Cisco Security Advisory https://tools.cisco.com/security/center/psirtrss20/CiscoSecurityAdvisory.xml en-us 1992-2010 Cisco Systems, Inc. All rights reserved. Cisco Security Advisory Cisco Systems, Inc. 15 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20January%20and%20February%202017&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017" border='0' height='0' width='0'></img>On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new vulnerabilities. The foundation also released one vulnerability that was already disclosed in the OpenSSL advisory for November 2016 and included in the Cisco Security Advisory <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161114-openssl">Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016</a>. OpenSSL classifies all the new vulnerabilities as &ldquo;Moderate Severity.&rdquo;<br /> <br /> The first vulnerability affects only OpenSSL used on 32-bit systems architecture and may cause OpenSSL to crash. The second vulnerability affects only version 1.1.0 and occurs only when OpenSSL is used on the client side. The second vulnerability may cause OpenSSL to crash when connecting to a malicious server. The third vulnerability affects only systems based on x86_64 architecture. A successful exploit of the third vulnerability could allow the attacker to access sensitive private key information.<br /> <br /> Multiple Cisco products incorporate a version of the OpenSSL package that is affected by one or more of these vulnerabilities. <br /> <br /> There are no Cisco products affected by the vulnerability identified by CVE ID CVE-2017-3730.<br /> <br /> On February 16, 2017, the OpenSSL Software Foundation released another security advisory that included one high severity vulnerability identified by CVE ID CVE-2017-3733. <br /> <br /> There are no Cisco products affected by this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017" border='0' height='0' width='0'></img>On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new vulnerabilities. The foundation also released one vulnerability that was already disclosed in the OpenSSL advisory for November 2016 and included in the Cisco Security Advisory <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161114-openssl">Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016</a>. OpenSSL classifies all the new vulnerabilities as &ldquo;Moderate Severity.&rdquo;<br /> <br /> The first vulnerability affects only OpenSSL used on 32-bit systems architecture and may cause OpenSSL to crash. The second vulnerability affects only version 1.1.0 and occurs only when OpenSSL is used on the client side. The second vulnerability may cause OpenSSL to crash when connecting to a malicious server. The third vulnerability affects only systems based on x86_64 architecture. A successful exploit of the third vulnerability could allow the attacker to access sensitive private key information.<br /> <br /> Multiple Cisco products incorporate a version of the OpenSSL package that is affected by one or more of these vulnerabilities. <br /> <br /> There are no Cisco products affected by the vulnerability identified by CVE ID CVE-2017-3730.<br /> <br /> On February 16, 2017, the OpenSSL Software Foundation released another security advisory that included one high severity vulnerability identified by CVE ID CVE-2017-3733. <br /> <br /> There are no Cisco products affected by this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3730,CVE-2017-3731,CVE-2017-3732,CVE-2017-3733 Thu, 23 Mar 2017 19:58:51 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl Apache Struts2 Jakarta Multipart Parser File Upload Code Execution Vulnerability Affecting Cisco Products https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Apache%20Struts2%20Jakarta%20Multipart%20Parser%20File%20Upload%20Code%20Execution%20Vulnerability%20Affecting%20Cisco%20Products&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Apache Struts2 Jakarta Multipart Parser File Upload Code Execution Vulnerability Affecting Cisco Products" border='0' height='0' width='0'></img><p>On March 6, 2017, Apache disclosed a vulnerability in the Jakarta Multipart parser used in Apache Struts2 that could allow an attacker to execute commands remotely on a targeted system by using a<em> </em>crafted <span class="more"><em>Content-Type</em>, <em>Content-Disposition</em>, or <em>Content-Length</em> value.<br /> </span></p> This vulnerability has been assigned CVE-ID CVE-2017-5638.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Apache Struts2 Jakarta Multipart Parser File Upload Code Execution Vulnerability Affecting Cisco Products" border='0' height='0' width='0'></img><p>On March 6, 2017, Apache disclosed a vulnerability in the Jakarta Multipart parser used in Apache Struts2 that could allow an attacker to execute commands remotely on a targeted system by using a<em> </em>crafted <span class="more"><em>Content-Type</em>, <em>Content-Disposition</em>, or <em>Content-Length</em> value.<br /> </span></p> This vulnerability has been assigned CVE-ID CVE-2017-5638.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2017-5638 Thu, 23 Mar 2017 17:25:24 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2 Cisco Application-Hosting Framework Directory Traversal Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Application-Hosting%20Framework%20Directory%20Traversal%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application-Hosting Framework Directory Traversal Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework code of the Cisco&nbsp;application-hosting framework (CAF) component of the Cisco&nbsp;IOx application environment could allow an unauthenticated, remote attacker to read any file from the CAF in the virtual instance running on the affected device.<br /> <br /> The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting crafted requests to the CAF web interface. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco&nbsp;IOx.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application-Hosting Framework Directory Traversal Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework code of the Cisco&nbsp;application-hosting framework (CAF) component of the Cisco&nbsp;IOx application environment could allow an unauthenticated, remote attacker to read any file from the CAF in the virtual instance running on the affected device.<br /> <br /> The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting crafted requests to the CAF web interface. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco&nbsp;IOx.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf1</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3851 Wed, 22 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf1 Cisco IOS XE Software for Cisco ASR 920 Series Routers Zero Touch Provisioning Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-ztp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20XE%20Software%20for%20Cisco%20ASR%20920%20Series%20Routers%20Zero%20Touch%20Provisioning%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XE Software for Cisco ASR 920 Series Routers Zero Touch Provisioning Denial of Service Vulnerability" border='0' height='0' width='0'></img><p>A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco&nbsp;ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload.</p> <p>The vulnerability is due to a format string vulnerability when processing a crafted DHCP packet for Zero Touch Provisioning. An attacker could exploit this vulnerability by sending a specially crafted DHCP packet to an affected device. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service&nbsp;(DoS) condition.</p> <p>Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p> <p>This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-ztp">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-ztp</a></p> <p>This advisory is part of the March 22, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see <a href="http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-60851">Cisco Event Response: March 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication</a>.</p> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XE Software for Cisco ASR 920 Series Routers Zero Touch Provisioning Denial of Service Vulnerability" border='0' height='0' width='0'></img><p>A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco&nbsp;ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload.</p> <p>The vulnerability is due to a format string vulnerability when processing a crafted DHCP packet for Zero Touch Provisioning. An attacker could exploit this vulnerability by sending a specially crafted DHCP packet to an affected device. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service&nbsp;(DoS) condition.</p> <p>Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p> <p>This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-ztp">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-ztp</a></p> <p>This advisory is part of the March 22, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see <a href="http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-60851">Cisco Event Response: March 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication</a>.</p> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3859 Wed, 22 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-ztp Cisco IOS XE Software HTTP Command Injection Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-xeci?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20XE%20Software%20HTTP%20Command%20Injection%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XE Software HTTP Command Injection Vulnerability" border='0' height='0' width='0'></img><p>A vulnerability in the web framework of Cisco&nbsp;IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with <em>root</em> privileges.</p> <p>The vulnerability is due to insufficient input validation of HTTP parameters supplied by the user. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the affected web page parameter. The user must be authenticated to access the affected parameter. A successful exploit could allow the attacker to execute commands with <em>root</em> privileges.</p> <p>Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p> <p>This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-xeci">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-xeci</a></p> <p>This advisory is part of the March 22, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see <a href="http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-60851">Cisco Event Response: March 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication</a>.</p> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XE Software HTTP Command Injection Vulnerability" border='0' height='0' width='0'></img><p>A vulnerability in the web framework of Cisco&nbsp;IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with <em>root</em> privileges.</p> <p>The vulnerability is due to insufficient input validation of HTTP parameters supplied by the user. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the affected web page parameter. The user must be authenticated to access the affected parameter. A successful exploit could allow the attacker to execute commands with <em>root</em> privileges.</p> <p>Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p> <p>This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-xeci">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-xeci</a></p> <p>This advisory is part of the March 22, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see <a href="http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-60851">Cisco Event Response: March 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication</a>.</p> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3858 Wed, 22 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-xeci Cisco IOS XE Software Web User Interface Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20XE%20Software%20Web%20User%20Interface%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XE Software Web User Interface Denial of Service Vulnerability" border='0' height='0' width='0'></img><p>A vulnerability in the web user interface of Cisco&nbsp;IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.</p> <p>The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service&nbsp;(DoS) condition.</p> <p>To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network.</p> <p>Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p> <p>This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui</a></p> <p>This advisory is part of the March 22, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see <a href="http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-60851">Cisco Event Response: March 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication</a>.</p> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XE Software Web User Interface Denial of Service Vulnerability" border='0' height='0' width='0'></img><p>A vulnerability in the web user interface of Cisco&nbsp;IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.</p> <p>The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service&nbsp;(DoS) condition.</p> <p>To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network.</p> <p>Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p> <p>This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui</a></p> <p>This advisory is part of the March 22, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see <a href="http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-60851">Cisco Event Response: March 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication</a>.</p> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3856 Wed, 22 Mar 2017 16:00:00 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui Cisco IOS and IOS XE Software Layer 2 Tunneling Protocol Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-l2tp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20and%20IOS%20XE%20Software%20Layer%202%20Tunneling%20Protocol%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software Layer 2 Tunneling Protocol Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Layer 2 Tunneling Protocol&nbsp;(L2TP) parsing function of Cisco&nbsp;IOS and Cisco&nbsp;IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.<br /> <br /> The vulnerability is due to insufficient validation of L2TP packets. An attacker could exploit this vulnerability by sending a crafted L2TP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service&nbsp;(DoS) condition. <p>Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p> <p>This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-l2tp">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-l2tp</a></p> <p>This advisory is part of the March 22, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see <a href="http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-60851">Cisco Event Response: March 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication</a>.</p> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software Layer 2 Tunneling Protocol Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Layer 2 Tunneling Protocol&nbsp;(L2TP) parsing function of Cisco&nbsp;IOS and Cisco&nbsp;IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.<br /> <br /> The vulnerability is due to insufficient validation of L2TP packets. An attacker could exploit this vulnerability by sending a crafted L2TP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service&nbsp;(DoS) condition. <p>Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p> <p>This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-l2tp">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-l2tp</a></p> <p>This advisory is part of the March 22, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see <a href="http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-60851">Cisco Event Response: March 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication</a>.</p> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3857 Wed, 22 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-l2tp Cisco IOx Data in Motion Stack Overflow Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-iox?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOx%20Data%20in%20Motion%20Stack%20Overflow%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOx Data in Motion Stack Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco&nbsp;IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with <em>root</em> privileges in the virtual instance running on an affected device.<br /> <br /> The vulnerability is due to insufficient bounds checking in the DMo process. An attacker could exploit this vulnerability by sending crafted packets that are forwarded to the DMo process for evaluation. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco&nbsp;IOx.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-iox">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-iox</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOx Data in Motion Stack Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco&nbsp;IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with <em>root</em> privileges in the virtual instance running on an affected device.<br /> <br /> The vulnerability is due to insufficient bounds checking in the DMo process. An attacker could exploit this vulnerability by sending crafted packets that are forwarded to the DMo process for evaluation. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco&nbsp;IOx.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-iox">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-iox</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2017-3853 Wed, 22 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-iox Cisco IOS and IOS XE Software DHCP Client Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-dhcpc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20and%20IOS%20XE%20Software%20DHCP%20Client%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software DHCP Client Denial of Service Vulnerability" border='0' height='0' width='0'></img><p>A vulnerability in the DHCP client implementation of Cisco&nbsp;IOS and Cisco&nbsp;IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.</p> <p>The vulnerability occurs during the parsing of a crafted DHCP packet. An attacker could exploit this vulnerability by sending crafted DHCP packets to an affected device that is configured as a DHCP client. A successful exploit could allow the attacker to cause a reload of an affected device, resulting in a DoS condition.</p> <p>Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p> <p>This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-dhcpc">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-dhcpc</a></p> <p>This advisory is part of the March 22, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see <a href="http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-60851">Cisco Event Response: March 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication</a>.</p> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software DHCP Client Denial of Service Vulnerability" border='0' height='0' width='0'></img><p>A vulnerability in the DHCP client implementation of Cisco&nbsp;IOS and Cisco&nbsp;IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.</p> <p>The vulnerability occurs during the parsing of a crafted DHCP packet. An attacker could exploit this vulnerability by sending crafted DHCP packets to an affected device that is configured as a DHCP client. A successful exploit could allow the attacker to cause a reload of an affected device, resulting in a DoS condition.</p> <p>Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p> <p>This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-dhcpc">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-dhcpc</a></p> <p>This advisory is part of the March 22, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see <a href="http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-60851">Cisco Event Response: March 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication</a>.</p> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3864 Wed, 22 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-dhcpc Cisco Application-Hosting Framework Arbitrary File Creation Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Application-Hosting%20Framework%20Arbitrary%20File%20Creation%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application-Hosting Framework Arbitrary File Creation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco application-hosting framework (CAF) component of the Cisco&nbsp;IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device.<br /> <br /> The vulnerability is due to insufficient input validation of user-supplied application packages. An attacker who can upload a malicious package within Cisco&nbsp;IOx could exploit the vulnerability to modify arbitrary files. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco&nbsp;IOx.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application-Hosting Framework Arbitrary File Creation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco application-hosting framework (CAF) component of the Cisco&nbsp;IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device.<br /> <br /> The vulnerability is due to insufficient input validation of user-supplied application packages. An attacker who can upload a malicious package within Cisco&nbsp;IOx could exploit the vulnerability to modify arbitrary files. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco&nbsp;IOx.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf2</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3852 Wed, 22 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf2 Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Registrar Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-ani?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20and%20IOS%20XE%20Software%20Autonomic%20Networking%20Infrastructure%20Registrar%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Registrar Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco&nbsp;IOS Software and Cisco&nbsp;IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted autonomic network channel discovery packet to a device that has all the following characteristics:<br /> <ul> <li>Running a Cisco&nbsp;IOS Software or Cisco&nbsp;IOS XE Software release that supports the ANI feature</li> <li>Configured as an autonomic registrar</li> <li>Has a whitelist configured</li> </ul> <br /> An exploit could allow the attacker to cause the affected device to reload.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-ani">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-ani</a><br /> <br /> <strong>Note:</strong> Also see the companion advisory for affected devices that support Autonomic Networking: <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6">Cisco IOS and IOS XE Software IPv6 Denial of Service Vulnerability</a>. <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Registrar Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco&nbsp;IOS Software and Cisco&nbsp;IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted autonomic network channel discovery packet to a device that has all the following characteristics:<br /> <ul> <li>Running a Cisco&nbsp;IOS Software or Cisco&nbsp;IOS XE Software release that supports the ANI feature</li> <li>Configured as an autonomic registrar</li> <li>Has a whitelist configured</li> </ul> <br /> An exploit could allow the attacker to cause the affected device to reload.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-ani">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-ani</a><br /> <br /> <strong>Note:</strong> Also see the companion advisory for affected devices that support Autonomic Networking: <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6">Cisco IOS and IOS XE Software IPv6 Denial of Service Vulnerability</a>. <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3849 Mon, 20 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-ani Cisco IOS and IOS XE Software IPv6 Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20and%20IOS%20XE%20Software%20IPv6%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software IPv6 Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco&nbsp;IOS Software and Cisco&nbsp;IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to a device that is running a Cisco&nbsp;IOS Software or Cisco&nbsp;IOS XE Software release that supports the ANI feature.<br /> <br /> A device must meet two conditions to be affected by this vulnerability:<br /> <ul> <li>The device must be running a version of Cisco&nbsp;IOS Software or Cisco&nbsp;IOS XE Software that <em>supports </em>ANI (regardless of whether ANI is configured)</li> <li>The device must have a reachable IPv6 interface</li> </ul> <br /> An exploit could allow the attacker to cause the affected device to reload.<br /> <br /> Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6</a><br /> <br /> <strong>Note:</strong> Also see the companion advisory for affected devices that are configured as an autonomic registrar: <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-ani">Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Registrar Denial of Service Vulnerability</a>. <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software IPv6 Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco&nbsp;IOS Software and Cisco&nbsp;IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to a device that is running a Cisco&nbsp;IOS Software or Cisco&nbsp;IOS XE Software release that supports the ANI feature.<br /> <br /> A device must meet two conditions to be affected by this vulnerability:<br /> <ul> <li>The device must be running a version of Cisco&nbsp;IOS Software or Cisco&nbsp;IOS XE Software that <em>supports </em>ANI (regardless of whether ANI is configured)</li> <li>The device must have a reachable IPv6 interface</li> </ul> <br /> An exploit could allow the attacker to cause the affected device to reload.<br /> <br /> Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6</a><br /> <br /> <strong>Note:</strong> Also see the companion advisory for affected devices that are configured as an autonomic registrar: <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-ani">Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Registrar Denial of Service Vulnerability</a>. <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3850 Mon, 20 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6 Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20and%20IOS%20XE%20Software%20Cluster%20Management%20Protocol%20Remote%20Code%20Execution%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.<br /> <br /> The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors:<br /> <ul> <li> The failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device, and</li> <li>The incorrect processing of malformed CMP-specific Telnet options. </li> </ul> An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device.<br /> <br /> Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.<br /> <br /> The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors:<br /> <ul> <li> The failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device, and</li> <li>The incorrect processing of malformed CMP-specific Telnet options. </li> </ul> An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device.<br /> <br /> Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2017-3881 Fri, 17 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp Cisco Mobility Express 1800 Access Point Series Authentication Bypass Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Mobility%20Express%201800%20Access%20Point%20Series%20Authentication%20Bypass%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Mobility Express 1800 Access Point Series Authentication Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based GUI of Cisco Mobility&nbsp;Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges.<br /> <br /> The vulnerability is due to improper implementation of authentication for accessing&nbsp;certain web pages using the GUI interface. An attacker could exploit this vulnerability&nbsp;by sending a crafted HTTP request to the web interface of the affected system. A successful&nbsp;exploit could allow the attacker to bypass authentication and perform unauthorized configuration&nbsp;changes or issue control commands to the affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Mobility Express 1800 Access Point Series Authentication Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based GUI of Cisco Mobility&nbsp;Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges.<br /> <br /> The vulnerability is due to improper implementation of authentication for accessing&nbsp;certain web pages using the GUI interface. An attacker could exploit this vulnerability&nbsp;by sending a crafted HTTP request to the web interface of the affected system. A successful&nbsp;exploit could allow the attacker to bypass authentication and perform unauthorized configuration&nbsp;changes or issue control commands to the affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2017-3831 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800 Cisco Web Security Appliance URL Filtering Bypass Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Web%20Security%20Appliance%20URL%20Filtering%20Bypass%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance URL Filtering Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule.<br /> <br /> The vulnerability is due to incomplete validation of the HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request through the targeted device. An exploit could allow the attacker to bypass a configured URL filter.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance URL Filtering Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule.<br /> <br /> The vulnerability is due to incomplete validation of the HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request through the targeted device. An exploit could allow the attacker to bypass a configured URL filter.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3870 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa Cisco WebEx Meetings Server XML External Entity Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wms?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20WebEx%20Meetings%20Server%20XML%20External%20Entity%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco WebEx Meetings Server XML External Entity Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to have <em>read</em> access to part of the information stored in the affected system.<br /> <br /> The vulnerability is due to improper handling of an XML External Entity (XXE) when parsing an XML file. An attacker could exploit this vulnerability by sending a crafted XML file to the affected system. A successful exploit could allow the attacker to have <em>read</em> access to part of the information stored in the affected system.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wms">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wms</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco WebEx Meetings Server XML External Entity Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to have <em>read</em> access to part of the information stored in the affected system.<br /> <br /> The vulnerability is due to improper handling of an XML External Entity (XXE) when parsing an XML file. An attacker could exploit this vulnerability by sending a crafted XML file to the affected system. A successful exploit could allow the attacker to have <em>read</em> access to part of the information stored in the affected system.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wms">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wms</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3811 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wms Cisco Meshed Wireless LAN Controller Impersonation Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Meshed%20Wireless%20LAN%20Controller%20Impersonation%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Meshed Wireless LAN Controller Impersonation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology.<br /> <br /> The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could exploit this vulnerability by forcing the target system to disconnect from the correct parent access point and reconnect to a rogue access point owned by the attacker. An exploit could allow the attacker to control the traffic flowing through the impacted access point or take full control of the target system.<br /> <br /> Cisco has released software updates that address this vulnerability. Note that additional configuration is needed in addition to upgrading to a fixed release. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Meshed Wireless LAN Controller Impersonation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology.<br /> <br /> The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could exploit this vulnerability by forcing the target system to disconnect from the correct parent access point and reconnect to a rogue access point owned by the attacker. An exploit could allow the attacker to control the traffic flowing through the impacted access point or take full control of the target system.<br /> <br /> Cisco has released software updates that address this vulnerability. Note that additional configuration is needed in addition to upgrading to a fixed release. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3854 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh Cisco WebEx Meetings Server Authentication Bypass Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20WebEx%20Meetings%20Server%20Authentication%20Bypass%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco WebEx Meetings Server Authentication Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server.<br /> <br /> The vulnerability is due to the presence of deprecated code within the Cisco WebEx Meetings Server. An attacker could exploit this vulnerability by spoofing a legitimate user. An exploit could allow the attacker to view limited meeting information for that user contained on the server.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco WebEx Meetings Server Authentication Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server.<br /> <br /> The vulnerability is due to the presence of deprecated code within the Cisco WebEx Meetings Server. An attacker could exploit this vulnerability by spoofing a legitimate user. An exploit could allow the attacker to view limited meeting information for that user contained on the server.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3880 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex Cisco UCS Director Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20UCS%20Director%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco UCS Director Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucs">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucs</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco UCS Director Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucs">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucs</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3868 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucs Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Communications%20Manager%20Cross-Site%20Request%20Forgery%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco&nbsp;Unified Communications Manager&nbsp;(CallManager) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery&nbsp;(CSRF) attack against a user of the web interface of the affected software.<br /> <br /> The vulnerability is due to insufficient CSRF protections implemented by the affected software. An attacker could exploit this vulnerability by persuading a user of the web interface to follow a malicious link. A successful exploit could allow the attacker to submit arbitrary requests to the affected software via the user's web browser and with the user's privileges.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco&nbsp;Unified Communications Manager&nbsp;(CallManager) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery&nbsp;(CSRF) attack against a user of the web interface of the affected software.<br /> <br /> The vulnerability is due to insufficient CSRF protections implemented by the affected software. An attacker could exploit this vulnerability by persuading a user of the web interface to follow a malicious link. A successful exploit could allow the attacker to submit arbitrary requests to the affected software via the user's web browser and with the user's privileges.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm2</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3877 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm2 Cisco Unified Communications Manager Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Communications%20Manager%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco&nbsp;Unified Communications Manager (CallManager) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the Cisco Unified CM User Options portal of the affected software. An attacker could exploit this vulnerability by persuading an authenticated user of the portal to follow a malicious link. A successful exploit could allow the attacker to execute arbitrary code in the context of the portal.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco&nbsp;Unified Communications Manager (CallManager) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the Cisco Unified CM User Options portal of the affected software. An attacker could exploit this vulnerability by persuading an authenticated user of the portal to follow a malicious link. A successful exploit could allow the attacker to execute arbitrary code in the context of the portal.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3874 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm1 Cisco Unified Communications Manager Web Interface Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Communications%20Manager%20Web%20Interface%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Web Interface Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of an affected device.<br /> <br /> The vulnerability is due to a failure to properly call XSS filter subsystems when a URL contains a certain parameter. An attacker who can persuade an authenticated user of an affected device to follow an attacker-provided link or visit an attacker-controlled website could exploit this vulnerability to execute arbitrary code in the context of the affected site in the user's browser.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Web Interface Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of an affected device.<br /> <br /> The vulnerability is due to a failure to properly call XSS filter subsystems when a URL contains a certain parameter. An attacker who can persuade an authenticated user of an affected device to follow an attacker-provided link or visit an attacker-controlled website could exploit this vulnerability to execute arbitrary code in the context of the affected site in the user's browser.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3872 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm Cisco TelePresence Server API Privilege Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tps?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20TelePresence%20Server%20API%20Privilege%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco TelePresence Server API Privilege Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco&nbsp;TelePresence Server Software could allow an unauthenticated, remote attacker to emulate Cisco&nbsp;TelePresence Server endpoints.<br /> <br /> The vulnerability is due to how session identification information is maintained by a specific API of the affected software. An attacker could exploit this vulnerability by snooping temporary, unencrypted keys on an affected system. A successful exploit could allow the attacker to emulate a Cisco&nbsp;TelePresence Server endpoint.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tps">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tps</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco TelePresence Server API Privilege Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco&nbsp;TelePresence Server Software could allow an unauthenticated, remote attacker to emulate Cisco&nbsp;TelePresence Server endpoints.<br /> <br /> The vulnerability is due to how session identification information is maintained by a specific API of the affected software. An attacker could exploit this vulnerability by snooping temporary, unencrypted keys on an affected system. A successful exploit could allow the attacker to emulate a Cisco&nbsp;TelePresence Server endpoint.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tps">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tps</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3815 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tps Cisco Workload Automation and Tidal Enterprise Scheduler Client Manager Server Arbitrary File Read Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tes?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Workload%20Automation%20and%20Tidal%20Enterprise%20Scheduler%20Client%20Manager%20Server%20Arbitrary%20File%20Read%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Workload Automation and Tidal Enterprise Scheduler Client Manager Server Arbitrary File Read Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Client Manager Server of Cisco Workload Automation and Cisco Tidal Enterprise Scheduler could allow an unauthenticated, remote attacker to retrieve any file from the Client Manager Server.<br /> <br /> The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted URL to the Client Manager Server. An exploit could allow the attacker to retrieve any file from the Cisco Workload Automation or Cisco Tidal Enterprise Scheduler Client Manager Server.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tes">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tes</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Workload Automation and Tidal Enterprise Scheduler Client Manager Server Arbitrary File Read Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Client Manager Server of Cisco Workload Automation and Cisco Tidal Enterprise Scheduler could allow an unauthenticated, remote attacker to retrieve any file from the Client Manager Server.<br /> <br /> The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted URL to the Client Manager Server. An exploit could allow the attacker to retrieve any file from the Cisco Workload Automation or Cisco Tidal Enterprise Scheduler Client Manager Server.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tes">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tes</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3846 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tes Cisco Prime Service Catalog Multiple Cross-Site Scripting Vulnerabilities https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-psc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Service%20Catalog%20Multiple%20Cross-Site%20Scripting%20Vulnerabilities&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Service Catalog Multiple Cross-Site Scripting Vulnerabilities" border='0' height='0' width='0'></img>A vulnerability in the web framework code of the Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system.<br /> <br /> The vulnerability is due to insufficient input validation of some parameters passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting the malicious code. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-psc">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-psc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Service Catalog Multiple Cross-Site Scripting Vulnerabilities" border='0' height='0' width='0'></img>A vulnerability in the web framework code of the Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system.<br /> <br /> The vulnerability is due to insufficient input validation of some parameters passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting the malicious code. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-psc">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-psc</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3866 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-psc Cisco Nexus 9000 Series Switches Remote Login Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Nexus%209000%20Series%20Switches%20Remote%20Login%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Nexus 9000 Series Switches Remote Login Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device. The attacker could use either a Telnet or an SSH client for the remote login attempt.<br /> <br /> The vulnerability is due to improper handling of failed authentication during login. An attacker could exploit this vulnerability by attempting to log in remotely to the device. An exploit could allow the attacker to cause a login process to terminate unexpectedly.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Nexus 9000 Series Switches Remote Login Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device. The attacker could use either a Telnet or an SSH client for the remote login attempt.<br /> <br /> The vulnerability is due to improper handling of failed authentication during login. An attacker could exploit this vulnerability by attempting to log in remotely to the device. An exploit could allow the attacker to cause a login process to terminate unexpectedly.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3879 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss1 Cisco Nexus 9000 Series Switches Telnet Login Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Nexus%209000%20Series%20Switches%20Telnet%20Login%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Nexus 9000 Series Switches Telnet Login Denial of Service Vulnerability " border='0' height='0' width='0'></img>A vulnerability in the Telnet remote login functionality of Cisco&nbsp;NX-OS Software running on Cisco&nbsp;Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device.<br /> <br /> The vulnerability is due to incomplete input validation of Telnet packet headers. An attacker could exploit this vulnerability by sending a crafted Telnet packet to an affected system during a remote Telnet login attempt. A successful exploit could allow the attacker to cause the Telnet process on the affected system to restart unexpectedly, resulting in a denial of service (DoS) condition for the Telnet process.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Nexus 9000 Series Switches Telnet Login Denial of Service Vulnerability " border='0' height='0' width='0'></img>A vulnerability in the Telnet remote login functionality of Cisco&nbsp;NX-OS Software running on Cisco&nbsp;Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device.<br /> <br /> The vulnerability is due to incomplete input validation of Telnet packet headers. An attacker could exploit this vulnerability by sending a crafted Telnet packet to an affected system during a remote Telnet login attempt. A successful exploit could allow the attacker to cause the Telnet process on the affected system to restart unexpectedly, resulting in a denial of service (DoS) condition for the Telnet process.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3878 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss Cisco Prime Optical for Service Providers RADIUS Secret Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpo?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Optical%20for%20Service%20Providers%20RADIUS%20Secret%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Optical for Service Providers RADIUS Secret Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web network management interface of Cisco Prime Optical for Service Providers could allow an authenticated, remote attacker to disclosure sensitive information in the configuration generated for a device. The attacker must have valid credentials for the device.<br /> <br /> The vulnerability occurs because sensitive information is not obscured in the generated configuration files. An attacker could exploit this vulnerability by authenticating to the application and using the network management interface to generate configuration files. An exploit could allow the attacker to reveal sensitive information in the device configuration.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpo">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpo</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Optical for Service Providers RADIUS Secret Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web network management interface of Cisco Prime Optical for Service Providers could allow an authenticated, remote attacker to disclosure sensitive information in the configuration generated for a device. The attacker must have valid credentials for the device.<br /> <br /> The vulnerability occurs because sensitive information is not obscured in the generated configuration files. An attacker could exploit this vulnerability by authenticating to the application and using the network management interface to generate configuration files. An exploit could allow the attacker to reveal sensitive information in the device configuration.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpo">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpo</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3871 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpo Cisco Prime Infrastructure API Credentials Management Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpi?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Infrastructure%20API%20Credentials%20Management%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Infrastructure API Credentials Management Vulnerability " border='0' height='0' width='0'></img>A vulnerability in the APIs for Cisco Prime Infrastructure could allow an authenticated, remote attacker to access an API that should be restricted to a privileged user. The attacker needs to have valid credentials.<br /> <br /> The vulnerability is due to a lack of proper role-based access control (RBAC) for certain APIs in the application. An attacker could exploit this vulnerability by authenticating to specific APIs as a low-privileged user. An exploit could allow the attacker to view or modify system configuration information. The API usage should be restricted based on the user's privilege level.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpi">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpi</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Infrastructure API Credentials Management Vulnerability " border='0' height='0' width='0'></img>A vulnerability in the APIs for Cisco Prime Infrastructure could allow an authenticated, remote attacker to access an API that should be restricted to a privileged user. The attacker needs to have valid credentials.<br /> <br /> The vulnerability is due to a lack of proper role-based access control (RBAC) for certain APIs in the application. An attacker could exploit this vulnerability by authenticating to specific APIs as a low-privileged user. An exploit could allow the attacker to view or modify system configuration information. The API usage should be restricted based on the user's privilege level.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpi">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpi</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3869 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpi Cisco Nexus 7000 Series Switches Access-Control Filtering Mechanisms Bypass Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cns?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Nexus%207000%20Series%20Switches%20Access-Control%20Filtering%20Mechanisms%20Bypass%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Nexus 7000 Series Switches Access-Control Filtering Mechanisms Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could allow an unauthenticated, remote attacker to bypass defined traffic configured within an access control list (ACL) on the affected system. <br /> <br /> The vulnerability is due to the device failing to inspect specific traffic when other ACL checking mechanisms are in place. An attacker could exploit this vulnerability by issuing crafted commands for which a particular ACL would not match defined traffic. An exploit could allow the attacker to bypass certain rulesets defined on a Network Time Protocol (NTP) ACL.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cns">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cns</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Nexus 7000 Series Switches Access-Control Filtering Mechanisms Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could allow an unauthenticated, remote attacker to bypass defined traffic configured within an access control list (ACL) on the affected system. <br /> <br /> The vulnerability is due to the device failing to inspect specific traffic when other ACL checking mechanisms are in place. An attacker could exploit this vulnerability by issuing crafted commands for which a particular ACL would not match defined traffic. An exploit could allow the attacker to bypass certain rulesets defined on a Network Time Protocol (NTP) ACL.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cns">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cns</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3875 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cns Cisco StarOS SSH Privilege Escalation Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20StarOS%20SSH%20Privilege%20Escalation%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco StarOS SSH Privilege Escalation Vulnerability" border='0' height='0' width='0'></img>A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access.<br /> <br /> The vulnerability is due to missing input validation of parameters passed during SSH or SFTP login. An attacker could exploit this vulnerability by providing crafted user input to the SSH or SFTP command-line interface (CLI) during SSH or SFTP login. An exploit could allow an authenticated attacker to gain <em>root </em>privileges access on the router.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered via both IPv4 and IPv6 traffic. An established TCP connection toward port 22, the SSH default port, is needed to perform the attack. The attacker must have valid credentials to login to the system via SSH or SFTP.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco StarOS SSH Privilege Escalation Vulnerability" border='0' height='0' width='0'></img>A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access.<br /> <br /> The vulnerability is due to missing input validation of parameters passed during SSH or SFTP login. An attacker could exploit this vulnerability by providing crafted user input to the SSH or SFTP command-line interface (CLI) during SSH or SFTP login. An exploit could allow an authenticated attacker to gain <em>root </em>privileges access on the router.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered via both IPv4 and IPv6 traffic. An established TCP connection toward port 22, the SSH default port, is needed to perform the attack. The attacker must have valid credentials to login to the system via SSH or SFTP.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3819 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr Cisco Adaptive Security Appliance BGP Bidirectional Forwarding Detection ACL Bypass Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asa?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Appliance%20BGP%20Bidirectional%20Forwarding%20Detection%20ACL%20Bypass%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance BGP Bidirectional Forwarding Detection ACL Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Border Gateway Protocol (BGP) Bidirectional Forwarding Detection (BFD) implementation of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to bypass the access control list (ACL) for specific TCP and UDP traffic.<br /> <br /> The vulnerability occurs because the BFD implementation incorrectly allows traffic with destination ports 3784 and 3785 through the interface ACLs. An attacker could exploit this vulnerability by sending TCP or UDP packets with a destination port of 3784 or 3785 through the ASA.<br /> <br /> Workarounds that address this vulnerability are available. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asa">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asa</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance BGP Bidirectional Forwarding Detection ACL Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Border Gateway Protocol (BGP) Bidirectional Forwarding Detection (BFD) implementation of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to bypass the access control list (ACL) for specific TCP and UDP traffic.<br /> <br /> The vulnerability occurs because the BFD implementation incorrectly allows traffic with destination ports 3784 and 3785 through the interface ACLs. An attacker could exploit this vulnerability by sending TCP or UDP packets with a destination port of 3784 or 3785 through the ASA.<br /> <br /> Workarounds that address this vulnerability are available. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asa">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asa</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3867 Wed, 15 Mar 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asa Cisco IOS for Catalyst 2960X and 3750X Switches Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-catalyst?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20for%20Catalyst%202960X%20and%203750X%20Switches%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS for Catalyst 2960X and 3750X Switches Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper processing of IPv6 Neighbor Discovery (ND) packets. An attacker could exploit this vulnerability by sending a number of IPv6 ND packets to be processed by an affected device. An exploit could allow the attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial DoS service condition.<br /> <br /> Workarounds that address this vulnerability are available. <br /> <br /> This advisory is available at the following link: <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-catalyst">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-catalyst</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS for Catalyst 2960X and 3750X Switches Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper processing of IPv6 Neighbor Discovery (ND) packets. An attacker could exploit this vulnerability by sending a number of IPv6 ND packets to be processed by an affected device. An exploit could allow the attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial DoS service condition.<br /> <br /> Workarounds that address this vulnerability are available. <br /> <br /> This advisory is available at the following link: <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-catalyst">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-catalyst</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3803 Fri, 03 Mar 2017 14:08:22 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-catalyst Cisco Secure Access Control System Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs3?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Secure%20Access%20Control%20System%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Secure Access Control System Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to disclose sensitive information.<br /> <br /> The vulnerability is due to the inclusion of sensitive information in a server response when certain pages of the web interface are accessed. An unauthenticated attacker with the ability to view configuration parameters could disclose passwords and other sensitive information about the affected system.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs3">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs3</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Secure Access Control System Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to disclose sensitive information.<br /> <br /> The vulnerability is due to the inclusion of sensitive information in a server response when certain pages of the web interface are accessed. An unauthenticated attacker with the ability to view configuration parameters could disclose passwords and other sensitive information about the affected system.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs3">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs3</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3841 Fri, 03 Mar 2017 00:03:58 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs3 Cisco Secure Access Control System Open Redirect Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Secure%20Access%20Control%20System%20Open%20Redirect%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Secure Access Control System Open Redirect Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.<br /> &nbsp;<br /> The vulnerability is due to improper input validation of the parameters in the HTTP request. An attacker could exploit this vulnerability by crafting an HTTP request that could cause the web application to redirect the request to a specific malicious URL. This vulnerability is known as an <em>open redirect attack</em> and is used in phishing attacks to get users to visit malicious sites without their knowledge.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Secure Access Control System Open Redirect Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.<br /> &nbsp;<br /> The vulnerability is due to improper input validation of the parameters in the HTTP request. An attacker could exploit this vulnerability by crafting an HTTP request that could cause the web application to redirect the request to a specific malicious URL. This vulnerability is known as an <em>open redirect attack</em> and is used in phishing attacks to get users to visit malicious sites without their knowledge.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs2</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3840 Fri, 03 Mar 2017 00:03:56 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs2 Cisco Secure Access Control System XML External Entity Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Secure%20Access%20Control%20System%20XML%20External%20Entity%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Secure Access Control System XML External Entity Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based user interface of the Cisco Secure Access Control System (ACS) could allow an authenticated, remote attacker to have <em>read </em>access to part of the information stored in the affected system.<br /> <br /> The vulnerability is due to improper handling of the XML External Entity (XXE) when parsing an XML file. An attacker could exploit this vulnerability by submitting a crafted XML header to the affected device web framework.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Secure Access Control System XML External Entity Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based user interface of the Cisco Secure Access Control System (ACS) could allow an authenticated, remote attacker to have <em>read </em>access to part of the information stored in the affected system.<br /> <br /> The vulnerability is due to improper handling of the XML External Entity (XXE) when parsing an XML file. An attacker could exploit this vulnerability by submitting a crafted XML header to the affected device web framework.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3839 Thu, 02 Mar 2017 23:55:34 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs1 Cisco Secure Access Control System Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Secure%20Access%20Control%20System%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Secure Access Control System Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to conduct a DOM-based cross-site scripting (XSS) attack against the user of the web interface of the affected system.<br /> <br /> The vulnerability is due to insufficient input validation of a user-supplied value. An attacker may be able to exploit this vulnerability by intercepting the user packets and injecting malicious code.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Secure Access Control System Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to conduct a DOM-based cross-site scripting (XSS) attack against the user of the web interface of the affected system.<br /> <br /> The vulnerability is due to insufficient input validation of a user-supplied value. An attacker may be able to exploit this vulnerability by intercepting the user packets and injecting malicious code.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3838 Thu, 02 Mar 2017 23:20:28 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs Cisco Email Security Appliance SMTP Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Email%20Security%20Appliance%20SMTP%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Email Security Appliance SMTP Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) Switches and Content Security Management Appliance&nbsp;(SMA) could allow an unauthenticated, remote attacker to conduct a persistent cross-site scripting (XSS) attack against a user of the affected interface on an affected device.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.<br /> <br /> For additional information about cross-site scripting attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin <a href="http://www.cisco.com/en/US/products/cmb/cisco-amb-20060922-understanding-xss.html">Understanding Cross-Site Scripting (XSS) Threat Vectors</a> and the OWASP reference page <a href="https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)">Cross-site Scripting (XSS)</a>.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Email Security Appliance SMTP Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) Switches and Content Security Management Appliance&nbsp;(SMA) could allow an unauthenticated, remote attacker to conduct a persistent cross-site scripting (XSS) attack against a user of the affected interface on an affected device.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.<br /> <br /> For additional information about cross-site scripting attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin <a href="http://www.cisco.com/en/US/products/cmb/cisco-amb-20060922-understanding-xss.html">Understanding Cross-Site Scripting (XSS) Threat Vectors</a> and the OWASP reference page <a href="https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)">Cross-site Scripting (XSS)</a>.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-9202 Thu, 02 Mar 2017 20:42:36 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa1 Cisco Prime Infrastructure Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170301-cpi?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Infrastructure%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Infrastructure Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected system.<br /> <br /> The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click a specific link.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170301-cpi">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170301-cpi</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Infrastructure Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected system.<br /> <br /> The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click a specific link.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170301-cpi">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170301-cpi</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3848 Wed, 01 Mar 2017 16:00:00 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170301-cpi Cisco NetFlow Generation Appliance Stream Control Transmission Protocol Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170301-nga?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20NetFlow%20Generation%20Appliance%20Stream%20Control%20Transmission%20Protocol%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco NetFlow Generation Appliance Stream Control Transmission Protocol Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service (DoS) condition. <br /> <br /> The vulnerability is due to incomplete validation of SCTP packets being monitored on the NGA data ports. An attacker could exploit this vulnerability by sending malformed SCTP packets on a network that is monitored by an NGA data port. SCTP packets addressed to the IP address of the NGA itself will not trigger this vulnerability. An exploit could allow the attacker to cause the appliance to become unresponsive or reload, causing a DoS condition. User interaction could be needed to recover the device using the <strong>reboot</strong> command from the CLI.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170301-nga">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170301-nga</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco NetFlow Generation Appliance Stream Control Transmission Protocol Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service (DoS) condition. <br /> <br /> The vulnerability is due to incomplete validation of SCTP packets being monitored on the NGA data ports. An attacker could exploit this vulnerability by sending malformed SCTP packets on a network that is monitored by an NGA data port. SCTP packets addressed to the IP address of the NGA itself will not trigger this vulnerability. An exploit could allow the attacker to cause the appliance to become unresponsive or reload, causing a DoS condition. User interaction could be needed to recover the device using the <strong>reboot</strong> command from the CLI.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170301-nga">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170301-nga</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3826 Wed, 01 Mar 2017 16:00:00 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170301-nga Cisco AsyncOS Software for Cisco ESA and Cisco WSA Filtering Bypass Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20AsyncOS%20Software%20for%20Cisco%20ESA%20and%20Cisco%20WSA%20Filtering%20Bypass%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco AsyncOS Software for Cisco ESA and Cisco WSA Filtering Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device.<br /> <br /> The vulnerability is due to improper error handling of a malformed MIME header in an email attachment. An attacker could exploit this vulnerability by sending an email with a crafted MIME attachment. For example, a successful exploit could allow the attacker to bypass user filters configured to prevent executable files from being opened. The malformed MIME headers may not be RFC compliant but some mail clients could still allow users to access the attachment, which may not have been properly filtered by the device.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco AsyncOS Software for Cisco ESA and Cisco WSA Filtering Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device.<br /> <br /> The vulnerability is due to improper error handling of a malformed MIME header in an email attachment. An attacker could exploit this vulnerability by sending an email with a crafted MIME attachment. For example, a successful exploit could allow the attacker to bypass user filters configured to prevent executable files from being opened. The malformed MIME headers may not be RFC compliant but some mail clients could still allow users to access the attachment, which may not have been properly filtered by the device.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3827 Tue, 28 Feb 2017 00:10:24 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-asa?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ASA%20Clientless%20SSL%20VPN%20CIFS%20Heap%20Overflow%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software could allow an authenticated, remote attacker to cause a heap overflow.<br /> <br /> The vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by sending a crafted URL to the affected system. An exploit could allow the remote attacker to cause a reload of the affected system or potentially execute code.<br /> <strong><br /> Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid TCP connection is needed to perform the attack. The attacker needs to have valid credentials to log in to the Clientless SSL VPN portal.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-asa">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-asa</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software could allow an authenticated, remote attacker to cause a heap overflow.<br /> <br /> The vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by sending a crafted URL to the affected system. An exploit could allow the remote attacker to cause a reload of the affected system or potentially execute code.<br /> <strong><br /> Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid TCP connection is needed to perform the attack. The attacker needs to have valid credentials to log in to the Clientless SSL VPN portal.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-asa">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-asa</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3807 Fri, 17 Feb 2017 22:22:51 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-asa Cisco Unified Communications Manager Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm3?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Communications%20Manager%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data.<br /> <br /> The vulnerability is due to insufficient protection of sensitive files. An attacker could exploit this vulnerability by modifying parameters of a specific URL. An exploit could allow the attacker to view configuration information.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm3">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm3</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data.<br /> <br /> The vulnerability is due to insufficient protection of sensitive files. An attacker could exploit this vulnerability by modifying parameters of a specific URL. An exploit could allow the attacker to view configuration information.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm3">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm3</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3836 Fri, 17 Feb 2017 21:13:20 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm3 Cisco Meeting Server API Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Meeting%20Server%20API%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Meeting Server API Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in an internal API of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected appliance.<br /> <br /> The vulnerability is due to invalid data being received on a specific port. An attacker could exploit this vulnerability by sending crafted packets to a specific port on the device. Successful exploitation could cause the CMS to crash.<br /> <br /> There are workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Meeting Server API Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in an internal API of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected appliance.<br /> <br /> The vulnerability is due to invalid data being received on a specific port. An attacker could exploit this vulnerability by sending crafted packets to a specific port on the device. Successful exploitation could cause the CMS to crash.<br /> <br /> There are workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3830 Wed, 15 Feb 2017 16:00:00 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms Cisco Intrusion Prevention System Device Manager Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-idm?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Intrusion%20Prevention%20System%20Device%20Manager%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Intrusion Prevention System Device Manager Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of the Cisco Intrusion Prevention System Device Manager (IDM) could allow an unauthenticated, remote attacker to view sensitive information stored in certain HTML comments.<br /> &nbsp;<br /> The vulnerability is due to improper masking of sensitive data in certain HTML comments. An attacker could exploit this vulnerability by navigating to certain configuration screens. An exploit could allow the attacker to discover sensitive data that should be restricted and could be used to conduct further attacks.<br /> <br /> There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-idm">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-idm</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Intrusion Prevention System Device Manager Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of the Cisco Intrusion Prevention System Device Manager (IDM) could allow an unauthenticated, remote attacker to view sensitive information stored in certain HTML comments.<br /> &nbsp;<br /> The vulnerability is due to improper masking of sensitive data in certain HTML comments. An attacker could exploit this vulnerability by navigating to certain configuration screens. An exploit could allow the attacker to discover sensitive data that should be restricted and could be used to conduct further attacks.<br /> <br /> There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-idm">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-idm</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3842 Wed, 15 Feb 2017 16:00:00 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-idm Cisco Firepower Management Center Web Framework Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-fpmc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Firepower%20Management%20Center%20Web%20Framework%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Firepower Management Center Web Framework Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface.<br /> <br /> The vulnerability occurs because the affected software fails to perform sufficient validation and sanitization of user-supplied input when processing crafted URLs. An authenticated, remote attacker could exploit the vulnerability by convincing a user to follow a malicious link. Successful exploitation could allow the attacker to execute arbitrary script code in the context of the affected site and allow the attacker to access sensitive browser-based information.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-fpmc">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-fpmc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Firepower Management Center Web Framework Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface.<br /> <br /> The vulnerability occurs because the affected software fails to perform sufficient validation and sanitization of user-supplied input when processing crafted URLs. An authenticated, remote attacker could exploit the vulnerability by convincing a user to follow a malicious link. Successful exploitation could allow the attacker to execute arbitrary script code in the context of the affected site and allow the attacker to access sensitive browser-based information.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-fpmc">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-fpmc</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3847 Wed, 15 Feb 2017 16:00:00 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-fpmc Cisco Unified Communications Manager Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Communications%20Manager%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. <br /> <br /> Additional information about XSS attacks and potential mitigations can be found at:<br /> <br /> <a href="https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss">https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss</a><br /> <a href="https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)">https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)</a><br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. <br /> <br /> Additional information about XSS attacks and potential mitigations can be found at:<br /> <br /> <a href="https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss">https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss</a><br /> <a href="https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)">https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)</a><br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm2</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3829 Wed, 15 Feb 2017 16:00:00 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm2 Cisco Unified Communications Manager Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Communications%20Manager%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.<br /> <br /> Additional information about XSS attacks and potential mitigations can be found at:<br /> <br /> <a href="https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss">https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss</a><br /> <a href="https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)">https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)</a><br /> <br /> There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.<br /> <br /> Additional information about XSS attacks and potential mitigations can be found at:<br /> <br /> <a href="https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss">https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss</a><br /> <a href="https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)">https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)</a><br /> <br /> There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3828 Wed, 15 Feb 2017 16:00:00 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm1 Cisco Unified Communications Manager Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Communications%20Manager%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the serviceability page of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks.<br /> <br /> The vulnerability is due to improper sanitization or encoding of user-supplied data by the serviceability page of an affected version of Cisco Unified Communications Manager. An attacker could exploit this vulnerability by persuading a targeted user to follow a malicious link. An exploit could allow the attacker to conduct a reflected XSS attack.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the serviceability page of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks.<br /> <br /> The vulnerability is due to improper sanitization or encoding of user-supplied data by the serviceability page of an affected version of Cisco Unified Communications Manager. An attacker could exploit this vulnerability by persuading a targeted user to follow a malicious link. An exploit could allow the attacker to conduct a reflected XSS attack.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3821 Wed, 15 Feb 2017 16:00:00 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm Cisco Meeting Server HTTP Packet Processing Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Meeting%20Server%20HTTP%20Packet%20Processing%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Meeting Server HTTP Packet Processing Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Web Bridge interface of the Cisco Meeting Server (CMS), formerly Acano Conferencing Server, could allow an authenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. In addition, the attacker could potentially cause the application to crash unexpectedly, resulting in a denial of service (DoS) condition. The attacker would need to be authenticated and have a valid session with the Web Bridge.<br /> <br /> The vulnerability is due to insufficient input validation of an HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP packet to a targeted application. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information or cause a DoS condition.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Meeting Server HTTP Packet Processing Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Web Bridge interface of the Cisco Meeting Server (CMS), formerly Acano Conferencing Server, could allow an authenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. In addition, the attacker could potentially cause the application to crash unexpectedly, resulting in a denial of service (DoS) condition. The attacker would need to be authenticated and have a valid session with the Web Bridge.<br /> <br /> The vulnerability is due to insufficient input validation of an HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP packet to a targeted application. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information or cause a DoS condition.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3837 Wed, 15 Feb 2017 16:00:00 CST https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms1