application Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco&nbsp;IP 8800 Series Phone web application could allow an unauthenticated, remote attacker to cause the web server process to become unavailable, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability exists because the affected software fails to check the bounds of input data. An attacker could exploit this vulnerability by sending a malicious request to the web server, which could cause the service to crash. A successful exploit could allow the attacker to trigger a buffer overflow and create a DoS condition on the targeted system.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IP Phone 8800 Series Web Application Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco&nbsp;IP 8800 Series Phone web application could allow an unauthenticated, remote attacker to cause the web server process to become unavailable, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability exists because the affected software fails to check the bounds of input data. An attacker could exploit this vulnerability by sending a malicious request to the web server, which could cause the service to crash. A successful exploit could allow the attacker to trigger a buffer overflow and create a DoS condition on the targeted system.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1421 Thu, 09 Jun 2016 08:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp Cisco IOS XR Software LPTS Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20XR%20Software%20LPTS%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XR Software LPTS Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Local Packet Transport Services (LPTS) network stack of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a limited denial of service (DoS) condition on an affected platform.<br /> <br /> The vulnerability is due to improper handling of flow base entries by LPTS. This can cause too many known entries for a protocol to be created, causing existing or new sessions to be dropped. An attacker could exploit this vulnerability by sending continuous connection attempts to open TCP ports to cause an exhaustion of services. An exploit could allow the attacker to cause a limited DoS condition on an affected platform.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XR Software LPTS Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Local Packet Transport Services (LPTS) network stack of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a limited denial of service (DoS) condition on an affected platform.<br /> <br /> The vulnerability is due to improper handling of flow base entries by LPTS. This can cause too many known entries for a protocol to be created, causing existing or new sessions to be dropped. An attacker could exploit this vulnerability by sending continuous connection attempts to open TCP ports to cause an exhaustion of services. An exploit could allow the attacker to cause a limited DoS condition on an affected platform.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1407 Wed, 08 Jun 2016 13:58:38 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr Cisco Aironet Access Points Command-Line Interpreter Linux Shell Command Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160606-aap?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Aironet%20Access%20Points%20Command-Line%20Interpreter%20Linux%20Shell%20Command%20Injection%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Aironet Access Points Command-Line Interpreter Linux Shell Command Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the command-line interpreter of Cisco Aironet 1800, 2800, and 3800 Series Access Points could allow an authenticated, local attacker to inject commands in the Linux shell. The commands could be executed with <em>root</em>-level privileges.<br /> <br /> The vulnerability is due to improper sanitization of user-supplied input for parameters of command-line interface (CLI) commands. An attacker could exploit this vulnerability by authenticating to the affected device and executing a subset of CLI commands with crafted input for those parameters. A successful exploit could allow the attacker to execute Linux shell commands with <em>root</em>-level privileges on the affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160606-aap">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160606-aap</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Aironet Access Points Command-Line Interpreter Linux Shell Command Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the command-line interpreter of Cisco Aironet 1800, 2800, and 3800 Series Access Points could allow an authenticated, local attacker to inject commands in the Linux shell. The commands could be executed with <em>root</em>-level privileges.<br /> <br /> The vulnerability is due to improper sanitization of user-supplied input for parameters of command-line interface (CLI) commands. An attacker could exploit this vulnerability by authenticating to the affected device and executing a subset of CLI commands with crafted input for those parameters. A successful exploit could allow the attacker to execute Linux shell commands with <em>root</em>-level privileges on the affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160606-aap">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160606-aap</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1418 Mon, 06 Jun 2016 08:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160606-aap Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Infrastructure%20and%20Evolved%20Programmable%20Network%20Manager%20Remote%20Code%20Execution%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /> <br /> The vulnerability is due to insufficient sanitization of HTTP user-supplied input. An attacker could exploit this vulnerability by sending an HTTP POST with crafted deserialized user data. An exploit could allow the attacker to execute arbitrary code with <em>root</em>-level privileges on the affected system, which could be used to conduct further attacks.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds are not available.<br /> <br /> This advisory is available at the following link: <br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode</a><br /> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /> <br /> The vulnerability is due to insufficient sanitization of HTTP user-supplied input. An attacker could exploit this vulnerability by sending an HTTP POST with crafted deserialized user data. An exploit could allow the attacker to execute arbitrary code with <em>root</em>-level privileges on the affected system, which could be used to conduct further attacks.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds are not available.<br /> <br /> This advisory is available at the following link: <br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode</a><br /> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2016-1291 Fri, 03 Jun 2016 17:40:20 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode Cisco IP 8800 Series Phones btcli Utility Command Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ipp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IP%208800%20Series%20Phones%20btcli%20Utility%20Command%20Injection%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IP 8800 Series Phones btcli Utility Command Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in a command-line interface (CLI) utility of the Cisco IP 8800 Series Phones could allow an authenticated, local attacker to perform a command injection attack.<br /> <br /> The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted commands to the affected device. An exploit could allow the attacker to execute operating system commands and escalate privileges to increase the level of access to the targeted system.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ipp">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ipp</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IP 8800 Series Phones btcli Utility Command Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in a command-line interface (CLI) utility of the Cisco IP 8800 Series Phones could allow an authenticated, local attacker to perform a command injection attack.<br /> <br /> The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted commands to the affected device. An exploit could allow the attacker to execute operating system commands and escalate privileges to increase the level of access to the targeted system.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ipp">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ipp</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1403 Fri, 03 Jun 2016 00:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ipp Cisco Prime Network Analysis Module Unauthenticated Remote Code Execution Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Network%20Analysis%20Module%20Unauthenticated%20Remote%20Code%20Execution%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Network Analysis Module Unauthenticated Remote Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Network Analysis Modules could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of the affected device with the privileges of the web server.<br /> <br /> The vulnerability is due to a failure to properly sanitize user input prior to executing an external command derived from the input. An attacker could exploit the vulnerability by submitting a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands or code on the underlying operating system with the reduced privileges of the web server.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Network Analysis Module Unauthenticated Remote Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Network Analysis Modules could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of the affected device with the privileges of the web server.<br /> <br /> The vulnerability is due to a failure to properly sanitize user input prior to executing an external command derived from the input. An attacker could exploit the vulnerability by submitting a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands or code on the underlying operating system with the reduced privileges of the web server.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1388 Wed, 01 Jun 2016 16:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime Cisco Prime Network Analysis Module IPv6 Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime3?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Network%20Analysis%20Module%20IPv6%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Network Analysis Module IPv6 Denial of Service Vulnerability " border='0' height='0' width='0'></img>A vulnerability in the IPv6 packet decode function of the&nbsp;Cisco Network Analysis Module (NAM)&nbsp;could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.&nbsp;<br /> <br /> The vulnerability is due to an improper calculation of the IPv6 payload length of certain IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv6 packets on the network where the NAM is collecting and monitoring traffic. An exploit could allow the attacker to cause a DoS condition and the NAM could cease to collect and monitor traffic for a short time.<br /> <br /> Cisco has released software updates that address this vulnerability.&nbsp;There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime3">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime3</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Network Analysis Module IPv6 Denial of Service Vulnerability " border='0' height='0' width='0'></img>A vulnerability in the IPv6 packet decode function of the&nbsp;Cisco Network Analysis Module (NAM)&nbsp;could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.&nbsp;<br /> <br /> The vulnerability is due to an improper calculation of the IPv6 payload length of certain IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv6 packets on the network where the NAM is collecting and monitoring traffic. An exploit could allow the attacker to cause a DoS condition and the NAM could cease to collect and monitor traffic for a short time.<br /> <br /> Cisco has released software updates that address this vulnerability.&nbsp;There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime3">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime3</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1370 Wed, 01 Jun 2016 16:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime3 Cisco Prime Network Analysis Module Authenticated Remote Code Execution Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Network%20Analysis%20Module%20Authenticated%20Remote%20Code%20Execution%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Network Analysis Module Authenticated Remote Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Prime Network Analysis Module&nbsp;(NAM) and Cisco&nbsp;Prime Virtual Network Analysis Module&nbsp;(vNAM) could allow an authenticated, remote attacker to execute arbitrary commands or code on the host operating system with the privileges of the web server.<br /> <br /> The vulnerability is due to insufficient sanitization of user-supplied input before the input is used in subsequent operations. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary commands or code on the host operating system with the reduced privileges of the web server.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Network Analysis Module Authenticated Remote Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Prime Network Analysis Module&nbsp;(NAM) and Cisco&nbsp;Prime Virtual Network Analysis Module&nbsp;(vNAM) could allow an authenticated, remote attacker to execute arbitrary commands or code on the host operating system with the privileges of the web server.<br /> <br /> The vulnerability is due to insufficient sanitization of user-supplied input before the input is used in subsequent operations. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary commands or code on the host operating system with the reduced privileges of the web server.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime2</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1391 Wed, 01 Jun 2016 16:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime2 Cisco Prime Network Analysis Module Local Command Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Network%20Analysis%20Module%20Local%20Command%20Injection%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Network Analysis Module Local Command Injection Vulnerability " border='0' height='0' width='0'></img>A vulnerability in the command-line interface&nbsp;(CLI) of Cisco&nbsp;Prime Network Analysis Module&nbsp;(NAM) and Cisco&nbsp;Prime Virtual Network Analysis Module&nbsp;(vNAM) could allow a local, authenticated attacker to execute arbitrary commands on the host operating system with elevated privileges.<br /> <br /> The vulnerability is due to insufficient sanitization of user-supplied input that is passed to a specific command before the input is used in subsequent operations. An attacker could exploit this vulnerability by submitting crafted input to the command. A successful exploit could allow the attacker to execute arbitrary commands on the host operating system with <em>root</em> privileges.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Network Analysis Module Local Command Injection Vulnerability " border='0' height='0' width='0'></img>A vulnerability in the command-line interface&nbsp;(CLI) of Cisco&nbsp;Prime Network Analysis Module&nbsp;(NAM) and Cisco&nbsp;Prime Virtual Network Analysis Module&nbsp;(vNAM) could allow a local, authenticated attacker to execute arbitrary commands on the host operating system with elevated privileges.<br /> <br /> The vulnerability is due to insufficient sanitization of user-supplied input that is passed to a specific command before the input is used in subsequent operations. An attacker could exploit this vulnerability by submitting crafted input to the command. A successful exploit could allow the attacker to execute arbitrary commands on the host operating system with <em>root</em> privileges.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1390 Wed, 01 Jun 2016 16:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime1 Cisco ESA and WSA AMP ClamAV Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ESA%20and%20WSA%20AMP%20ClamAV%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ESA and WSA AMP ClamAV Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Clam AntiVirus (ClamAV) software that is used by Cisco Advance Malware Protection (AMP) for Cisco Email Security Appliances (ESAs) and Cisco Web Security Appliances (WSAs) could allow an unauthenticated, remote attacker to cause the AMP process to restart.<br /> <br /> The vulnerability is due to improper parsing of input files by the <em>libclamav</em> library. An attacker could exploit this vulnerability by sending a crafted document that triggers a scan from the AMP ClamAV library on an affected system. A successful exploit could allow the attacker to cause the AMP process to restart.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ESA and WSA AMP ClamAV Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Clam AntiVirus (ClamAV) software that is used by Cisco Advance Malware Protection (AMP) for Cisco Email Security Appliances (ESAs) and Cisco Web Security Appliances (WSAs) could allow an unauthenticated, remote attacker to cause the AMP process to restart.<br /> <br /> The vulnerability is due to improper parsing of input files by the <em>libclamav</em> library. An attacker could exploit this vulnerability by sending a crafted document that triggers a scan from the AMP ClamAV library on an affected system. A successful exploit could allow the attacker to cause the AMP process to restart.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1405 Tue, 31 May 2016 10:30:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa Cisco Firepower Management Center Web Interface Code Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160527-fmc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Firepower%20Management%20Center%20Web%20Interface%20Code%20Injection%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Firepower Management Center Web Interface Code Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to modify a page in the web interface.<br /> &nbsp;<br /> The vulnerability is due to improper sanitization of some parameter values. An attacker could exploit this vulnerability by injecting malicious code into an affected parameter and persuading a user to access a web page that triggers the injected code.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160527-fmc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160527-fmc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Firepower Management Center Web Interface Code Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to modify a page in the web interface.<br /> &nbsp;<br /> The vulnerability is due to improper sanitization of some parameter values. An attacker could exploit this vulnerability by injecting malicious code into an affected parameter and persuading a user to access a web page that triggers the injected code.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160527-fmc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160527-fmc</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1413 Fri, 27 May 2016 19:01:44 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160527-fmc Cisco UCS Invicta Software Default GPG Key Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160524-ucs-inv?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20UCS%20Invicta%20Software%20Default%20GPG%20Key%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco UCS Invicta Software Default GPG Key Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco&nbsp;UCS Invicta Software could allow an unauthenticated, remote attacker to access some encrypted information, if the attacker can intercept communication between an affected system and a Cisco&nbsp;UCS Invicta Autosupport server.<br /> <br /> The vulnerability is due to the presence of a default, static encryption key in the affected software. The key is used to encrypt some of the information that is exchanged between an affected device and the Autosupport server. An attacker could exploit this vulnerability by intercepting communication between an affected device and the Autosupport server and using the key to decrypt some of the information communicated between them.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160524-ucs-inv">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160524-ucs-inv</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco UCS Invicta Software Default GPG Key Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco&nbsp;UCS Invicta Software could allow an unauthenticated, remote attacker to access some encrypted information, if the attacker can intercept communication between an affected system and a Cisco&nbsp;UCS Invicta Autosupport server.<br /> <br /> The vulnerability is due to the presence of a default, static encryption key in the affected software. The key is used to encrypt some of the information that is exchanged between an affected device and the Autosupport server. An attacker could exploit this vulnerability by intercepting communication between an affected device and the Autosupport server and using the key to decrypt some of the information communicated between them.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160524-ucs-inv">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160524-ucs-inv</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1404 Tue, 24 May 2016 08:30:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160524-ucs-inv Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager JSON Privilege Escalation Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160523-pi-epnm?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Infrastructure%20and%20Cisco%20Evolved%20Programmable%20Network%20Manager%20JSON%20Privilege%20Escalation%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager JSON Privilege Escalation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the application programming interface (API) web interface of the Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, remote attacker to perform privilege escalation on the affected device. The attacker can escalate privileges to the <em>root </em>level in most cases.<br /> &nbsp;<br /> The vulnerability is due to incorrect role-based access control (RBAC) evaluation when a low-privileged user requests a web page or service that should be restricted. An attacker could exploit this vulnerability by performing reconnaissance attacks to the application web pages and services to identify potential devices of interest. The attacker could then craft an HTTP request with a crafted JavaScript Object Notation (JSON) payload to request the targeted sensitive data. An exploit could allow the attacker to perform privilege escalation on the applications to the <em>root</em> level and access unauthorized data.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160523-pi-epnm">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160523-pi-epnm</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager JSON Privilege Escalation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the application programming interface (API) web interface of the Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, remote attacker to perform privilege escalation on the affected device. The attacker can escalate privileges to the <em>root </em>level in most cases.<br /> &nbsp;<br /> The vulnerability is due to incorrect role-based access control (RBAC) evaluation when a low-privileged user requests a web page or service that should be restricted. An attacker could exploit this vulnerability by performing reconnaissance attacks to the application web pages and services to identify potential devices of interest. The attacker could then craft an HTTP request with a crafted JavaScript Object Notation (JSON) payload to request the targeted sensitive data. An exploit could allow the attacker to perform privilege escalation on the applications to the <em>root</em> level and access unauthorized data.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160523-pi-epnm">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160523-pi-epnm</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1406 Mon, 23 May 2016 21:20:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160523-pi-epnm Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20March%202016&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016" border='0' height='0' width='0'></img>On March 1, 2016, the OpenSSL Software Foundation released a security advisory detailing seven vulnerabilities and a new attack, referred to as the <em>Decrypting RSA with Obsolete and Weakened eNcryption (DROWN)</em> attack. A total of eight Common Vulnerabilities and Exposures (CVEs) were assigned. Of the eight CVEs, three relate to the DROWN attack. The remaining CVEs track low severity vulnerabilities.<br /> <br /> DROWN is a cross-protocol attack that actively exploits weaknesses in SSL Version 2 (SSLv2) to decrypt passively collected Transport Layer Security (TLS) sessions. DROWN does not exploit a vulnerability in the TLS protocol or any specific implementation of the protocol.<br /> <br /> To execute a successful DROWN attack, the attacker must identify a server that supports both SSLv2 and TLS, and uses the same RSA key pair for both protocols. The attacker must also be able to collect TLS traffic for the server. <br /> <br /> This advisory will be updated as additional information becomes available. <br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016" border='0' height='0' width='0'></img>On March 1, 2016, the OpenSSL Software Foundation released a security advisory detailing seven vulnerabilities and a new attack, referred to as the <em>Decrypting RSA with Obsolete and Weakened eNcryption (DROWN)</em> attack. A total of eight Common Vulnerabilities and Exposures (CVEs) were assigned. Of the eight CVEs, three relate to the DROWN attack. The remaining CVEs track low severity vulnerabilities.<br /> <br /> DROWN is a cross-protocol attack that actively exploits weaknesses in SSL Version 2 (SSLv2) to decrypt passively collected Transport Layer Security (TLS) sessions. DROWN does not exploit a vulnerability in the TLS protocol or any specific implementation of the protocol.<br /> <br /> To execute a successful DROWN attack, the attacker must identify a server that supports both SSLv2 and TLS, and uses the same RSA key pair for both protocols. The attacker must also be able to collect TLS traffic for the server. <br /> <br /> This advisory will be updated as additional information becomes available. <br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-0702,CVE-2016-0703,CVE-2016-0704,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800,CVE-2016-2842,CVE-2016-2842 Mon, 23 May 2016 14:04:56 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl Cisco Unified Computing System Central Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ucs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Computing%20System%20Central%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Computing System Central Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP web-based management interface of Cisco Unified Computing System (UCS) Central Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected system.<br /> &nbsp;<br /> The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click a specific link. A successful exploit could allow the attacker to submit arbitrary requests to the affected system via a web browser with the privileges of the user.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ucs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ucs</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Computing System Central Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP web-based management interface of Cisco Unified Computing System (UCS) Central Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected system.<br /> &nbsp;<br /> The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click a specific link. A successful exploit could allow the attacker to submit arbitrary requests to the affected system via a web browser with the privileges of the user.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ucs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ucs</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1401 Wed, 18 May 2016 19:42:52 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ucs Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Web%20Security%20Appliance%20HTTP%20POST%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability that occurs when parsing an HTTP POST request with Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process becoming unresponsive.<br /> <br /> The vulnerability is due to a lack of proper input validation of the packets that make up the HTTP POST request. An attacker could exploit this vulnerability by sending a crafted HTTP POST request to the affected device. An exploit could allow the attacker to cause a DoS condition due to the proxy process becoming unresponsive and the WSA reloading.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <div><br /> </div> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability that occurs when parsing an HTTP POST request with Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process becoming unresponsive.<br /> <br /> The vulnerability is due to a lack of proper input validation of the packets that make up the HTTP POST request. An attacker could exploit this vulnerability by sending a crafted HTTP POST request to the affected device. An exploit could allow the attacker to cause a DoS condition due to the proxy process becoming unresponsive and the WSA reloading.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <div><br /> </div> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1380 Wed, 18 May 2016 16:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1 Cisco Web Security Appliance Connection Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Web%20Security%20Appliance%20Connection%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance Connection Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco AsyncOS for the Cisco Web Security Appliance (WSA) when the software handles a specific HTTP response code could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance because the appliance runs out of system memory.<br /> <br /> The vulnerability occurs because the software does not free client and server connection memory and system file descriptors when a certain HTTP response code is received in the HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition because the appliance runs out of system memory. When this happens, the device can no longer accept new incoming connection requests.<br /> <br /> Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is also available.<br /> &nbsp;<br /> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance Connection Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco AsyncOS for the Cisco Web Security Appliance (WSA) when the software handles a specific HTTP response code could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance because the appliance runs out of system memory.<br /> <br /> The vulnerability occurs because the software does not free client and server connection memory and system file descriptors when a certain HTTP response code is received in the HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition because the appliance runs out of system memory. When this happens, the device can no longer accept new incoming connection requests.<br /> <br /> Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is also available.<br /> &nbsp;<br /> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1383 Wed, 18 May 2016 16:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4 Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Web%20Security%20Appliance%20HTTP%20Length%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in HTTP request parsing in Cisco AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the proxy process unexpectedly restarts.<br /> <br /> The vulnerability occurs because the affected software does not properly allocate space for the HTTP header and any expected HTTP payload. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition when the proxy process unexpectedly reloads, which can cause traffic to be dropped.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> &nbsp;<br /> This advisory is available at the following link:<br /> <br /> &nbsp;<a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in HTTP request parsing in Cisco AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the proxy process unexpectedly restarts.<br /> <br /> The vulnerability occurs because the affected software does not properly allocate space for the HTTP header and any expected HTTP payload. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition when the proxy process unexpectedly reloads, which can cause traffic to be dropped.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> &nbsp;<br /> This advisory is available at the following link:<br /> <br /> &nbsp;<a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1382 Wed, 18 May 2016 16:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3 Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Web%20Security%20Appliance%20Cached%20Range%20Request%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the cached file-range request functionality of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance due to the appliance running out of system memory.<br /> <br /> The vulnerability is due to a failure to free memory when a file range for cached content is requested through the WSA. An attacker could exploit this vulnerability by opening multiple connections that request file ranges through the affected device. A successful exploit could allow the attacker to cause the WSA to stop passing traffic when enough memory is used and not freed.<br /> <br /> Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is also available.<br /> &nbsp;<br /> This advisory is available at the following link:<br /> <br /> &nbsp;<a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the cached file-range request functionality of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance due to the appliance running out of system memory.<br /> <br /> The vulnerability is due to a failure to free memory when a file range for cached content is requested through the WSA. An attacker could exploit this vulnerability by opening multiple connections that request file ranges through the affected device. A successful exploit could allow the attacker to cause the WSA to stop passing traffic when enough memory is used and not freed.<br /> <br /> Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is also available.<br /> &nbsp;<br /> This advisory is available at the following link:<br /> <br /> &nbsp;<a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1381 Wed, 18 May 2016 16:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2 Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ASA%20Software%20IKEv1%20and%20IKEv2%20Buffer%20Overflow%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. <br /> <br /> The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic.<br /> <br /> Cisco has released software updates that address this vulnerability. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. <br /> <br /> The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic.<br /> <br /> Cisco has released software updates that address this vulnerability. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2016-1287 Wed, 18 May 2016 13:50:25 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Appliance%20VPN%20Memory%20Block%20Exhaustion%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the IPsec code of Cisco&nbsp;Adaptive Security Appliance&nbsp;(ASA) Software could allow an authenticated, remote attacker to cause the depletion of a memory block, which may cause the system to stop forwarding traffic and result in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to an error in the implementation of ICMP error handling for IPsec packets. An attacker could exploit this vulnerability by sending crafted packets through an established LAN-to-LAN or Remote Access VPN tunnel. A successful exploit could allow the attacker to deplete available memory and cause system instability or cause the system to stop forwarding traffic.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the IPsec code of Cisco&nbsp;Adaptive Security Appliance&nbsp;(ASA) Software could allow an authenticated, remote attacker to cause the depletion of a memory block, which may cause the system to stop forwarding traffic and result in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to an error in the implementation of ICMP error handling for IPsec packets. An attacker could exploit this vulnerability by sending crafted packets through an established LAN-to-LAN or Remote Access VPN tunnel. A successful exploit could allow the attacker to deplete available memory and cause system instability or cause the system to stop forwarding traffic.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1379 Tue, 17 May 2016 14:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn Cisco Adaptive Security Appliance XML Parser Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Appliance%20XML%20Parser%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance XML Parser Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in XML parser code of Cisco Adaptive Security Appliance Software could allow an authenticated, remote attacker to cause system instability or a reload of the affected system.<br /> <br /> The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could exploit this vulnerability in multiple ways by utilizing a malicious file. An attacker with administrative privileges could exploit this by uploading a malicious XML file on the system and trigger the XML code to parse the malicious file. Additionally, an attacker with Clienteles SSL VPN access could exploit this vulnerability by sending a crafted XML file. An exploit would allow the attacker to crash the XML parser process, which could cause system instability, memory exhaustion, and in some cases lead to a reload of the affected system.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance XML Parser Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in XML parser code of Cisco Adaptive Security Appliance Software could allow an authenticated, remote attacker to cause system instability or a reload of the affected system.<br /> <br /> The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could exploit this vulnerability in multiple ways by utilizing a malicious file. An attacker with administrative privileges could exploit this by uploading a malicious XML file on the system and trigger the XML code to parse the malicious file. Additionally, an attacker with Clienteles SSL VPN access could exploit this vulnerability by sending a crafted XML file. An exploit would allow the attacker to crash the XML parser process, which could cause system instability, memory exhaustion, and in some cases lead to a reload of the affected system.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1385 Tue, 17 May 2016 00:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml Cisco Identity Services Engine Active Directory Integration Component Remote Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ise?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Identity%20Services%20Engine%20Active%20Directory%20Integration%20Component%20Remote%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Identity Services Engine Active Directory Integration Component Remote Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Active Directory integration component of Cisco Identity Service Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service attack.<br /> <br /> The vulnerability is due to improper handling of password authentication protocol (PAP) authentication requests when ISE is configured with an authorization policy based on Active Directory group membership. An attacker could exploit this vulnerability by crafting a special but formally correct PAP authentication request that will trigger the issue. An exploit could allow the attacker to cause the failures of all subsequent authentication requests for the same Active Directory domain.&nbsp;<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ise">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ise</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Identity Services Engine Active Directory Integration Component Remote Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Active Directory integration component of Cisco Identity Service Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service attack.<br /> <br /> The vulnerability is due to improper handling of password authentication protocol (PAP) authentication requests when ISE is configured with an authorization policy based on Active Directory group membership. An attacker could exploit this vulnerability by crafting a special but formally correct PAP authentication request that will trigger the issue. An exploit could allow the attacker to cause the failures of all subsequent authentication requests for the same Active Directory domain.&nbsp;<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ise">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ise</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1402 Tue, 17 May 2016 00:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ise Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Video%20Communication%20Server%20Session%20Initiation%20Protocol%20Packet%20Processing%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Session Initiation Protocol (SIP) implementation of the Cisco Video Communications Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br /> &nbsp;<br /> The vulnerability is due to a malformed SIP header message. An attacker could exploit this vulnerability by manipulating the SIP URI. An exploit could allow the attacker to cause a disruption of service to the application.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Session Initiation Protocol (SIP) implementation of the Cisco Video Communications Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br /> &nbsp;<br /> The vulnerability is due to a malformed SIP header message. An attacker could exploit this vulnerability by manipulating the SIP URI. An exploit could allow the attacker to cause a disruption of service to the application.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1400 Mon, 16 May 2016 00:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs