Cisco Security Advisory https://tools.cisco.com/security/center/psirtrss20/CiscoSecurityAdvisory.xml en-us 1992-2010 Cisco Systems, Inc. All rights reserved. Cisco Security Advisory Cisco Systems, Inc. 15 Cisco Firepower Management Center Web Interface Code Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160527-fmc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Firepower%20Management%20Center%20Web%20Interface%20Code%20Injection%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Firepower Management Center Web Interface Code Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to modify a page in the web interface.<br /> &nbsp;<br /> The vulnerability is due to improper sanitization of some parameter values. An attacker could exploit this vulnerability by injecting malicious code into an affected parameter and persuading a user to access a web page that triggers the injected code.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160527-fmc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160527-fmc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Firepower Management Center Web Interface Code Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to modify a page in the web interface.<br /> &nbsp;<br /> The vulnerability is due to improper sanitization of some parameter values. An attacker could exploit this vulnerability by injecting malicious code into an affected parameter and persuading a user to access a web page that triggers the injected code.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160527-fmc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160527-fmc</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1413 Fri, 27 May 2016 19:01:44 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160527-fmc Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Products%20IPv6%20Neighbor%20Discovery%20Crafted%20Packet%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the IP Version 6 (IPv6) packet processing functions of Cisco&nbsp;IOS XR Software, Cisco&nbsp;IOS XE Software, and Cisco&nbsp;NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service (DoS) condition on the device.<br /> <br /> The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 Neighbor Discovery packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on the device.<br /> <br /> Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the IP Version 6 (IPv6) packet processing functions of Cisco&nbsp;IOS XR Software, Cisco&nbsp;IOS XE Software, and Cisco&nbsp;NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service (DoS) condition on the device.<br /> <br /> The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 Neighbor Discovery packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on the device.<br /> <br /> Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1409 Thu, 26 May 2016 15:00:50 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6 Cisco WebEx Meeting Center Site Access Control User Account Enumeration Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160526-wmc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20WebEx%20Meeting%20Center%20Site%20Access%20Control%20User%20Account%20Enumeration%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco WebEx Meeting Center Site Access Control User Account Enumeration Vulnerability" border='0' height='0' width='0'></img>A vulnerability in site access control functionality of Cisco&nbsp;WebEx Meeting Center could allow an unauthenticated, remote attacker to enumerate valid user accounts.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by attending or hosting certain meeting types.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160526-wmc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160526-wmc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco WebEx Meeting Center Site Access Control User Account Enumeration Vulnerability" border='0' height='0' width='0'></img>A vulnerability in site access control functionality of Cisco&nbsp;WebEx Meeting Center could allow an unauthenticated, remote attacker to enumerate valid user accounts.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by attending or hosting certain meeting types.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160526-wmc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160526-wmc</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1410 Thu, 26 May 2016 14:30:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160526-wmc Cisco UCS Invicta Software Default GPG Key Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160524-ucs-inv?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20UCS%20Invicta%20Software%20Default%20GPG%20Key%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco UCS Invicta Software Default GPG Key Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco&nbsp;UCS Invicta Software could allow an unauthenticated, remote attacker to access some encrypted information, if the attacker can intercept communication between an affected system and a Cisco&nbsp;UCS Invicta Autosupport server.<br /> <br /> The vulnerability is due to the presence of a default, static encryption key in the affected software. The key is used to encrypt some of the information that is exchanged between an affected device and the Autosupport server. An attacker could exploit this vulnerability by intercepting communication between an affected device and the Autosupport server and using the key to decrypt some of the information communicated between them.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160524-ucs-inv">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160524-ucs-inv</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco UCS Invicta Software Default GPG Key Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco&nbsp;UCS Invicta Software could allow an unauthenticated, remote attacker to access some encrypted information, if the attacker can intercept communication between an affected system and a Cisco&nbsp;UCS Invicta Autosupport server.<br /> <br /> The vulnerability is due to the presence of a default, static encryption key in the affected software. The key is used to encrypt some of the information that is exchanged between an affected device and the Autosupport server. An attacker could exploit this vulnerability by intercepting communication between an affected device and the Autosupport server and using the key to decrypt some of the information communicated between them.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160524-ucs-inv">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160524-ucs-inv</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1404 Tue, 24 May 2016 08:30:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160524-ucs-inv Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager JSON Privilege Escalation Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160523-pi-epnm?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Infrastructure%20and%20Cisco%20Evolved%20Programmable%20Network%20Manager%20JSON%20Privilege%20Escalation%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager JSON Privilege Escalation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the application programming interface (API) web interface of the Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, remote attacker to perform privilege escalation on the affected device. The attacker can escalate privileges to the <em>root </em>level in most cases.<br /> &nbsp;<br /> The vulnerability is due to incorrect role-based access control (RBAC) evaluation when a low-privileged user requests a web page or service that should be restricted. An attacker could exploit this vulnerability by performing reconnaissance attacks to the application web pages and services to identify potential devices of interest. The attacker could then craft an HTTP request with a crafted JavaScript Object Notation (JSON) payload to request the targeted sensitive data. An exploit could allow the attacker to perform privilege escalation on the applications to the <em>root</em> level and access unauthorized data.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160523-pi-epnm">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160523-pi-epnm</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager JSON Privilege Escalation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the application programming interface (API) web interface of the Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, remote attacker to perform privilege escalation on the affected device. The attacker can escalate privileges to the <em>root </em>level in most cases.<br /> &nbsp;<br /> The vulnerability is due to incorrect role-based access control (RBAC) evaluation when a low-privileged user requests a web page or service that should be restricted. An attacker could exploit this vulnerability by performing reconnaissance attacks to the application web pages and services to identify potential devices of interest. The attacker could then craft an HTTP request with a crafted JavaScript Object Notation (JSON) payload to request the targeted sensitive data. An exploit could allow the attacker to perform privilege escalation on the applications to the <em>root</em> level and access unauthorized data.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160523-pi-epnm">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160523-pi-epnm</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1406 Mon, 23 May 2016 21:20:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160523-pi-epnm Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20March%202016&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016" border='0' height='0' width='0'></img>On March 1, 2016, the OpenSSL Software Foundation released a security advisory detailing seven vulnerabilities and a new attack, referred to as the <em>Decrypting RSA with Obsolete and Weakened eNcryption (DROWN)</em> attack. A total of eight Common Vulnerabilities and Exposures (CVEs) were assigned. Of the eight CVEs, three relate to the DROWN attack. The remaining CVEs track low severity vulnerabilities.<br /> <br /> DROWN is a cross-protocol attack that actively exploits weaknesses in SSL Version 2 (SSLv2) to decrypt passively collected Transport Layer Security (TLS) sessions. DROWN does not exploit a vulnerability in the TLS protocol or any specific implementation of the protocol.<br /> <br /> To execute a successful DROWN attack, the attacker must identify a server that supports both SSLv2 and TLS, and uses the same RSA key pair for both protocols. The attacker must also be able to collect TLS traffic for the server. <br /> <br /> This advisory will be updated as additional information becomes available. <br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016" border='0' height='0' width='0'></img>On March 1, 2016, the OpenSSL Software Foundation released a security advisory detailing seven vulnerabilities and a new attack, referred to as the <em>Decrypting RSA with Obsolete and Weakened eNcryption (DROWN)</em> attack. A total of eight Common Vulnerabilities and Exposures (CVEs) were assigned. Of the eight CVEs, three relate to the DROWN attack. The remaining CVEs track low severity vulnerabilities.<br /> <br /> DROWN is a cross-protocol attack that actively exploits weaknesses in SSL Version 2 (SSLv2) to decrypt passively collected Transport Layer Security (TLS) sessions. DROWN does not exploit a vulnerability in the TLS protocol or any specific implementation of the protocol.<br /> <br /> To execute a successful DROWN attack, the attacker must identify a server that supports both SSLv2 and TLS, and uses the same RSA key pair for both protocols. The attacker must also be able to collect TLS traffic for the server. <br /> <br /> This advisory will be updated as additional information becomes available. <br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-0702,CVE-2016-0703,CVE-2016-0704,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800,CVE-2016-2842,CVE-2016-2842 Mon, 23 May 2016 14:04:56 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl Cisco IOS XR LPTS Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20XR%20LPTS%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XR LPTS Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Local Packet Transport Services (LPTS) network stack of Cisco IOS XR for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a limited denial of service (DoS) condition on an affected platform.<br /> &nbsp;<br /> The vulnerability is due to improper handling of flow base entries by LPTS. This can cause too many known entries for a protocol to be created, causing existing or new sessions to be dropped. An attacker could exploit this vulnerability by sending continuous connection attempts to the open TCP ports to cause an exhaustion of services. An exploit could allow the attacker to cause a limited DoS condition on an affected platform.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XR LPTS Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Local Packet Transport Services (LPTS) network stack of Cisco IOS XR for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a limited denial of service (DoS) condition on an affected platform.<br /> &nbsp;<br /> The vulnerability is due to improper handling of flow base entries by LPTS. This can cause too many known entries for a protocol to be created, causing existing or new sessions to be dropped. An attacker could exploit this vulnerability by sending continuous connection attempts to the open TCP ports to cause an exhaustion of services. An exploit could allow the attacker to cause a limited DoS condition on an affected platform.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1407 Fri, 20 May 2016 17:58:45 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr Cisco Unified Computing System Central Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ucs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Computing%20System%20Central%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Computing System Central Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP web-based management interface of Cisco Unified Computing System (UCS) Central Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected system.<br /> &nbsp;<br /> The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click a specific link. A successful exploit could allow the attacker to submit arbitrary requests to the affected system via a web browser with the privileges of the user.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ucs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ucs</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Computing System Central Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP web-based management interface of Cisco Unified Computing System (UCS) Central Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected system.<br /> &nbsp;<br /> The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click a specific link. A successful exploit could allow the attacker to submit arbitrary requests to the affected system via a web browser with the privileges of the user.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ucs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ucs</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1401 Wed, 18 May 2016 19:42:52 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ucs Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Web%20Security%20Appliance%20HTTP%20POST%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability that occurs when parsing an HTTP POST request with Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process becoming unresponsive.<br /> <br /> The vulnerability is due to a lack of proper input validation of the packets that make up the HTTP POST request. An attacker could exploit this vulnerability by sending a crafted HTTP POST request to the affected device. An exploit could allow the attacker to cause a DoS condition due to the proxy process becoming unresponsive and the WSA reloading.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <div><br /> </div> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability that occurs when parsing an HTTP POST request with Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process becoming unresponsive.<br /> <br /> The vulnerability is due to a lack of proper input validation of the packets that make up the HTTP POST request. An attacker could exploit this vulnerability by sending a crafted HTTP POST request to the affected device. An exploit could allow the attacker to cause a DoS condition due to the proxy process becoming unresponsive and the WSA reloading.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <div><br /> </div> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1380 Wed, 18 May 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1 Cisco Web Security Appliance Connection Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Web%20Security%20Appliance%20Connection%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance Connection Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco AsyncOS for the Cisco Web Security Appliance (WSA) when the software handles a specific HTTP response code could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance because the appliance runs out of system memory.<br /> <br /> The vulnerability occurs because the software does not free client and server connection memory and system file descriptors when a certain HTTP response code is received in the HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition because the appliance runs out of system memory. When this happens, the device can no longer accept new incoming connection requests.<br /> <br /> Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is also available.<br /> &nbsp;<br /> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance Connection Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco AsyncOS for the Cisco Web Security Appliance (WSA) when the software handles a specific HTTP response code could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance because the appliance runs out of system memory.<br /> <br /> The vulnerability occurs because the software does not free client and server connection memory and system file descriptors when a certain HTTP response code is received in the HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition because the appliance runs out of system memory. When this happens, the device can no longer accept new incoming connection requests.<br /> <br /> Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is also available.<br /> &nbsp;<br /> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1383 Wed, 18 May 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4 Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Web%20Security%20Appliance%20HTTP%20Length%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in HTTP request parsing in Cisco AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the proxy process unexpectedly restarts.<br /> <br /> The vulnerability occurs because the affected software does not properly allocate space for the HTTP header and any expected HTTP payload. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition when the proxy process unexpectedly reloads, which can cause traffic to be dropped.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> &nbsp;<br /> This advisory is available at the following link:<br /> <br /> &nbsp;<a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in HTTP request parsing in Cisco AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the proxy process unexpectedly restarts.<br /> <br /> The vulnerability occurs because the affected software does not properly allocate space for the HTTP header and any expected HTTP payload. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition when the proxy process unexpectedly reloads, which can cause traffic to be dropped.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> &nbsp;<br /> This advisory is available at the following link:<br /> <br /> &nbsp;<a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1382 Wed, 18 May 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3 Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Web%20Security%20Appliance%20Cached%20Range%20Request%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the cached file-range request functionality of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance due to the appliance running out of system memory.<br /> <br /> The vulnerability is due to a failure to free memory when a file range for cached content is requested through the WSA. An attacker could exploit this vulnerability by opening multiple connections that request file ranges through the affected device. A successful exploit could allow the attacker to cause the WSA to stop passing traffic when enough memory is used and not freed.<br /> <br /> Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is also available.<br /> &nbsp;<br /> This advisory is available at the following link:<br /> <br /> &nbsp;<a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the cached file-range request functionality of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance due to the appliance running out of system memory.<br /> <br /> The vulnerability is due to a failure to free memory when a file range for cached content is requested through the WSA. An attacker could exploit this vulnerability by opening multiple connections that request file ranges through the affected device. A successful exploit could allow the attacker to cause the WSA to stop passing traffic when enough memory is used and not freed.<br /> <br /> Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is also available.<br /> &nbsp;<br /> This advisory is available at the following link:<br /> <br /> &nbsp;<a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1381 Wed, 18 May 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2 Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ASA%20Software%20IKEv1%20and%20IKEv2%20Buffer%20Overflow%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. <br /> <br /> The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic.<br /> <br /> Cisco has released software updates that address this vulnerability. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. <br /> <br /> The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic.<br /> <br /> Cisco has released software updates that address this vulnerability. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2016-1287 Wed, 18 May 2016 13:50:25 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20May%202016&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016 " border='0' height='0' width='0'></img>On May 3, 2016, the OpenSSL Software Foundation released a security advisory that included six vulnerabilities. Of the six vulnerabilities disclosed, four of them may cause memory corruption or excessive memory usage, one could allow a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server supports AES-NI, and, lastly, one is specific to a product performing an operation with<em> </em>Extended Binary Coded Decimal Interchange Code (EBCDIC) encoding.<br /> <br /> Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities. <br /> <br /> This advisory will be updated as additional information becomes available. <br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016 " border='0' height='0' width='0'></img>On May 3, 2016, the OpenSSL Software Foundation released a security advisory that included six vulnerabilities. Of the six vulnerabilities disclosed, four of them may cause memory corruption or excessive memory usage, one could allow a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server supports AES-NI, and, lastly, one is specific to a product performing an operation with<em> </em>Extended Binary Coded Decimal Interchange Code (EBCDIC) encoding.<br /> <br /> Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities. <br /> <br /> This advisory will be updated as additional information becomes available. <br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-2105,CVE-2016-2106,CVE-2016-2107,CVE-2016-2108,CVE-2016-2109,CVE-2016-2176 Tue, 17 May 2016 16:29:15 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Appliance%20VPN%20Memory%20Block%20Exhaustion%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the IPsec code of Cisco&nbsp;Adaptive Security Appliance&nbsp;(ASA) Software could allow an authenticated, remote attacker to cause the depletion of a memory block, which may cause the system to stop forwarding traffic and result in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to an error in the implementation of ICMP error handling for IPsec packets. An attacker could exploit this vulnerability by sending crafted packets through an established LAN-to-LAN or Remote Access VPN tunnel. A successful exploit could allow the attacker to deplete available memory and cause system instability or cause the system to stop forwarding traffic.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the IPsec code of Cisco&nbsp;Adaptive Security Appliance&nbsp;(ASA) Software could allow an authenticated, remote attacker to cause the depletion of a memory block, which may cause the system to stop forwarding traffic and result in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to an error in the implementation of ICMP error handling for IPsec packets. An attacker could exploit this vulnerability by sending crafted packets through an established LAN-to-LAN or Remote Access VPN tunnel. A successful exploit could allow the attacker to deplete available memory and cause system instability or cause the system to stop forwarding traffic.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1379 Tue, 17 May 2016 14:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn Cisco Adaptive Security Appliance XML Parser Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Appliance%20XML%20Parser%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance XML Parser Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in XML parser code of Cisco Adaptive Security Appliance Software could allow an authenticated, remote attacker to cause system instability or a reload of the affected system.<br /> <br /> The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could exploit this vulnerability in multiple ways by utilizing a malicious file. An attacker with administrative privileges could exploit this by uploading a malicious XML file on the system and trigger the XML code to parse the malicious file. Additionally, an attacker with Clienteles SSL VPN access could exploit this vulnerability by sending a crafted XML file. An exploit would allow the attacker to crash the XML parser process, which could cause system instability, memory exhaustion, and in some cases lead to a reload of the affected system.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance XML Parser Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in XML parser code of Cisco Adaptive Security Appliance Software could allow an authenticated, remote attacker to cause system instability or a reload of the affected system.<br /> <br /> The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could exploit this vulnerability in multiple ways by utilizing a malicious file. An attacker with administrative privileges could exploit this by uploading a malicious XML file on the system and trigger the XML code to parse the malicious file. Additionally, an attacker with Clienteles SSL VPN access could exploit this vulnerability by sending a crafted XML file. An exploit would allow the attacker to crash the XML parser process, which could cause system instability, memory exhaustion, and in some cases lead to a reload of the affected system.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1385 Tue, 17 May 2016 00:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml Cisco Identity Services Engine Active Directory Integration Component Remote Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ise?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Identity%20Services%20Engine%20Active%20Directory%20Integration%20Component%20Remote%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Identity Services Engine Active Directory Integration Component Remote Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Active Directory integration component of Cisco Identity Service Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service attack.<br /> <br /> The vulnerability is due to improper handling of password authentication protocol (PAP) authentication requests when ISE is configured with an authorization policy based on Active Directory group membership. An attacker could exploit this vulnerability by crafting a special but formally correct PAP authentication request that will trigger the issue. An exploit could allow the attacker to cause the failures of all subsequent authentication requests for the same Active Directory domain.&nbsp;<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ise">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ise</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Identity Services Engine Active Directory Integration Component Remote Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Active Directory integration component of Cisco Identity Service Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service attack.<br /> <br /> The vulnerability is due to improper handling of password authentication protocol (PAP) authentication requests when ISE is configured with an authorization policy based on Active Directory group membership. An attacker could exploit this vulnerability by crafting a special but formally correct PAP authentication request that will trigger the issue. An exploit could allow the attacker to cause the failures of all subsequent authentication requests for the same Active Directory domain.&nbsp;<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ise">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ise</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1402 Tue, 17 May 2016 00:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ise Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Video%20Communication%20Server%20Session%20Initiation%20Protocol%20Packet%20Processing%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Session Initiation Protocol (SIP) implementation of the Cisco Video Communications Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br /> &nbsp;<br /> The vulnerability is due to a malformed SIP header message. An attacker could exploit this vulnerability by manipulating the SIP URI. An exploit could allow the attacker to cause a disruption of service to the application.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Session Initiation Protocol (SIP) implementation of the Cisco Video Communications Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br /> &nbsp;<br /> The vulnerability is due to a malformed SIP header message. An attacker could exploit this vulnerability by manipulating the SIP URI. An exploit could allow the attacker to cause a disruption of service to the application.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1400 Mon, 16 May 2016 00:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs Cisco Industrial Ethernet 4000 and Ethernet 5000 Series Switches ICMP IPv4 Packet Corruption Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160513-ies?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Industrial%20Ethernet%204000%20and%20Ethernet%205000%20Series%20Switches%20ICMP%20IPv4%20Packet%20Corruption%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Industrial Ethernet 4000 and Ethernet 5000 Series Switches ICMP IPv4 Packet Corruption Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the packet processing microcode of Cisco Industrial Ethernet 4000 Series Switches and Cisco Industrial Ethernet 5000 Series Switches could allow an unauthenticated, remote attacker to corrupt packets enqueued on the device for further processing.<br /> <br /> The vulnerability is due to improper processing of some ICMP IPv4 packets. An attacker could exploit this vulnerability by sending ICMP IPv4 packets to an affected device. A successful exploit could allow an attacker to corrupt the packet enqueued immediately after the packet sent. This may impact control traffic to the device itself (Address Resolution Protocol (ARP) traffic) or traffic transiting the device.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160513-ies">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160513-ies</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Industrial Ethernet 4000 and Ethernet 5000 Series Switches ICMP IPv4 Packet Corruption Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the packet processing microcode of Cisco Industrial Ethernet 4000 Series Switches and Cisco Industrial Ethernet 5000 Series Switches could allow an unauthenticated, remote attacker to corrupt packets enqueued on the device for further processing.<br /> <br /> The vulnerability is due to improper processing of some ICMP IPv4 packets. An attacker could exploit this vulnerability by sending ICMP IPv4 packets to an affected device. A successful exploit could allow an attacker to corrupt the packet enqueued immediately after the packet sent. This may impact control traffic to the device itself (Address Resolution Protocol (ARP) traffic) or traffic transiting the device.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160513-ies">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160513-ies</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1399 Fri, 13 May 2016 16:30:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160513-ies Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20Network%20Time%20Protocol%20Daemon%20Affecting%20Cisco%20Products:%20April%202016&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016" border='0' height='0' width='0'></img>Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (NTP) server.<br /> <br /> On April 26, 2016, the NTP Consortium of the Network Time Foundation released a security notice that details 11 issues regarding DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may allow an attacker to shift a system's time. Two of the vulnerabilities disclosed in the NTP security notice address issues that were previously disclosed without a complete fix.<br /> <br /> The new vulnerabilities disclosed in this document are as follows:<br /> <ul> <li>CVE-2016-1547: Network Time Protocol CRYPTO-NAK Denial of Service Vulnerability</li> <li>CVE-2016-1548: Network Time Protocol Interleave-Pivot Denial of Service Vulnerability</li> <li>CVE-2016-1549: Network Time Protocol Sybil Ephemeral Association Attack Vulnerability</li> <li>CVE-2016-1550: Network Time Protocol Improve NTP Security Against Buffer Comparison Timing Attacks</li> <li>CVE-2016-1551: Network Time Protocol Refclock Impersonation Vulnerability</li> <li>CVE-2016-2516: Network Time Protocol Duplicate IPs on Unconfig Directives Will Cause an Assertion Botch in ntpd</li> <li>CVE-2016-2517: Network Time Protocol Remote Configuration Trustedkey/Requestkey/Controlkey Values Are Not Properly Validated</li> <li>CVE-2016-2518: Network Time Protocol Crafted addpeer Causes Array Wraparound with MATCH_ASSOC</li> <li>CVE-2016-2519: Network Time Protocol Remote ctl_getitem() Return Value Not Always Checked</li> </ul> The two vulnerabilities that were previously disclosed without a complete fix are as follows:<br /> <ul> <li>CVE-2015-8138:&nbsp;Network Time Protocol Zero Origin Timestamp Bypass</li> <li>CVE-2015-7704:&nbsp;Network Time Protocol Packet Processing Denial of Service Vulnerability</li> </ul> Those vulnerabilities were disclosed by Cisco in the following Cisco Security Advisories:<br /> <ul> <li> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp">Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015</a></li> <li> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd">Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: January 2016</a></li> </ul> Additional details about each vulnerability are in the <a href="http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security">NTP Consortium Security Notice</a>.<br /> <br /> Cisco will release software updates that address these vulnerabilities.<br /> <br /> Workarounds that address one or more of these vulnerabilities may be available and will be documented in the Cisco bug for each affected product.<br /> <br /> This advisory is available at the following link: <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd</a><br /> <br /> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016" border='0' height='0' width='0'></img>Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (NTP) server.<br /> <br /> On April 26, 2016, the NTP Consortium of the Network Time Foundation released a security notice that details 11 issues regarding DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may allow an attacker to shift a system's time. Two of the vulnerabilities disclosed in the NTP security notice address issues that were previously disclosed without a complete fix.<br /> <br /> The new vulnerabilities disclosed in this document are as follows:<br /> <ul> <li>CVE-2016-1547: Network Time Protocol CRYPTO-NAK Denial of Service Vulnerability</li> <li>CVE-2016-1548: Network Time Protocol Interleave-Pivot Denial of Service Vulnerability</li> <li>CVE-2016-1549: Network Time Protocol Sybil Ephemeral Association Attack Vulnerability</li> <li>CVE-2016-1550: Network Time Protocol Improve NTP Security Against Buffer Comparison Timing Attacks</li> <li>CVE-2016-1551: Network Time Protocol Refclock Impersonation Vulnerability</li> <li>CVE-2016-2516: Network Time Protocol Duplicate IPs on Unconfig Directives Will Cause an Assertion Botch in ntpd</li> <li>CVE-2016-2517: Network Time Protocol Remote Configuration Trustedkey/Requestkey/Controlkey Values Are Not Properly Validated</li> <li>CVE-2016-2518: Network Time Protocol Crafted addpeer Causes Array Wraparound with MATCH_ASSOC</li> <li>CVE-2016-2519: Network Time Protocol Remote ctl_getitem() Return Value Not Always Checked</li> </ul> The two vulnerabilities that were previously disclosed without a complete fix are as follows:<br /> <ul> <li>CVE-2015-8138:&nbsp;Network Time Protocol Zero Origin Timestamp Bypass</li> <li>CVE-2015-7704:&nbsp;Network Time Protocol Packet Processing Denial of Service Vulnerability</li> </ul> Those vulnerabilities were disclosed by Cisco in the following Cisco Security Advisories:<br /> <ul> <li> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp">Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015</a></li> <li> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd">Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: January 2016</a></li> </ul> Additional details about each vulnerability are in the <a href="http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security">NTP Consortium Security Notice</a>.<br /> <br /> Cisco will release software updates that address these vulnerabilities.<br /> <br /> Workarounds that address one or more of these vulnerabilities may be available and will be documented in the Cisco bug for each affected product.<br /> <br /> This advisory is available at the following link: <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd</a><br /> <br /> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2015-7704,CVE-2015-8138,CVE-2016-1547,CVE-2016-1548,CVE-2016-1549,CVE-2016-1550,CVE-2016-1551,CVE-2016-2516,CVE-2016-2517,CVE-2016-2518,CVE-2016-2519 Fri, 13 May 2016 15:48:40 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd Multiple Cisco Products libSRTP Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-libsrtp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Cisco%20Products%20libSRTP%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Cisco Products libSRTP Denial of Service Vulnerability" border='0' height='0' width='0'></img>Cisco released version 1.5.3 of the Secure Real-Time Transport Protocol (SRTP) library (libSRTP), which addresses a denial of service (DoS) vulnerability. Multiple Cisco products incorporate a vulnerable version of the libSRTP library.<br /> <br /> The vulnerability is in the encryption processing subsystem of libSRTP and could allow an unauthenticated, remote attacker to trigger a DoS condition. The vulnerability is due to improper input validation of certain fields of SRTP packets. An attacker could exploit this vulnerability by sending a crafted SRTP packet designed to trigger the issue to an affected device.<br /> <br /> The impact of this vulnerability on Cisco products may vary depending on the affected product. Details about the impact on each product are outlined in the "Conditions" section of each Cisco bug for this vulnerability. The bug IDs are listed at the top of this advisory and in the table in "Vulnerable Products."<br /> <br /> This advisory is available at the following link: <br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-libsrtp">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-libsrtp</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Cisco Products libSRTP Denial of Service Vulnerability" border='0' height='0' width='0'></img>Cisco released version 1.5.3 of the Secure Real-Time Transport Protocol (SRTP) library (libSRTP), which addresses a denial of service (DoS) vulnerability. Multiple Cisco products incorporate a vulnerable version of the libSRTP library.<br /> <br /> The vulnerability is in the encryption processing subsystem of libSRTP and could allow an unauthenticated, remote attacker to trigger a DoS condition. The vulnerability is due to improper input validation of certain fields of SRTP packets. An attacker could exploit this vulnerability by sending a crafted SRTP packet designed to trigger the issue to an affected device.<br /> <br /> The impact of this vulnerability on Cisco products may vary depending on the affected product. Details about the impact on each product are outlined in the "Conditions" section of each Cisco bug for this vulnerability. The bug IDs are listed at the top of this advisory and in the table in "Vulnerable Products."<br /> <br /> This advisory is available at the following link: <br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-libsrtp">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-libsrtp</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2015-6360 Tue, 10 May 2016 17:14:03 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-libsrtp Cisco Cloud Network Automation Provisioner SQL Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160510-cnap?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Cloud%20Network%20Automation%20Provisioner%20SQL%20Injection%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Cloud Network Automation Provisioner SQL Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Cloud Network Automation Provisioner (CNAP) could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries.<br /> <br /> The vulnerability is due to a failure to validate user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that include SQL statements to a targeted system. A successful exploit could allow the attacker to modify or delete entries in some database tables, affecting the integrity of some functions.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160510-cnap">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160510-cnap</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Cloud Network Automation Provisioner SQL Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Cloud Network Automation Provisioner (CNAP) could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries.<br /> <br /> The vulnerability is due to a failure to validate user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that include SQL statements to a targeted system. A successful exploit could allow the attacker to modify or delete entries in some database tables, affecting the integrity of some functions.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160510-cnap">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160510-cnap</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1393 Tue, 10 May 2016 09:30:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160510-cnap Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20and%20IOS%20XE%20and%20Cisco%20Unified%20Communications%20Manager%20Software%20Session%20Initiation%20Protocol%20Memory%20Leak%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Session Initiation Protocol (SIP) gateway implementation in Cisco IOS, IOS XE, and Cisco Unified Communications Manager Software could allow an unauthenticated, remote attacker to cause a memory leak and eventual reload of an affected device.<br /> <br /> The vulnerability is due to improper processing of malformed SIP messages. An attacker could exploit this vulnerability by sending malformed SIP messages to be processed by an affected device. An exploit could allow the attacker to cause a memory leak and eventual reload of the affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability other than disabling SIP on the vulnerable device.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tvce.cisco.com/security/AIMS/http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip</a><br /> <br /> This advisory is part of the March 23, 2016, release of the Cisco&nbsp;IOS and IOS&nbsp;XE Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. All the vulnerabilities have a Security Impact Rating of "High." For a complete list of advisories and links to them, see <a href="http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html">Cisco Event Response: Semiannual Cisco&nbsp;IOS and IOS&nbsp;XE Software Security Advisory Bundled Publication</a>.<br /> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Session Initiation Protocol (SIP) gateway implementation in Cisco IOS, IOS XE, and Cisco Unified Communications Manager Software could allow an unauthenticated, remote attacker to cause a memory leak and eventual reload of an affected device.<br /> <br /> The vulnerability is due to improper processing of malformed SIP messages. An attacker could exploit this vulnerability by sending malformed SIP messages to be processed by an affected device. An exploit could allow the attacker to cause a memory leak and eventual reload of the affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability other than disabling SIP on the vulnerable device.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tvce.cisco.com/security/AIMS/http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip</a><br /> <br /> This advisory is part of the March 23, 2016, release of the Cisco&nbsp;IOS and IOS&nbsp;XE Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. All the vulnerabilities have a Security Impact Rating of "High." For a complete list of advisories and links to them, see <a href="http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html">Cisco Event Response: Semiannual Cisco&nbsp;IOS and IOS&nbsp;XE Software Security Advisory Bundled Publication</a>.<br /> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1350 Mon, 09 May 2016 12:46:51 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip Cisco Finesse HTTP Request Processing Server-Side Request Forgery Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-finesse?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Finesse%20HTTP%20Request%20Processing%20Server-Side%20Request%20Forgery%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Finesse HTTP Request Processing Server-Side Request Forgery Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Finesse could allow an unauthenticated, remote attacker to trigger the Finesse server to perform an HTTP request to an arbitrary host. This type of attack is commonly referred to as server-side request forgery (SSRF).<br /> <br /> The vulnerability is due to insufficient access controls for the Finesse application programming interface (API) for gadgets integration. An attacker could exploit this vulnerability by submitting a crafted HTTP request to the Finesse server.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-finesse">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-finesse</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Finesse HTTP Request Processing Server-Side Request Forgery Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Finesse could allow an unauthenticated, remote attacker to trigger the Finesse server to perform an HTTP request to an arbitrary host. This type of attack is commonly referred to as server-side request forgery (SSRF).<br /> <br /> The vulnerability is due to insufficient access controls for the Finesse application programming interface (API) for gadgets integration. An attacker could exploit this vulnerability by submitting a crafted HTTP request to the Finesse server.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-finesse">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-finesse</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1373 Wed, 04 May 2016 19:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-finesse Cisco FirePOWER System Software Packet Processing Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-firepower?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20FirePOWER%20System%20Software%20Packet%20Processing%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco FirePOWER System Software Packet Processing Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the packet processing functions of Cisco&nbsp;FirePOWER System Software could allow an unauthenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper packet handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-firepower">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-firepower</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco FirePOWER System Software Packet Processing Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the packet processing functions of Cisco&nbsp;FirePOWER System Software could allow an unauthenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper packet handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-firepower">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-firepower</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1368 Wed, 04 May 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-firepower Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20TelePresence%20XML%20Application%20Programming%20Interface%20Authentication%20Bypass%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the XML application programming interface&nbsp;(API) of Cisco&nbsp;TelePresence Codec&nbsp;(TC) and Collaboration Endpoint&nbsp;(CE) Software could allow an unauthenticated, remote attacker to bypass authentication and access a targeted system through the API.<br /> <br /> The vulnerability is due to improper implementation of authentication mechanisms for the XML API of the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to the XML API. A successful exploit could allow the attacker to perform unauthorized configuration changes or issue control commands to the affected system by using the API.<br /> <br /> Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the XML application programming interface&nbsp;(API) of Cisco&nbsp;TelePresence Codec&nbsp;(TC) and Collaboration Endpoint&nbsp;(CE) Software could allow an unauthenticated, remote attacker to bypass authentication and access a targeted system through the API.<br /> <br /> The vulnerability is due to improper implementation of authentication mechanisms for the XML API of the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to the XML API. A successful exploit could allow the attacker to perform unauthorized configuration changes or issue control commands to the affected system by using the API.<br /> <br /> Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2016-1387 Wed, 04 May 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Appliance%20with%20FirePOWER%20Services%20Kernel%20Logging%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the kernel logging configuration for Firepower System Software for the Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) module could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources.&nbsp;<br /> <br /> The vulnerability is due to the logging of certain IP packets. An attacker could exploit this vulnerability by sending a flood of specially crafted IP packets to the affected device. An exploit could allow the attacker to cause the Cisco FirePOWER module to cease inspecting traffic or go offline.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the kernel logging configuration for Firepower System Software for the Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) module could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources.&nbsp;<br /> <br /> The vulnerability is due to the logging of certain IP packets. An attacker could exploit this vulnerability by sending a flood of specially crafted IP packets to the affected device. An exploit could allow the attacker to cause the Cisco FirePOWER module to cease inspecting traffic or go offline.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1369 Wed, 04 May 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern Cisco Prime Collaboration Assurance Open Redirect Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160503-pca?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Collaboration%20Assurance%20Open%20Redirect%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Assurance Open Redirect Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Prime Collaboration Assurance Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.<br /> <br /> The vulnerability is due to improper input validation of HTTP request parameters by the affected software. An attacker could exploit this vulnerability by submitting a crafted HTTP request to the web interface of the affected software, which could cause the web interface to redirect the request to a malicious web page at a specified URL. This vulnerability is referred to as an <em>open redirect attack</em> and is used in phishing attacks that get users to unknowingly visit malicious sites.<br /> <br /> Cisco has released software updates that address this vulnerability. There are now workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160503-pca">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160503-pca</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Assurance Open Redirect Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Prime Collaboration Assurance Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.<br /> <br /> The vulnerability is due to improper input validation of HTTP request parameters by the affected software. An attacker could exploit this vulnerability by submitting a crafted HTTP request to the web interface of the affected software, which could cause the web interface to redirect the request to a malicious web page at a specified URL. This vulnerability is referred to as an <em>open redirect attack</em> and is used in phishing attacks that get users to unknowingly visit malicious sites.<br /> <br /> Cisco has released software updates that address this vulnerability. There are now workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160503-pca">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160503-pca</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1392 Tue, 03 May 2016 12:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160503-pca Cisco Information Server XML Parser Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-cis?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Information%20Server%20XML%20Parser%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Information Server XML Parser Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the default configuration of the XML parser component of Cisco&nbsp;Information Server&nbsp;(CIS) could allow an unauthenticated, remote attacker to access sensitive data or cause excessive consumption of system resources, which could cause a denial of service&nbsp;(DoS) condition on a targeted system.<br /> <br /> The vulnerability is due to improper handling of XML External Entities&nbsp;(XXE) by the affected software when the software parses XML files. An attacker could exploit this vulnerability by submitting a crafted XML header to the CIS web framework of an affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-cis">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-cis</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Information Server XML Parser Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the default configuration of the XML parser component of Cisco&nbsp;Information Server&nbsp;(CIS) could allow an unauthenticated, remote attacker to access sensitive data or cause excessive consumption of system resources, which could cause a denial of service&nbsp;(DoS) condition on a targeted system.<br /> <br /> The vulnerability is due to improper handling of XML External Entities&nbsp;(XXE) by the affected software when the software parses XML files. An attacker could exploit this vulnerability by submitting a crafted XML header to the CIS web framework of an affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-cis">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-cis</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1343 Thu, 28 Apr 2016 15:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-cis Cisco Application Policy Infrastructure Controller Enterprise Module Unauthorized Access Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-apic?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Application%20Policy%20Infrastructure%20Controller%20Enterprise%20Module%20Unauthorized%20Access%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application Policy Infrastructure Controller Enterprise Module Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the application programming interface (API) of Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an unauthenticated, remote attacker to create false system notifications for administrators.<br /> <br /> The vulnerability is due to insufficient protection of API functions. An attacker could exploit this vulnerability by sending modified <em>attribute-value</em> pairs back to the affected system. An exploit could allow the attacker to trick an administrative user into performing a malicious task on behalf of the attacker.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-apic">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-apic</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application Policy Infrastructure Controller Enterprise Module Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the application programming interface (API) of Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an unauthenticated, remote attacker to create false system notifications for administrators.<br /> <br /> The vulnerability is due to insufficient protection of API functions. An attacker could exploit this vulnerability by sending modified <em>attribute-value</em> pairs back to the affected system. An exploit could allow the attacker to trick an administrative user into performing a malicious task on behalf of the attacker.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-apic">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-apic</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1386 Thu, 28 Apr 2016 00:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-apic Cisco WebEx Meetings Server Open Redirect Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-cwms?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20WebEx%20Meetings%20Server%20Open%20Redirect%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco WebEx Meetings Server Open Redirect Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco WebEx Meetings Server (CWMS) web interface could allow an unauthenticated, remote attacker to redirect a user to an undesired web page.<br /> <br /> The vulnerability is due to improper input validation of the parameters in the HTTP request. An attacker could exploit this vulnerability by crafting an HTTP request that could cause the web application to redirect the request to a specified malicious URL. This vulnerability is known as an "Open Redirect Attack" and is used in phishing attacks to get users to visit malicious sites without their knowledge.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-cwms">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-cwms</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco WebEx Meetings Server Open Redirect Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco WebEx Meetings Server (CWMS) web interface could allow an unauthenticated, remote attacker to redirect a user to an undesired web page.<br /> <br /> The vulnerability is due to improper input validation of the parameters in the HTTP request. An attacker could exploit this vulnerability by crafting an HTTP request that could cause the web application to redirect the request to a specified malicious URL. This vulnerability is known as an "Open Redirect Attack" and is used in phishing attacks to get users to visit malicious sites without their knowledge.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-cwms">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-cwms</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1389 Thu, 28 Apr 2016 00:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-cwms Cisco Adaptive Security Appliance Software DHCPv6 Relay Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-asa-dhcpv6?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Appliance%20Software%20DHCPv6%20Relay%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance Software DHCPv6 Relay Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the DHCPv6 relay feature of Cisco&nbsp;Adaptive Security Appliance&nbsp;(ASA) Software could allow an unauthenticated, remote attacker to cause an affected device to reload.<br /> <br /> The vulnerability is due to insufficient validation of DHCPv6 packets. An attacker could exploit this vulnerability by sending crafted DHCPv6 packets to an affected device, resulting in a denial of service (DoS) condition.<br /> <br /> This vulnerability affects systems configured in routed firewall mode and in single or multiple context mode. Cisco&nbsp;ASA Software is affected by this vulnerability only if the software is configured with the DHCPv6 relay feature. The vulnerability is triggered only by IPv6 traffic.<br /> <br /> This vulnerability affects Cisco&nbsp;ASA Software release 9.4.1 only.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-asa-dhcpv6">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-asa-dhcpv6</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance Software DHCPv6 Relay Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the DHCPv6 relay feature of Cisco&nbsp;Adaptive Security Appliance&nbsp;(ASA) Software could allow an unauthenticated, remote attacker to cause an affected device to reload.<br /> <br /> The vulnerability is due to insufficient validation of DHCPv6 packets. An attacker could exploit this vulnerability by sending crafted DHCPv6 packets to an affected device, resulting in a denial of service (DoS) condition.<br /> <br /> This vulnerability affects systems configured in routed firewall mode and in single or multiple context mode. Cisco&nbsp;ASA Software is affected by this vulnerability only if the software is configured with the DHCPv6 relay feature. The vulnerability is triggered only by IPv6 traffic.<br /> <br /> This vulnerability affects Cisco&nbsp;ASA Software release 9.4.1 only.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-asa-dhcpv6">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-asa-dhcpv6</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1367 Wed, 20 Apr 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-asa-dhcpv6 Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-wlc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Wireless%20LAN%20Controller%20Management%20Interface%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco&nbsp;Wireless LAN Controller&nbsp;(WLC) devices running Cisco&nbsp;AireOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to the presence of unsupported URLs in the web-based device management interface provided by the affected software. An attacker could exploit this vulnerability by attempting to access a URL that is not generally accessible from and supported by the management interface. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.<br /> <br /> Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-wlc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-wlc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco&nbsp;Wireless LAN Controller&nbsp;(WLC) devices running Cisco&nbsp;AireOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to the presence of unsupported URLs in the web-based device management interface provided by the affected software. An attacker could exploit this vulnerability by attempting to access a URL that is not generally accessible from and supported by the management interface. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.<br /> <br /> Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-wlc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-wlc</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1362 Wed, 20 Apr 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-wlc Cisco Wireless LAN Controller HTTP Parsing Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-htrd?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Wireless%20LAN%20Controller%20HTTP%20Parsing%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Wireless LAN Controller HTTP Parsing Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP URL redirect feature of Cisco&nbsp;Wireless LAN Controller&nbsp;(WLC) Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper handling of HTTP traffic by the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could allow the attacker to cause the device to reload, resulting in a DoS condition, or execute arbitrary code on the device.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-htrd">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-htrd</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Wireless LAN Controller HTTP Parsing Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP URL redirect feature of Cisco&nbsp;Wireless LAN Controller&nbsp;(WLC) Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper handling of HTTP traffic by the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could allow the attacker to cause the device to reload, resulting in a DoS condition, or execute arbitrary code on the device.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-htrd">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-htrd</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2016-1363 Wed, 20 Apr 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-htrd Cisco Wireless LAN Controller Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-bdos?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Wireless%20LAN%20Controller%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Wireless LAN Controller Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Bonjour task manager of Cisco&nbsp;Wireless LAN Controller&nbsp;(WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.<br /> <br /> The vulnerability is due to improper handling of Bonjour traffic by the affected software. An attacker could exploit this vulnerability by sending crafted Bonjour traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-bdos">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-bdos</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Wireless LAN Controller Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Bonjour task manager of Cisco&nbsp;Wireless LAN Controller&nbsp;(WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.<br /> <br /> The vulnerability is due to improper handling of Bonjour traffic by the affected software. An attacker could exploit this vulnerability by sending crafted Bonjour traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-bdos">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-bdos</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1364 Wed, 20 Apr 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-bdos Cisco IOS XR for Cisco ASR 9000 Series Aggregation Services Routers Interface Flap Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-asr?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20XR%20for%20Cisco%20ASR%209000%20Series%20Aggregation%20Services%20Routers%20Interface%20Flap%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XR for Cisco ASR 9000 Series Aggregation Services Routers Interface Flap Vulnerability" border='0' height='0' width='0'></img>A vulnerability in packet processing functions of Cisco IOS XR Software running on Cisco&nbsp;ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause cyclic redundancy check (CRC) and symbol errors on the receiving interface of an affected device, which may lead to an interface flap.<br /> <br /> The vulnerability is due to improper processing of packets that contain certain crafted bit patterns. An attacker could exploit this vulnerability by sending crafted packets to be processed by a line card of an affected device. A successful exploit could allow the attacker to cause CRC and symbol errors on the receiving interface of the device, which may lead to an interface flap.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-asr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-asr</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XR for Cisco ASR 9000 Series Aggregation Services Routers Interface Flap Vulnerability" border='0' height='0' width='0'></img>A vulnerability in packet processing functions of Cisco IOS XR Software running on Cisco&nbsp;ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause cyclic redundancy check (CRC) and symbol errors on the receiving interface of an affected device, which may lead to an interface flap.<br /> <br /> The vulnerability is due to improper processing of packets that contain certain crafted bit patterns. An attacker could exploit this vulnerability by sending crafted packets to be processed by a line card of an affected device. A successful exploit could allow the attacker to cause CRC and symbol errors on the receiving interface of the device, which may lead to an interface flap.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-asr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-asr</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1376 Wed, 20 Apr 2016 15:13:59 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-asr Cisco IOS and Cisco IOS XE ntp Subsystem Unauthorized Access Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20and%20Cisco%20IOS%20XE%20ntp%20Subsystem%20Unauthorized%20Access%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and Cisco IOS XE ntp Subsystem Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the <em>ntp </em>subsystem of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to mobilize <em>ntp </em>associations.<br /> <br /> The vulnerability is due to missing authorization checks on certain <em>ntp </em>packets. An attacker could exploit this vulnerability by ingressing malicious packets to the <em>ntp </em>daemon. An exploit could allow the attacker to control the time of the affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and Cisco IOS XE ntp Subsystem Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the <em>ntp </em>subsystem of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to mobilize <em>ntp </em>associations.<br /> <br /> The vulnerability is due to missing authorization checks on certain <em>ntp </em>packets. An attacker could exploit this vulnerability by ingressing malicious packets to the <em>ntp </em>daemon. An exploit could allow the attacker to control the time of the affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1384 Tue, 19 Apr 2016 00:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios Cisco Prime Infrastructure and Evolved Programmable Network Manager Privilege Escalation API Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-privauth?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Infrastructure%20and%20Evolved%20Programmable%20Network%20Manager%20Privilege%20Escalation%20API%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Infrastructure and Evolved Programmable Network Manager Privilege Escalation API Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web application programming interface (API) of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM)&nbsp;could allow an authenticated,&nbsp;remote attacker to gain elevated privileges.<br /> <br /> The vulnerability is due to improper role-based access control (RBAC) when an unexpected HTTP URL request is received that does not match an expected pattern filter. An&nbsp;attacker could exploit this vulnerability by sending a crafted HTTP request with a modified URL to bypass RBAC settings. An exploit could allow the attacker to gain elevated privileges for the application and gain unauthorized access to data.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds are not available.<br /> <br /> This advisory is available at the following link: <br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-privauth">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-privauth</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Infrastructure and Evolved Programmable Network Manager Privilege Escalation API Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web application programming interface (API) of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM)&nbsp;could allow an authenticated,&nbsp;remote attacker to gain elevated privileges.<br /> <br /> The vulnerability is due to improper role-based access control (RBAC) when an unexpected HTTP URL request is received that does not match an expected pattern filter. An&nbsp;attacker could exploit this vulnerability by sending a crafted HTTP request with a modified URL to bypass RBAC settings. An exploit could allow the attacker to gain elevated privileges for the application and gain unauthorized access to data.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds are not available.<br /> <br /> This advisory is available at the following link: <br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-privauth">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-privauth</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1290 Fri, 15 Apr 2016 20:14:59 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-privauth Cisco Unified Computing System Platform Emulator Command Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Computing%20System%20Platform%20Emulator%20Command%20Injection%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Computing System Platform Emulator Command Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco Unified Computing System (UCS) Platform Emulator could allow an authenticated, local attacker to perform a command injection attack.<br /> &nbsp;<br /> The vulnerability occurs because the affected system improperly handles <em>ucspe-copy</em> command-line arguments. An attacker could exploit this vulnerability by using crafted command arguments on the system. An exploit could allow the attacker to perform a command injection attack, which could allow the attacker to execute arbitrary commands on the system.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Computing System Platform Emulator Command Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco Unified Computing System (UCS) Platform Emulator could allow an authenticated, local attacker to perform a command injection attack.<br /> &nbsp;<br /> The vulnerability occurs because the affected system improperly handles <em>ucspe-copy</em> command-line arguments. An attacker could exploit this vulnerability by using crafted command arguments on the system. An exploit could allow the attacker to perform a command injection attack, which could allow the attacker to execute arbitrary commands on the system.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1339 Thu, 14 Apr 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe1 Cisco Unified Computing System Platform Emulator Filename Argument Handling Buffer Overflow Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Computing%20System%20Platform%20Emulator%20Filename%20Argument%20Handling%20Buffer%20Overflow%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Computing System Platform Emulator Filename Argument Handling Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco Unified Computing System (UCS) Platform Emulator could allow an authenticated, local attacker to trigger a heap-based buffer overflow on a targeted system.<br /> <br /> The vulnerability occurs because the affected system improperly handles <em>libclimeta.so</em> filename arguments. An attacker could exploit this vulnerability by sending crafted filename arguments to the system. An exploit could allow the attacker to execute code on the system or cause a denial of service (DoS) condition.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Computing System Platform Emulator Filename Argument Handling Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco Unified Computing System (UCS) Platform Emulator could allow an authenticated, local attacker to trigger a heap-based buffer overflow on a targeted system.<br /> <br /> The vulnerability occurs because the affected system improperly handles <em>libclimeta.so</em> filename arguments. An attacker could exploit this vulnerability by sending crafted filename arguments to the system. An exploit could allow the attacker to execute code on the system or cause a denial of service (DoS) condition.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe2</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1340 Thu, 14 Apr 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe2 Cisco Catalyst Switches Network Mobility Services Protocol Port Information Disclosure Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-nms?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Catalyst%20Switches%20Network%20Mobility%20Services%20Protocol%20Port%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Catalyst Switches Network Mobility Services Protocol Port Information Disclosure Vulnerability" border='0' height='0' width='0'></img>Cisco Catalyst Switches running Cisco IOS Software releases prior to 15.2(2)E1 may allow an unauthenticated, remote attacker to retrieve version information about the software release running on the device by accessing the Network Mobility Services Protocol (NMSP) port.<br /> <br /> The vulnerability is due to a failure to properly secure NMSP with authentication, which has been made standard in Cisco IOS Software releases 15.2(2)E1 and later. An attacker could exploit earlier software releases to map the network and gather information for further attacks.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-nms">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-nms</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Catalyst Switches Network Mobility Services Protocol Port Information Disclosure Vulnerability" border='0' height='0' width='0'></img>Cisco Catalyst Switches running Cisco IOS Software releases prior to 15.2(2)E1 may allow an unauthenticated, remote attacker to retrieve version information about the software release running on the device by accessing the Network Mobility Services Protocol (NMSP) port.<br /> <br /> The vulnerability is due to a failure to properly secure NMSP with authentication, which has been made standard in Cisco IOS Software releases 15.2(2)E1 and later. An attacker could exploit earlier software releases to map the network and gather information for further attacks.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-nms">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-nms</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1378 Wed, 13 Apr 2016 21:35:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-nms Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-ucs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Computing%20System%20Central%20Software%20Arbitrary%20Command%20Execution%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Unified Computing System (UCS) Central Software could allow an unauthenticated, remote attacker to execute arbitrary commands on a targeted system.<br /> <br /> The vulnerability is due to improper input validation by the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-ucs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-ucs</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Unified Computing System (UCS) Central Software could allow an unauthenticated, remote attacker to execute arbitrary commands on a targeted system.<br /> <br /> The vulnerability is due to improper input validation by the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-ucs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-ucs</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1352 Wed, 13 Apr 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-ucs Cisco Unity Connection Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-unity?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unity%20Connection%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unity Connection Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system.<br /> <br /> The vulnerability is due to insufficient input validation of certain parameters passed via HTTP GET or POST methods. An attacker who can convince a user to follow an attacker-supplied link could cause arbitrary script or HTML code to be executed on the user's browser in the context of the affected site.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-unity">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-unity</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unity Connection Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system.<br /> <br /> The vulnerability is due to insufficient input validation of certain parameters passed via HTTP GET or POST methods. An attacker who can convince a user to follow an attacker-supplied link could cause arbitrary script or HTML code to be executed on the user's browser in the context of the affected site.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-unity">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-unity</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1377 Tue, 12 Apr 2016 18:53:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-unity Cisco IP Interoperability and Collaboration System Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160407-cic?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IP%20Interoperability%20and%20Collaboration%20System%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IP Interoperability and Collaboration System Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework code of Cisco IP Interoperability and Collaboration System could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack.<br /> <br /> The vulnerability is due to insufficient XSS protections. An attacker could exploit this vulnerability by persuading a user of an affected system to follow a malicious link.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160407-cic">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160407-cic</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IP Interoperability and Collaboration System Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework code of Cisco IP Interoperability and Collaboration System could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack.<br /> <br /> The vulnerability is due to insufficient XSS protections. An attacker could exploit this vulnerability by persuading a user of an affected system to follow a malicious link.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160407-cic">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160407-cic</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1375 Thu, 07 Apr 2016 14:30:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160407-cic Vulnerability in GNU glibc Affecting Cisco Products: February 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Vulnerability%20in%20GNU%20glibc%20Affecting%20Cisco%20Products:%20February%202016&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Vulnerability in GNU glibc Affecting Cisco Products: February 2016" border='0' height='0' width='0'></img>On February 16, 2016, an industry-wide, critical vulnerability in the GNU C library (<em>glibc</em>) was publicly disclosed.<br /> <br /> Multiple Cisco products incorporate a version of <em>glibc </em>that may be&nbsp;affected by the vulnerability. The vulnerability could allow an unauthenticated, remote attacker to trigger a buffer overflow condition that may result in a denial of service (DoS) condition or allow the attacker to execute arbitrary code on an affected device.<br /> <br /> This advisory will be updated as additional information becomes available.<br /> <br /> Cisco will release software updates that address this vulnerability.<br /> <br /> Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Vulnerability in GNU glibc Affecting Cisco Products: February 2016" border='0' height='0' width='0'></img>On February 16, 2016, an industry-wide, critical vulnerability in the GNU C library (<em>glibc</em>) was publicly disclosed.<br /> <br /> Multiple Cisco products incorporate a version of <em>glibc </em>that may be&nbsp;affected by the vulnerability. The vulnerability could allow an unauthenticated, remote attacker to trigger a buffer overflow condition that may result in a denial of service (DoS) condition or allow the attacker to execute arbitrary code on an affected device.<br /> <br /> This advisory will be updated as additional information becomes available.<br /> <br /> Cisco will release software updates that address this vulnerability.<br /> <br /> Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2015-7547 Wed, 06 Apr 2016 20:45:52 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc Cisco IOS XR Software SCP and SFTP Modules Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20XR%20Software%20SCP%20and%20SFTP%20Modules%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XR Software SCP and SFTP Modules Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Secure Copy Protocol (SCP) and Secure FTP (SFTP) modules of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite system files and cause a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper setting of permissions on the filesystem&nbsp;for certain paths that include system files. An attacker could exploit this vulnerability by using either the SCP or SFTP client to overwrite system files on the affected device. An exploit could allow the attacker to overwrite system files and cause a DoS condition.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XR Software SCP and SFTP Modules Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Secure Copy Protocol (SCP) and Secure FTP (SFTP) modules of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite system files and cause a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper setting of permissions on the filesystem&nbsp;for certain paths that include system files. An attacker could exploit this vulnerability by using either the SCP or SFTP client to overwrite system files on the affected device. An exploit could allow the attacker to overwrite system files and cause a DoS condition.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1366 Wed, 06 Apr 2016 18:56:23 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs Cisco TelePresence Server Crafted IPv6 Packet Handling Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20TelePresence%20Server%20Crafted%20IPv6%20Packet%20Handling%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco TelePresence Server Crafted IPv6 Packet Handling Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco TelePresence Server devices running software versions 3.0 through 4.2(4.18) could allow an unauthenticated, remote attacker to cause a kernel panic on the device.<br /> <br /> The vulnerability exists due to a failure to properly handle a specially crafted stream of IPv6 packets. A successful exploit could allow an attacker to cause a kernel panic, rebooting the device.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco TelePresence Server Crafted IPv6 Packet Handling Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco TelePresence Server devices running software versions 3.0 through 4.2(4.18) could allow an unauthenticated, remote attacker to cause a kernel panic on the device.<br /> <br /> The vulnerability exists due to a failure to properly handle a specially crafted stream of IPv6 packets. A successful exploit could allow an attacker to cause a kernel panic, rebooting the device.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1346 Wed, 06 Apr 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Infrastructure%20and%20Evolved%20Programmable%20Network%20Manager%20Remote%20Code%20Execution%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /> <br /> The vulnerability is due to insufficient sanitization of HTTP user-supplied input. An attacker could exploit this vulnerability by sending an HTTP POST with crafted deserialized user data. An exploit could allow the attacker to execute arbitrary code with <em>root</em>-level privileges on the affected system, which could be used to conduct further attacks.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds are not available.<br /> <br /> This advisory is available at the following link: <br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode</a><br /> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /> <br /> The vulnerability is due to insufficient sanitization of HTTP user-supplied input. An attacker could exploit this vulnerability by sending an HTTP POST with crafted deserialized user data. An exploit could allow the attacker to execute arbitrary code with <em>root</em>-level privileges on the affected system, which could be used to conduct further attacks.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds are not available.<br /> <br /> This advisory is available at the following link: <br /> <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode</a><br /> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2016-1291 Wed, 06 Apr 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode Cisco TelePresence Server Malformed STUN Packet Processing Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20TelePresence%20Server%20Malformed%20STUN%20Packet%20Processing%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco TelePresence Server Malformed STUN Packet Processing Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco TelePresence Server devices running software version 3.1 could allow an unauthenticated, remote attacker to reload the device.<br /> <br /> The vulnerability exists due to a failure to properly process malformed Session Traversal Utilities for NAT (STUN) packets. An attacker could exploit this vulnerability by submitting malformed STUN packets to the device. If successful, the attacker could force the device to reload and drop all calls in the process.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco TelePresence Server Malformed STUN Packet Processing Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco TelePresence Server devices running software version 3.1 could allow an unauthenticated, remote attacker to reload the device.<br /> <br /> The vulnerability exists due to a failure to properly process malformed Session Traversal Utilities for NAT (STUN) packets. An attacker could exploit this vulnerability by submitting malformed STUN packets to the device. If successful, the attacker could force the device to reload and drop all calls in the process.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts2</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2015-6312 Wed, 06 Apr 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts2 Cisco TelePresence Server Crafted URL Handling Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20TelePresence%20Server%20Crafted%20URL%20Handling%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco TelePresence Server Crafted URL Handling Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco TelePresence Server devices running software versions 4.1(2.29) through 4.2(4.17) could allow an unauthenticated, remote attacker to cause the device to reload.<br /> &nbsp;<br /> The vulnerability exists due to a failure of the HTTP parsing engine to handle specially crafted URLs. An attacker could exploit this vulnerability by sending multiple URL requests to an affected device. The requests will eventually time out because negotiation from the client does not occur; however, each request consumes additional memory, resulting in memory exhaustion that causes the device to crash. If successful, the attacker could utilize all available memory resources, causing the device to reload.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco TelePresence Server Crafted URL Handling Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco TelePresence Server devices running software versions 4.1(2.29) through 4.2(4.17) could allow an unauthenticated, remote attacker to cause the device to reload.<br /> &nbsp;<br /> The vulnerability exists due to a failure of the HTTP parsing engine to handle specially crafted URLs. An attacker could exploit this vulnerability by sending multiple URL requests to an affected device. The requests will eventually time out because negotiation from the client does not occur; however, each request consumes additional memory, resulting in memory exhaustion that causes the device to crash. If successful, the attacker could utilize all available memory resources, causing the device to reload.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts1</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2015-6313 Wed, 06 Apr 2016 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts1