Cisco Security Advisory https://tools.cisco.com/security/center/psirtrss20/CiscoSecurityAdvisory.xml en-us 1992-2010 Cisco Systems, Inc. All rights reserved. Cisco Security Advisory Cisco Systems, Inc. 15 Cisco Advanced Malware Protection and Email Security Appliance Proxy Engine Security Bypass Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160211-esaamp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Advanced%20Malware%20Protection%20and%20Email%20Security%20Appliance%20Proxy%20Engine%20Security%20Bypass%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Advanced Malware Protection and Email Security Appliance Proxy Engine Security Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the proxy engine of the Cisco Advanced Malware Protection (AMP) and the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass security restrictions.<br /> &nbsp;<br /> The vulnerability is due to improper handling of malformed file methods. An attacker could exploit this vulnerability by encoding files within an email message. An exploit could allow the attacker to circumvent the AMP&rsquo;s or ESA&rsquo;s ability to prevent encoded files.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160211-esaamp">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160211-esaamp</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Advanced Malware Protection and Email Security Appliance Proxy Engine Security Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the proxy engine of the Cisco Advanced Malware Protection (AMP) and the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass security restrictions.<br /> &nbsp;<br /> The vulnerability is due to improper handling of malformed file methods. An attacker could exploit this vulnerability by encoding files within an email message. An exploit could allow the attacker to circumvent the AMP&rsquo;s or ESA&rsquo;s ability to prevent encoded files.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160211-esaamp">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160211-esaamp</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1315 Thu, 11 Feb 2016 14:27:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160211-esaamp Cisco Spark Representational State Transfer Interface Unauthorized Access Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Spark%20Representational%20State%20Transfer%20Interface%20Unauthorized%20Access%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Spark Representational State Transfer Interface Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Representational State Transfer (REST) interface of Cisco Spark could allow an unauthenticated, remote attacker to make changes to an affected system system.<br /> &nbsp;<br /> The vulnerability is due to improper implementation of authorization controls when accessing certain web pages of the application. An attacker could exploit this vulnerability by accessing the web pages and creating unauthorized user accounts.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Spark Representational State Transfer Interface Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Representational State Transfer (REST) interface of Cisco Spark could allow an unauthenticated, remote attacker to make changes to an affected system system.<br /> &nbsp;<br /> The vulnerability is due to improper implementation of authorization controls when accessing certain web pages of the application. An attacker could exploit this vulnerability by accessing the web pages and creating unauthorized user accounts.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1322 Wed, 10 Feb 2016 22:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp1 Cisco Spark Representational State Transfer Interface Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp3?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Spark%20Representational%20State%20Transfer%20Interface%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Spark Representational State Transfer Interface Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Representational State Transfer (REST) interface of Cisco Spark could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.<br /> &nbsp;<br /> The vulnerability is due to missing authorization checks on certain administrative pages. An attacker could exploit this vulnerability by using certain pages to deny service of specific resources.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp3">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp3</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Spark Representational State Transfer Interface Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Representational State Transfer (REST) interface of Cisco Spark could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.<br /> &nbsp;<br /> The vulnerability is due to missing authorization checks on certain administrative pages. An attacker could exploit this vulnerability by using certain pages to deny service of specific resources.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp3">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp3</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1324 Wed, 10 Feb 2016 22:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp3 Cisco Spark Representational State Transfer Interface Information Disclosure Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Spark%20Representational%20State%20Transfer%20Interface%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Spark Representational State Transfer Interface Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Representational State Transfer (REST) interface of Cisco Spark could allow an authenticated, remote attacker to view sensitive information from the underlying operating system.<br /> &nbsp;<br /> The vulnerability is due to insufficient protections of sensitive data. An attacker could exploit this vulnerability by accessing a specific file and reading the sensitive information.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Spark Representational State Transfer Interface Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Representational State Transfer (REST) interface of Cisco Spark could allow an authenticated, remote attacker to view sensitive information from the underlying operating system.<br /> &nbsp;<br /> The vulnerability is due to insufficient protections of sensitive data. An attacker could exploit this vulnerability by accessing a specific file and reading the sensitive information.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp2</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1323 Wed, 10 Feb 2016 22:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp2 Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ASA%20Software%20IKEv1%20and%20IKEv2%20Buffer%20Overflow%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. <br /> <br /> The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic.<br /> <br /> Cisco has released software updates that address this vulnerability. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. <br /> <br /> The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic.<br /> <br /> Cisco has released software updates that address this vulnerability. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2016-1287 Wed, 10 Feb 2016 16:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20(December%202015)%20Affecting%20Cisco%20Products&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products" border='0' height='0' width='0'></img>On December 3, 2015, the OpenSSL Project released a security advisory detailing five vulnerabilities.<br /> <br /> Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.&nbsp;<br /> <br /> This advisory will be updated as additional information becomes available.<br /> <br /> Cisco will release software updates that address these vulnerabilities.<br /> <br /> Workarounds that mitigate these vulnerabilities are not available.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products" border='0' height='0' width='0'></img>On December 3, 2015, the OpenSSL Project released a security advisory detailing five vulnerabilities.<br /> <br /> Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.&nbsp;<br /> <br /> This advisory will be updated as additional information becomes available.<br /> <br /> Cisco will release software updates that address these vulnerabilities.<br /> <br /> Workarounds that mitigate these vulnerabilities are not available.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2015-1794,CVE-2015-3193,CVE-2015-3194,CVE-2015-3195,CVE-2015-3196 Wed, 10 Feb 2016 13:16:30 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl Cisco Prime Collaboration Provisioning Local Privilege Escalation Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160209-pcp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Collaboration%20Provisioning%20Local%20Privilege%20Escalation%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Provisioning Local Privilege Escalation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the command-line interface (CLI) of the Cisco Prime Collaboration server could allow an authenticated, local attacker to access the underlying Linux operating system with the privileges of the <em>root </em>user. <br /> <br /> The vulnerability is due to insufficient sanitization of user-supplied input. An attacker could exploit this vulnerability by bypassing policy restrictions and executing commands on the underlying operating system. The user needs to log in to the device with valid administrator-level credentials.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160209-pcp">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160209-pcp</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Provisioning Local Privilege Escalation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the command-line interface (CLI) of the Cisco Prime Collaboration server could allow an authenticated, local attacker to access the underlying Linux operating system with the privileges of the <em>root </em>user. <br /> <br /> The vulnerability is due to insufficient sanitization of user-supplied input. An attacker could exploit this vulnerability by bypassing policy restrictions and executing commands on the underlying operating system. The user needs to log in to the device with valid administrator-level credentials.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160209-pcp">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160209-pcp</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1320 Tue, 09 Feb 2016 22:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160209-pcp Multiple Vulnerabilities in OpenSSL (January 2016) Affecting Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160129-openssl?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20(January%202016)%20Affecting%20Cisco%20Products&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL (January 2016) Affecting Cisco Products" border='0' height='0' width='0'></img>On January 28, 2016, the OpenSSL Project released a security advisory detailing two vulnerabilities.<br /> <br /> Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to&nbsp;conduct man-in-the-middle attacks on an SSL/TLS connection.<br /> <br /> This advisory will be updated as additional information becomes available.<br /> <br /> Cisco will release software updates that address these vulnerabilities.<br /> <br /> Workarounds that address these vulnerabilities are not available.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160129-openssl">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160129-openssl</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL (January 2016) Affecting Cisco Products" border='0' height='0' width='0'></img>On January 28, 2016, the OpenSSL Project released a security advisory detailing two vulnerabilities.<br /> <br /> Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to&nbsp;conduct man-in-the-middle attacks on an SSL/TLS connection.<br /> <br /> This advisory will be updated as additional information becomes available.<br /> <br /> Cisco will release software updates that address these vulnerabilities.<br /> <br /> Workarounds that address these vulnerabilities are not available.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160129-openssl">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160129-openssl</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2015-3197,CVE-2016-0701 Tue, 09 Feb 2016 14:19:52 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160129-openssl Cisco Application Policy Infrastructure Controller Enterprise Module Web Framework Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-apic?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Application%20Policy%20Infrastructure%20Controller%20Enterprise%20Module%20Web%20Framework%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application Policy Infrastructure Controller Enterprise Module Web Framework Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack.<br /> <br /> The vulnerability is due to insufficient input validation of user-submitted content. An attacker could exploit this vulnerability by disguising embedded malicious HTML code in the affected web page and convincing the user to access a page that uses variables to express the malicious code.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-apic">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-apic</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application Policy Infrastructure Controller Enterprise Module Web Framework Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack.<br /> <br /> The vulnerability is due to insufficient input validation of user-submitted content. An attacker could exploit this vulnerability by disguising embedded malicious HTML code in the affected web page and convincing the user to access a page that uses variables to express the malicious code.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-apic">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-apic</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1318 Mon, 08 Feb 2016 21:18:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-apic Cisco Video Communications Server Information Disclosure Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-vcs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Video%20Communications%20Server%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Video Communications Server Information Disclosure Vulnerability" border='0' height='0' width='0'></img>Cisco Video Communications Server (VCS), when utilized as part of a Jabber Guest deployment, contains an information disclosure vulnerability that could allow and unauthenticated, remote attacker to gain access to potentially sensitive information.<br /> <br /> The vulnerability exists due to a failure to properly protect an informational URL that contains aggregated call statistics. An attacker that knows the URL could submit a request to retrieve the page containing the information.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-vcs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-vcs</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Video Communications Server Information Disclosure Vulnerability" border='0' height='0' width='0'></img>Cisco Video Communications Server (VCS), when utilized as part of a Jabber Guest deployment, contains an information disclosure vulnerability that could allow and unauthenticated, remote attacker to gain access to potentially sensitive information.<br /> <br /> The vulnerability exists due to a failure to properly protect an informational URL that contains aggregated call statistics. An attacker that knows the URL could submit a request to retrieve the page containing the information.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-vcs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-vcs</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1316 Mon, 08 Feb 2016 21:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-vcs Cisco Unified Communications Manager Information Disclosure Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-201600208-ucm?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Communications%20Manager%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Information Disclosure Vulnerability " border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data.<br /> <br /> The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. An exploit could allow the attacker to view entity and table names.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-201600208-ucm">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-201600208-ucm</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Information Disclosure Vulnerability " border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data.<br /> <br /> The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. An exploit could allow the attacker to view entity and table names.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-201600208-ucm">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-201600208-ucm</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1317 Mon, 08 Feb 2016 14:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-201600208-ucm Cisco Unified Products Information Disclosure Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-ucm?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Products%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Products Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the key management feature of multiple Cisco Unified products could allow an unauthenticated, local attacker to read sensitive data.<br /> <br /> The vulnerability is due to an encryption key that can be read in plain text. An attacker could exploit this vulnerability by determining the key and decrypting certain data sets. An exploit could allow the attacker to read and disclose sensitive data.<br /> <br /> Cisco released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-ucm">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-ucm</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Products Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the key management feature of multiple Cisco Unified products could allow an unauthenticated, local attacker to read sensitive data.<br /> <br /> The vulnerability is due to an encryption key that can be read in plain text. An attacker could exploit this vulnerability by determining the key and decrypting certain data sets. An exploit could allow the attacker to read and disclose sensitive data.<br /> <br /> Cisco released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-ucm">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-ucm</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1319 Mon, 08 Feb 2016 14:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-ucm Cisco WebEx Meetings Server Multiple Cross-Site Scripting Vulnerabilities http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-wms?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20WebEx%20Meetings%20Server%20Multiple%20Cross-Site%20Scripting%20Vulnerabilities&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco WebEx Meetings Server Multiple Cross-Site Scripting Vulnerabilities" border='0' height='0' width='0'></img>A vulnerability in the web framework code of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. <br /> <br /> The vulnerability is due to insufficient input validation of some parameters passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting the malicious code. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-wms">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-wms</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco WebEx Meetings Server Multiple Cross-Site Scripting Vulnerabilities" border='0' height='0' width='0'></img>A vulnerability in the web framework code of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. <br /> <br /> The vulnerability is due to insufficient input validation of some parameters passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting the malicious code. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-wms">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-wms</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1309 Fri, 05 Feb 2016 14:42:07 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-wms Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20Network%20Time%20Protocol%20Daemon%20Affecting%20Cisco%20Products%20-%20January%202016&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016" border='0' height='0' width='0'></img>Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (NTP) server.<br /> <br /> On January 19th, 2016, NTP Consortium at Network Time Foundation released a security advisory detailing 12 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to shift a clients time. The vulnerabilities covered in this document are as follows:<br /> <ul> <li>CVE-2015-7973: Network Time Protocol Replay Attack on Authenticated Broadcast Mode Vulnerability </li> <li>CVE-2015-7974: Network Time Protocol Missing Trusted Key Check</li> <li>CVE-2015-7975: Standard Network Time Protocol Query Program nextvar() Missing Length Check</li> <li>CVE-2015-7976: Standard Network Time Protocol Query Program saveconfig Command Allows Dangerous Characters in Filenames</li> <li>CVE-2015-7978: Network Time Protocol Daemon reslist NULL Pointer Deference Denial of Service Vulnerability</li> <li>CVE-2015-7977: Network Time Protocol Stack Exhaustion Denial of Service</li> <li>CVE-2015-7979: Network Time Protocol Off-Path Broadcast Mode Denial of Service </li> <li>CVE-2015-8138: Network Time Protocol Zero Origin Timestamp Bypass</li> <li>CVE-2015-8139: Network Time Protocol Information Disclosure of Origin Timestamp</li> <li>CVE-2015-8140: Standard Network Time Protocol Query Program Replay Attack</li> <li>CVE-2015-8158: Standard and Special Network Time Protocol Query Program Infinite loop</li> </ul> Additional details on each of the vulnerabilities can be found in the official security advisory from the NTP Consortium at Network Time Foundation at the following link: <a href="http://nwtime.org/security-policy/">Security Notice</a><br /> <br /> Cisco has released software updates that address these vulnerabilities.<br /> <br /> Workarounds that address some of these vulnerabilities may be available. &nbsp;The workarounds will be made present where available in the corresponding Cisco bug for each affected product.&nbsp;<br /> <br /> This advisory is available at the following link:<br /> http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd <br /> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016" border='0' height='0' width='0'></img>Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (NTP) server.<br /> <br /> On January 19th, 2016, NTP Consortium at Network Time Foundation released a security advisory detailing 12 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to shift a clients time. The vulnerabilities covered in this document are as follows:<br /> <ul> <li>CVE-2015-7973: Network Time Protocol Replay Attack on Authenticated Broadcast Mode Vulnerability </li> <li>CVE-2015-7974: Network Time Protocol Missing Trusted Key Check</li> <li>CVE-2015-7975: Standard Network Time Protocol Query Program nextvar() Missing Length Check</li> <li>CVE-2015-7976: Standard Network Time Protocol Query Program saveconfig Command Allows Dangerous Characters in Filenames</li> <li>CVE-2015-7978: Network Time Protocol Daemon reslist NULL Pointer Deference Denial of Service Vulnerability</li> <li>CVE-2015-7977: Network Time Protocol Stack Exhaustion Denial of Service</li> <li>CVE-2015-7979: Network Time Protocol Off-Path Broadcast Mode Denial of Service </li> <li>CVE-2015-8138: Network Time Protocol Zero Origin Timestamp Bypass</li> <li>CVE-2015-8139: Network Time Protocol Information Disclosure of Origin Timestamp</li> <li>CVE-2015-8140: Standard Network Time Protocol Query Program Replay Attack</li> <li>CVE-2015-8158: Standard and Special Network Time Protocol Query Program Infinite loop</li> </ul> Additional details on each of the vulnerabilities can be found in the official security advisory from the NTP Consortium at Network Time Foundation at the following link: <a href="http://nwtime.org/security-policy/">Security Notice</a><br /> <br /> Cisco has released software updates that address these vulnerabilities.<br /> <br /> Workarounds that address some of these vulnerabilities may be available. &nbsp;The workarounds will be made present where available in the corresponding Cisco bug for each affected product.&nbsp;<br /> <br /> This advisory is available at the following link:<br /> http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd <br /> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2015-7973,CVE-2015-7974,CVE-2015-7975,CVE-2015-7976,CVE-2015-7977,CVE-2015-7978,CVE-2015-7979,CVE-2015-8138,CVE-2015-8139,CVE-2015-8140,CVE-2015-8158 Thu, 04 Feb 2016 14:55:35 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd Cisco Jabber STARTTLS Downgrade Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151224-jab?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Jabber%20STARTTLS%20Downgrade%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Jabber STARTTLS Downgrade Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco Jabber client could allow an unauthenticated, remote attacker to perform a STARTTLS downgrade attack. <br /> <br /> The vulnerability exists because the client does not verify that an Extensible Messaging and Presence Protocol (XMPP) connection has been established with Transport Layer Security (TLS). An attacker could exploit this vulnerability by performing a man-in-the-middle attack to tamper with the XMPP connection and avoid TLS negotiation. A successful exploit could allow the attacker to cause the client to establish a cleartext XMPP connection.<br /> <br /> Cisco will release software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151224-jab">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151224-jab</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Jabber STARTTLS Downgrade Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco Jabber client could allow an unauthenticated, remote attacker to perform a STARTTLS downgrade attack. <br /> <br /> The vulnerability exists because the client does not verify that an Extensible Messaging and Presence Protocol (XMPP) connection has been established with Transport Layer Security (TLS). An attacker could exploit this vulnerability by performing a man-in-the-middle attack to tamper with the XMPP connection and avoid TLS negotiation. A successful exploit could allow the attacker to cause the client to establish a cleartext XMPP connection.<br /> <br /> Cisco will release software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151224-jab">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151224-jab</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2015-6409 Wed, 03 Feb 2016 21:33:10 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151224-jab Cisco Adaptive Security Appliance Information Disclosure Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Appliance%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to access sensitive data, including the ASA Software version that is currently running on the appliance.<br /> <br /> The vulnerability occurs because the Cisco ASA does not sufficiently protect sensitive data during a Cisco AnyConnect client authentication attempt. An attacker could exploit the vulnerability by attempting to authenticate to the Cisco ASA with AnyConnect.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to access sensitive data, including the ASA Software version that is currently running on the appliance.<br /> <br /> The vulnerability occurs because the Cisco ASA does not sufficiently protect sensitive data during a Cisco AnyConnect client authentication attempt. An attacker could exploit the vulnerability by attempting to authenticate to the Cisco ASA with AnyConnect.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1295 Wed, 03 Feb 2016 20:58:51 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa Cisco Unity Connection Web Framework Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-uc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unity%20Connection%20Web%20Framework%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unity Connection Web Framework Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to execute a cross-site scripting (XSS) attack.<br /> &nbsp;<br /> The vulnerability is due to insufficient input validation of user-supplied input. An attacker could exploit this vulnerability by convincing a user to access a malicious link. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-uc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-uc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unity Connection Web Framework Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to execute a cross-site scripting (XSS) attack.<br /> &nbsp;<br /> The vulnerability is due to insufficient input validation of user-supplied input. An attacker could exploit this vulnerability by convincing a user to access a malicious link. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-uc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-uc</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1310 Wed, 03 Feb 2016 20:30:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-uc Cisco Jabber Guest Server HTTP Web-Based Management Interface Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-jgs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Jabber%20Guest%20Server%20HTTP%20Web-Based%20Management%20Interface%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Jabber Guest Server HTTP Web-Based Management Interface Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP web-based management interface of the Cisco Jabber Guest application could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface.<br /> <br /> The vulnerability is due to insufficient input validation of the HTTP host tag parameter. An attacker could exploit this vulnerability by convincing a user to click a specific link.<br /> <br /> Additional information about XSS attacks and potential mitigations is at the following links:<br /> <br /> <blockquote> <a href="http://www.cisco.com/en/US/products/cmb/cisco-amb-20060922-understanding-xss.html">Understanding Cross-Site Scripting Threat Vectors</a><br /> <a href="https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)">Cross-Site Scripting</a> </blockquote><br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-jgs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-jgs</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Jabber Guest Server HTTP Web-Based Management Interface Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP web-based management interface of the Cisco Jabber Guest application could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface.<br /> <br /> The vulnerability is due to insufficient input validation of the HTTP host tag parameter. An attacker could exploit this vulnerability by convincing a user to click a specific link.<br /> <br /> Additional information about XSS attacks and potential mitigations is at the following links:<br /> <br /> <blockquote> <a href="http://www.cisco.com/en/US/products/cmb/cisco-amb-20060922-understanding-xss.html">Understanding Cross-Site Scripting Threat Vectors</a><br /> <a href="https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)">Cross-Site Scripting</a> </blockquote><br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-jgs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-jgs</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1311 Wed, 03 Feb 2016 20:15:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-jgs Cisco Unified Communications Manager SQL Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-ucm?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Communications%20Manager%20SQL%20Injection%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager SQL Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco Unified Communications Manager SQL database interface could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries.<br /> <br /> The vulnerability is due to a lack of input validation on user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious SQL statements to the affected system. An exploit could allow the attacker to determine the presence of certain values in the database.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-ucm">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-ucm</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager SQL Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco Unified Communications Manager SQL database interface could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries.<br /> <br /> The vulnerability is due to a lack of input validation on user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious SQL statements to the affected system. An exploit could allow the attacker to determine the presence of certain values in the database.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-ucm">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-ucm</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1308 Wed, 03 Feb 2016 19:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-ucm Cisco Application Policy Infrastructure Controller Access Control Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Application%20Policy%20Infrastructure%20Controller%20Access%20Control%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application Policy Infrastructure Controller Access Control Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the role-based access control (RBAC) of the Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated remote user to make configuration changes outside of their configured access privileges. &nbsp;<br /> <br /> The vulnerability is due to eligibility logic in the RBAC processing code. An authenticated user could exploit this vulnerability by sending specially crafted representational state transfer (REST) requests to the APIC. An exploit could allow the authenticated user to make configuration changes to the APIC beyond the configured privilege for their role.<br /> <br /> Cisco has released software updates that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic</a><br /> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application Policy Infrastructure Controller Access Control Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the role-based access control (RBAC) of the Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated remote user to make configuration changes outside of their configured access privileges. &nbsp;<br /> <br /> The vulnerability is due to eligibility logic in the RBAC processing code. An authenticated user could exploit this vulnerability by sending specially crafted representational state transfer (REST) requests to the APIC. An exploit could allow the authenticated user to make configuration changes to the APIC beyond the configured privilege for their role.<br /> <br /> Cisco has released software updates that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic</a><br /> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1302 Wed, 03 Feb 2016 16:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic Cisco ASA-CX and Cisco Prime Security Manager Privilege Escalation Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-prsm?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ASA-CX%20and%20Cisco%20Prime%20Security%20Manager%20Privilege%20Escalation%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA-CX and Cisco Prime Security Manager Privilege Escalation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the role-based access control of Cisco ASA-CX and&nbsp;Cisco Prime Security Manager (PRSM) could allow an authenticated, remote attacker to change the password of any user on the system.<br /> <br /> The vulnerability exists because the password change request is not fully qualified. An authenticated attacker with a user role other than <em>Administrator </em>could exploit this vulnerability by sending a specially crafted HTTP request to the Cisco PRSM. An exploit could allow the attacker to change the password of any user on the system, including users with the <em>Administrator </em>role.<br /><br /> Cisco has released software updates that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-prsm">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-prsm</a><br /> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA-CX and Cisco Prime Security Manager Privilege Escalation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the role-based access control of Cisco ASA-CX and&nbsp;Cisco Prime Security Manager (PRSM) could allow an authenticated, remote attacker to change the password of any user on the system.<br /> <br /> The vulnerability exists because the password change request is not fully qualified. An authenticated attacker with a user role other than <em>Administrator </em>could exploit this vulnerability by sending a specially crafted HTTP request to the Cisco PRSM. An exploit could allow the attacker to change the password of any user on the system, including users with the <em>Administrator </em>role.<br /><br /> Cisco has released software updates that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-prsm">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-prsm</a><br /> <br/>Security Impact Rating: High <br/>CVE: CVE-2016-1301 Wed, 03 Feb 2016 16:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-prsm Cisco Nexus 9000 Series ACI Mode Switch ICMP Record Route Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-n9knci?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Nexus%209000%20Series%20ACI%20Mode%20Switch%20ICMP%20Record%20Route%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Nexus 9000 Series ACI Mode Switch ICMP Record Route Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the ICMP implementation in the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch could allow an unauthenticated, remote attacker to cause the switch to reload, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper handling of an ICMP packet with the IPv4 Type 7 option for record route. An attacker could exploit this vulnerability by sending an ICMP packet with the record route option to an interface on the affected switch. An exploit could allow the attacker to cause a DoS condition because the switch will reload each time the ICMP packet is received.<br /> <br /> Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-n9knci">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-n9knci</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Nexus 9000 Series ACI Mode Switch ICMP Record Route Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the ICMP implementation in the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch could allow an unauthenticated, remote attacker to cause the switch to reload, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper handling of an ICMP packet with the IPv4 Type 7 option for record route. An attacker could exploit this vulnerability by sending an ICMP packet with the record route option to an interface on the affected switch. An exploit could allow the attacker to cause a DoS condition because the switch will reload each time the ICMP packet is received.<br /> <br /> Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-n9knci">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-n9knci</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2015-6398 Wed, 03 Feb 2016 16:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-n9knci Cisco Finesse Desktop and Cisco Unified Contact Center Express Applications XMPP Unauthorized Access Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-fducce?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Finesse%20Desktop%20and%20Cisco%20Unified%20Contact%20Center%20Express%20Applications%20XMPP%20Unauthorized%20Access%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Finesse Desktop and Cisco Unified Contact Center Express Applications XMPP Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) in the Cisco Finesse Desktop and Cisco Unified Contact Center Express applications could allow an unauthenticated, remote attacker to log in to the device with a default account with a static password. This account provides nonadministrative access to the Openfire server bundled with the application.<br /> &nbsp;<br /> The vulnerability occurs because a default user account is created at installation and the account password cannot be changed. An attacker could exploit this vulnerability by logging in using XMPP to access the Openfire server using the default account. The attacker could log in using the default account and gain unauthorized access to the Openfire server, which allows sensitive data to be viewed and modified.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-fducce">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-fducce</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Finesse Desktop and Cisco Unified Contact Center Express Applications XMPP Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) in the Cisco Finesse Desktop and Cisco Unified Contact Center Express applications could allow an unauthenticated, remote attacker to log in to the device with a default account with a static password. This account provides nonadministrative access to the Openfire server bundled with the application.<br /> &nbsp;<br /> The vulnerability occurs because a default user account is created at installation and the account password cannot be changed. An attacker could exploit this vulnerability by logging in using XMPP to access the Openfire server using the default account. The attacker could log in using the default account and gain unauthorized access to the Openfire server, which allows sensitive data to be viewed and modified.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-fducce">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-fducce</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1307 Tue, 02 Feb 2016 17:32:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-fducce Vulnerability in Java Deserialization Affecting Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Vulnerability%20in%20Java%20Deserialization%20Affecting%20Cisco%20Products&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Vulnerability in Java Deserialization Affecting Cisco Products" border='0' height='0' width='0'></img>A vulnerability in the Java deserialization used by the Apache Commons Collections (ACC) library could allow an unauthenticated, remote attacker to execute arbitrary code.<br /> <br /> The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by submitting crafted input to an application on a targeted system that uses the ACC library. After the vulnerable library on the affected system deserializes the content, the attacker could execute arbitrary code on the system, which could be used to conduct further attacks.<br /> <br /> On November 6, 2015, Foxglove Security Group published information about a remote code execution vulnerability that affects multiple releases of the ACC library. The report contains detailed proof-of-concept code for a number of applications, including WebSphere Application Server, JBoss, Jenkins, OpenNMS, and WebLogic. This is a remotely exploitable vulnerability that allows an attacker to inject any malicious code or execute any commands that exist on the server. A wide range of potential impacts includes allowing the attacker to obtain sensitive information.<br /> <br /> Object serialization is a technique that many programming languages use to convert an object into a sequence of bits for transfer purposes. Deserialization is a technique that reassembles those bits back to an object. This vulnerability occurs in Java object serialization for network transport and object deserialization on the receiving side.<br /> <br /> Many applications accept serialized objects from the network without performing input validation checks before deserializing it. Crafted serialized objects can therefore lead to execution of arbitrary attacker code.<br /> <br /> Although the problem itself is in the serialization and deserialization functionality of the Java programming language, the ACC library is known to be affected by this vulnerability. Any application or application framework could be vulnerable if it uses the ACC library and deserializes arbitrary, user-supplied Java serialized data.<br /> <br /> Additional details about the vulnerability are available at the following links:<br /> <div><br /> </div> <a href="http://www.kb.cert.org/vuls/id/576313">Official Vulnerability Note from CERT</a><br /> <a href="http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/">Foxglove Security</a><br /> <a href="https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread">Apache Commons Statement</a><br /> <a href="https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852">Oracle Security Alert</a><br /> <div><br /> </div> Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Vulnerability in Java Deserialization Affecting Cisco Products" border='0' height='0' width='0'></img>A vulnerability in the Java deserialization used by the Apache Commons Collections (ACC) library could allow an unauthenticated, remote attacker to execute arbitrary code.<br /> <br /> The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by submitting crafted input to an application on a targeted system that uses the ACC library. After the vulnerable library on the affected system deserializes the content, the attacker could execute arbitrary code on the system, which could be used to conduct further attacks.<br /> <br /> On November 6, 2015, Foxglove Security Group published information about a remote code execution vulnerability that affects multiple releases of the ACC library. The report contains detailed proof-of-concept code for a number of applications, including WebSphere Application Server, JBoss, Jenkins, OpenNMS, and WebLogic. This is a remotely exploitable vulnerability that allows an attacker to inject any malicious code or execute any commands that exist on the server. A wide range of potential impacts includes allowing the attacker to obtain sensitive information.<br /> <br /> Object serialization is a technique that many programming languages use to convert an object into a sequence of bits for transfer purposes. Deserialization is a technique that reassembles those bits back to an object. This vulnerability occurs in Java object serialization for network transport and object deserialization on the receiving side.<br /> <br /> Many applications accept serialized objects from the network without performing input validation checks before deserializing it. Crafted serialized objects can therefore lead to execution of arbitrary attacker code.<br /> <br /> Although the problem itself is in the serialization and deserialization functionality of the Java programming language, the ACC library is known to be affected by this vulnerability. Any application or application framework could be vulnerable if it uses the ACC library and deserializes arbitrary, user-supplied Java serialized data.<br /> <br /> Additional details about the vulnerability are available at the following links:<br /> <div><br /> </div> <a href="http://www.kb.cert.org/vuls/id/576313">Official Vulnerability Note from CERT</a><br /> <a href="http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/">Foxglove Security</a><br /> <a href="https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread">Apache Commons Statement</a><br /> <a href="https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852">Oracle Security Alert</a><br /> <div><br /> </div> Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2015-6420 Tue, 02 Feb 2016 14:52:21 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization Cisco Application Policy Infrastructure Controller Enterprise Module Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-apic-em?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Application%20Policy%20Infrastructure%20Controller%20Enterprise%20Module%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application Policy Infrastructure Controller Enterprise Module Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an unauthenticated, remote attacker to execute a cross-site scripting (XSS) attack.<br /> &nbsp;<br /> The vulnerability is due to insufficient sanitization of HTML entities returned to the end user. An attacker could exploit this vulnerability by convincing a user to access a malicious link. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-apic-em">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-apic-em</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application Policy Infrastructure Controller Enterprise Module Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an unauthenticated, remote attacker to execute a cross-site scripting (XSS) attack.<br /> &nbsp;<br /> The vulnerability is due to insufficient sanitization of HTML entities returned to the end user. An attacker could exploit this vulnerability by convincing a user to access a malicious link. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-apic-em">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-apic-em</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1305 Mon, 01 Feb 2016 21:27:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-apic-em Cisco Fog Director Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-fd?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Fog%20Director%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Fog Director Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco Fog Director web framework could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software.<br /> <br /> The vulnerability is due to insufficient input validation for some of the parameters that are passed to the web server. An attacker could exploit this vulnerability by persuading a user to follow a malicious link or by intercepting and injecting malicious code into a user request. A successful exploit could allow the attacker to execute arbitrary script in the context of the affected site or access sensitive browser-based information.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-fd">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-fd</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Fog Director Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco Fog Director web framework could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software.<br /> <br /> The vulnerability is due to insufficient input validation for some of the parameters that are passed to the web server. An attacker could exploit this vulnerability by persuading a user to follow a malicious link or by intercepting and injecting malicious code into a user request. A successful exploit could allow the attacker to execute arbitrary script in the context of the affected site or access sensitive browser-based information.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-fd">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-fd</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1306 Mon, 01 Feb 2016 10:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-fd Cisco Small Business 500 Series Switches Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160128-sbs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Small%20Business%20500%20Series%20Switches%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Small Business 500 Series Switches Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based GUI of the Cisco Small Business 500 Series Stackable Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.<br /> <br /> The vulnerability is due to insufficient handling of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160128-sbs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160128-sbs</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Small Business 500 Series Switches Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based GUI of the Cisco Small Business 500 Series Stackable Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.<br /> <br /> The vulnerability is due to insufficient handling of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160128-sbs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160128-sbs</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1303 Thu, 28 Jan 2016 21:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160128-sbs Cisco Unity Connection User Search Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160128-uc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unity%20Connection%20User%20Search%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unity Connection User Search Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected system's web interface.<br /> <br /> The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click on a specific link.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160128-uc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160128-uc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unity Connection User Search Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected system's web interface.<br /> <br /> The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click on a specific link.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160128-uc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160128-uc</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1304 Thu, 28 Jan 2016 21:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160128-uc Cisco Unified Computing System Manager and Cisco Firepower 9000 Remote Command Execution Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-ucsm?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Computing%20System%20Manager%20and%20Cisco%20Firepower%209000%20Remote%20Command%20Execution%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Computing System Manager and Cisco Firepower 9000 Remote Command Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in a CGI script in the Cisco Unified Computing System (UCS) Manager and the Cisco Firepower 9000 Series appliance could allow an unauthenticated, remote attacker to execute arbitrary commands on the Cisco UCS Manager or the Cisco Firepower 9000 Series appliance.<br /> <br /> The vulnerability is due to unprotected calling of shell commands in the CGI script. An attacker could exploit this vulnerability by sending a crafted HTTP request to the Cisco UCS Manager or the Cisco Firepower 9000 Series appliance. An exploit could allow the attacker to execute arbitrary commands on the Cisco UCS Manager or the Cisco Firepower 9000 Series appliance.<br /> <br /> Cisco has released software updates that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-ucsm">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-ucsm</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Computing System Manager and Cisco Firepower 9000 Remote Command Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in a CGI script in the Cisco Unified Computing System (UCS) Manager and the Cisco Firepower 9000 Series appliance could allow an unauthenticated, remote attacker to execute arbitrary commands on the Cisco UCS Manager or the Cisco Firepower 9000 Series appliance.<br /> <br /> The vulnerability is due to unprotected calling of shell commands in the CGI script. An attacker could exploit this vulnerability by sending a crafted HTTP request to the Cisco UCS Manager or the Cisco Firepower 9000 Series appliance. An exploit could allow the attacker to execute arbitrary commands on the Cisco UCS Manager or the Cisco Firepower 9000 Series appliance.<br /> <br /> Cisco has released software updates that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-ucsm">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-ucsm</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2015-6435 Wed, 27 Jan 2016 20:05:05 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-ucsm Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20ntpd%20Affecting%20Cisco%20Products%20-%20October%202015&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015" border='0' height='0' width='0'></img>Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server.<br /> <br /> On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows:&nbsp;<br /> <ul> <li>CVE-2015-7691 -&nbsp;Denial of Service AutoKey Malicious Message</li> <li>CVE-2015-7692 -&nbsp;Denial of Service AutoKey Malicious Message</li> <li>CVE-2015-7701 - Denial of Service CRYPTO_ASSOC Memory Leak</li> <li>CVE-2015-7702 - Denial of Service AutoKey Malicious Message</li> <li>CVE-2015-7703 - Configuration Directive File Overwrite Vulnerability</li> <li>CVE-2015-7704 -&nbsp;Denial of Service by Spoofed Kiss-o'-Death</li> <li>CVE-2015-7705 -&nbsp;Denial of Service by Priming the Pump</li> <li>CVE-2015-7848 -&nbsp;Network Time Protocol ntpd Multiple Integer Overflow Read Access Violations</li> <li>CVE-2015-7849 -&nbsp;Network Time Protocol Trusted Keys Memory Corruption Vulnerability</li> <li>CVE-2015-7850 -&nbsp;Network Time Protocol Remote Configuration Denial of Service Vulnerability</li> <li>CVE-2015-7851 -&nbsp;Network Time Protocol ntpd saveconfig Directory Traversal Vulnerability</li> <li>CVE-2015-7852 -&nbsp;Network Time Protocol ntpq atoascii Memory Corruption Vulnerability</li> <li>CVE-2015-7853 -&nbsp;Network Time Protocol Reference Clock Memory Corruption Vulnerability</li> <li>CVE-2015-7854 -&nbsp;Network Time Protocol Password Length Memory Corruption Vulnerability</li> <li>CVE-2015-7855 - Denial of Service Long Control Packet Message&nbsp;</li> <li>CVE-2015-7871 -&nbsp;NAK to the Future: NTP Symmetric Association Authentication Bypass Vulnerability</li> </ul> Additional details on each of the vulnerabilities can be found at the following links:<br /> <br /> Official Security Advisory from ntp.org: <a href="http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities">Security Notice</a><br /> Boston University:&nbsp;<a href="http://www.cs.bu.edu/~goldbe/NTPattack.html">Attacking the Network Time Protocol</a><br /> Cisco TALOS: <a href="http://talosintel.com/vulnerability-reports/">TALOS Vulnerability Reports</a><br /> <br /> Cisco will release software updates that address these vulnerabilities.<br /> <br /> Workarounds that mitigate one or more of the vulnerabilities may be available for certain products, please see the individual Cisco Bug IDs for details.&nbsp;<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015" border='0' height='0' width='0'></img>Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server.<br /> <br /> On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows:&nbsp;<br /> <ul> <li>CVE-2015-7691 -&nbsp;Denial of Service AutoKey Malicious Message</li> <li>CVE-2015-7692 -&nbsp;Denial of Service AutoKey Malicious Message</li> <li>CVE-2015-7701 - Denial of Service CRYPTO_ASSOC Memory Leak</li> <li>CVE-2015-7702 - Denial of Service AutoKey Malicious Message</li> <li>CVE-2015-7703 - Configuration Directive File Overwrite Vulnerability</li> <li>CVE-2015-7704 -&nbsp;Denial of Service by Spoofed Kiss-o'-Death</li> <li>CVE-2015-7705 -&nbsp;Denial of Service by Priming the Pump</li> <li>CVE-2015-7848 -&nbsp;Network Time Protocol ntpd Multiple Integer Overflow Read Access Violations</li> <li>CVE-2015-7849 -&nbsp;Network Time Protocol Trusted Keys Memory Corruption Vulnerability</li> <li>CVE-2015-7850 -&nbsp;Network Time Protocol Remote Configuration Denial of Service Vulnerability</li> <li>CVE-2015-7851 -&nbsp;Network Time Protocol ntpd saveconfig Directory Traversal Vulnerability</li> <li>CVE-2015-7852 -&nbsp;Network Time Protocol ntpq atoascii Memory Corruption Vulnerability</li> <li>CVE-2015-7853 -&nbsp;Network Time Protocol Reference Clock Memory Corruption Vulnerability</li> <li>CVE-2015-7854 -&nbsp;Network Time Protocol Password Length Memory Corruption Vulnerability</li> <li>CVE-2015-7855 - Denial of Service Long Control Packet Message&nbsp;</li> <li>CVE-2015-7871 -&nbsp;NAK to the Future: NTP Symmetric Association Authentication Bypass Vulnerability</li> </ul> Additional details on each of the vulnerabilities can be found at the following links:<br /> <br /> Official Security Advisory from ntp.org: <a href="http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities">Security Notice</a><br /> Boston University:&nbsp;<a href="http://www.cs.bu.edu/~goldbe/NTPattack.html">Attacking the Network Time Protocol</a><br /> Cisco TALOS: <a href="http://talosintel.com/vulnerability-reports/">TALOS Vulnerability Reports</a><br /> <br /> Cisco will release software updates that address these vulnerabilities.<br /> <br /> Workarounds that mitigate one or more of the vulnerabilities may be available for certain products, please see the individual Cisco Bug IDs for details.&nbsp;<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2015-7691,CVE-2015-7692,CVE-2015-7701,CVE-2015-7702,CVE-2015-7703,CVE-2015-7704,CVE-2015-7705,CVE-2015-7848,CVE-2015-7849,CVE-2015-7850,CVE-2015-7851,CVE-2015-7852,CVE-2015-7853,CVE-2015-7854,CVE-2015-7855,CVE-2015-7871 Wed, 27 Jan 2016 19:20:38 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp Cisco Unity Connection Web Framework Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-uc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unity%20Connection%20Web%20Framework%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unity Connection Web Framework Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Unity Connection (UC) could allow an unauthenticated, remote attacker to execute a cross-site scripting (XSS) attack.<br /> <br /> The vulnerability is due to insufficient input validation of user-supplied input. An attacker could exploit this vulnerability by convincing a user to access a malicious link. Successful exploitation could allow the attacker to execute arbitrary script code in the context of the affected site.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-uc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-uc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unity Connection Web Framework Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of Cisco Unity Connection (UC) could allow an unauthenticated, remote attacker to execute a cross-site scripting (XSS) attack.<br /> <br /> The vulnerability is due to insufficient input validation of user-supplied input. An attacker could exploit this vulnerability by convincing a user to access a malicious link. Successful exploitation could allow the attacker to execute arbitrary script code in the context of the affected site.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-uc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-uc</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1300 Wed, 27 Jan 2016 17:21:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-uc Cisco RV220W Management Authentication Bypass Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20RV220W%20Management%20Authentication%20Bypass%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco RV220W Management Authentication Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco&nbsp;RV220W Wireless Network Security Firewall devices could allow an unauthenticated, remote attacker to bypass authentication and gain administrative privileges on a targeted device.<br /> <br /> The vulnerability is due to insufficient input validation of HTTP request headers that are sent to the web-based management interface of an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted HTTP request that contains malicious SQL statements to the management interface of a targeted device. Depending on whether remote management is configured for the device, the management interface may use the SQL code in the HTTP request header to determine user privileges for the device. A successful exploit could allow the attacker to bypass authentication on the management interface and gain administrative privileges on the device.<br /> Cisco released a firmware update that addresses this vulnerability. There are workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <p> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220</a></p> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco RV220W Management Authentication Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco&nbsp;RV220W Wireless Network Security Firewall devices could allow an unauthenticated, remote attacker to bypass authentication and gain administrative privileges on a targeted device.<br /> <br /> The vulnerability is due to insufficient input validation of HTTP request headers that are sent to the web-based management interface of an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted HTTP request that contains malicious SQL statements to the management interface of a targeted device. Depending on whether remote management is configured for the device, the management interface may use the SQL code in the HTTP request header to determine user privileges for the device. A successful exploit could allow the attacker to bypass authentication on the management interface and gain administrative privileges on the device.<br /> Cisco released a firmware update that addresses this vulnerability. There are workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <p> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220</a></p> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2015-6319 Wed, 27 Jan 2016 16:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220 Cisco Wide Area Application Service CIFS Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Wide%20Area%20Application%20Service%20CIFS%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Wide Area Application Service CIFS Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Common Internet File System (CIFS) optimization feature of the Cisco Wide Area Application Service (WAAS) device could allow an unauthenticated, remote attacker&nbsp;to perform a resource consumption attack which, could result in a complete denial of service (DoS) condition.<br /> &nbsp;<br /> The vulnerability is due to insufficient flow handling of incoming CIFS traffic. An attacker could exploit this vulnerability by sending malicious traffic designed to trigger the vulnerability. An exploit could allow the attacker to cause a DoS condition by exhausting system buffering resources, resulting in a reload of the affected device.<br /> <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Wide Area Application Service CIFS Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Common Internet File System (CIFS) optimization feature of the Cisco Wide Area Application Service (WAAS) device could allow an unauthenticated, remote attacker&nbsp;to perform a resource consumption attack which, could result in a complete denial of service (DoS) condition.<br /> &nbsp;<br /> The vulnerability is due to insufficient flow handling of incoming CIFS traffic. An attacker could exploit this vulnerability by sending malicious traffic designed to trigger the vulnerability. An exploit could allow the attacker to cause a DoS condition by exhausting system buffering resources, resulting in a reload of the affected device.<br /> <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2015-6421 Wed, 27 Jan 2016 16:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs Cisco Small Business SG300 Managed Switch Web Framework GUI Function Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-sbms?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Small%20Business%20SG300%20Managed%20Switch%20Web%20Framework%20GUI%20Function%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Small Business SG300 Managed Switch Web Framework GUI Function Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the GUI function in the web framework code of Cisco Small Business SG300 Managed Switches could allow an unauthenticated, remote attacker to cause the HTTPS process to become unresponsive, resulting in a partial denial of service (DoS) condition.<br /> &nbsp;<br /> The vulnerability is due to improper handling, processing, and termination of HTTPS connections. An attacker could exploit this vulnerability by sending crafted HTTPS requests to management-enabled interfaces of an affected system.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-sbms">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-sbms</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Small Business SG300 Managed Switch Web Framework GUI Function Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the GUI function in the web framework code of Cisco Small Business SG300 Managed Switches could allow an unauthenticated, remote attacker to cause the HTTPS process to become unresponsive, resulting in a partial denial of service (DoS) condition.<br /> &nbsp;<br /> The vulnerability is due to improper handling, processing, and termination of HTTPS connections. An attacker could exploit this vulnerability by sending crafted HTTPS requests to management-enabled interfaces of an affected system.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-sbms">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-sbms</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1299 Wed, 27 Jan 2016 09:30:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-sbms Cisco Residential Gateway Devices Cross-Site Request Forgery Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151208-gateway?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Residential%20Gateway%20Devices%20Cross-Site%20Request%20Forgery%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Residential Gateway Devices Cross-Site Request Forgery Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Model DPQ3925 8x4 DOCSIS 3.0 Wireless Residential Gateway with Embedded Digital Voice Adapter (EDVA) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface.<br /> &nbsp;<br /> The vulnerability is due to insufficient CSRF protections. An attacker could exploit this vulnerability by convincing the user of the affected system to follow a malicious link or visit an attacker-controlled website. A successful exploit could allow an attacker to submit arbitrary requests to the affected device via the affected web browser with the privileges of the user.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This vulnerability was reported to Cisco by Chris Watts of Tech Analysis. Cisco would like to thank him for reporting this vulnerability to Cisco PSIRT.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151208-gateway">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151208-gateway</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Residential Gateway Devices Cross-Site Request Forgery Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Model DPQ3925 8x4 DOCSIS 3.0 Wireless Residential Gateway with Embedded Digital Voice Adapter (EDVA) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface.<br /> &nbsp;<br /> The vulnerability is due to insufficient CSRF protections. An attacker could exploit this vulnerability by convincing the user of the affected system to follow a malicious link or visit an attacker-controlled website. A successful exploit could allow an attacker to submit arbitrary requests to the affected device via the affected web browser with the privileges of the user.<br /> <br /> Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This vulnerability was reported to Cisco by Chris Watts of Tech Analysis. Cisco would like to thank him for reporting this vulnerability to Cisco PSIRT.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151208-gateway">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151208-gateway</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2015-6378 Mon, 25 Jan 2016 20:04:44 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151208-gateway Cisco Model DPQ3925 Wireless Residential Gateway Information Disclosure Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151217-gateway?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Model%20DPQ3925%20Wireless%20Residential%20Gateway%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Model DPQ3925 Wireless Residential Gateway Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP server on the Cisco Model DPQ3925 8x4 DOCSIS 3.0 Wireless Residential Gateway with Embedded Digital Voice Adapter (EDVA) could allow an unauthenticated, remote attacker to access sensitive information located on the device.<br /> <br /> The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to access sensitive information from the device.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. <br /> <br /> <span style="background-color: #e6e6e6;">This vulnerability was reported to Cisco by Chris Watts of Tech Analysis. Cisco would like to thank him for reporting this issue to Cisco PSIRT.</span><br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151217-gateway">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151217-gateway</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Model DPQ3925 Wireless Residential Gateway Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP server on the Cisco Model DPQ3925 8x4 DOCSIS 3.0 Wireless Residential Gateway with Embedded Digital Voice Adapter (EDVA) could allow an unauthenticated, remote attacker to access sensitive information located on the device.<br /> <br /> The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to access sensitive information from the device.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. <br /> <br /> <span style="background-color: #e6e6e6;">This vulnerability was reported to Cisco by Chris Watts of Tech Analysis. Cisco would like to thank him for reporting this issue to Cisco PSIRT.</span><br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151217-gateway">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151217-gateway</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2015-6428 Mon, 25 Jan 2016 17:10:16 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151217-gateway Cisco Application Policy Infrastructure Controller Enterprise Module SNMP Hostname Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-api?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Application%20Policy%20Infrastructure%20Controller%20Enterprise%20Module%20SNMP%20Hostname%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application Policy Infrastructure Controller Enterprise Module SNMP Hostname Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Simple Network Management Protocol (SNMP) query process of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack.<br /> <br /> The vulnerability is due to insufficient sanitization of user-supplied input by the affected software. An attacker could exploit this vulnerability by having a device send a malicious hostname response to an SNMP request that is sent by the affected software. A successful exploit could allow the attacker to execute arbitrary code in the context of the affected site and access sensitive browser-based information.<br /> <br /> Cisco has not released updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-api">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-api</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Application Policy Infrastructure Controller Enterprise Module SNMP Hostname Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Simple Network Management Protocol (SNMP) query process of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack.<br /> <br /> The vulnerability is due to insufficient sanitization of user-supplied input by the affected software. An attacker could exploit this vulnerability by having a device send a malicious hostname response to an SNMP request that is sent by the affected software. A successful exploit could allow the attacker to execute arbitrary code in the context of the affected site and access sensitive browser-based information.<br /> <br /> Cisco has not released updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-api">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-api</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2015-6337 Mon, 25 Jan 2016 14:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-api Cisco Unified Contact Center Express Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-ucce?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Contact%20Center%20Express%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Contact Center Express Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP web-based management interface of the Cisco Unified Contact Center Express could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected system. This vulnerability applies to all Permanent Web Links (permalinks) accessible from the web interface.<br /> &nbsp;<br /> The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click on a specific link.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-ucce">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-ucce</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Contact Center Express Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the HTTP web-based management interface of the Cisco Unified Contact Center Express could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected system. This vulnerability applies to all Permanent Web Links (permalinks) accessible from the web interface.<br /> &nbsp;<br /> The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click on a specific link.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-ucce">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-ucce</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1298 Mon, 25 Jan 2016 00:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-ucce Multiple Cisco Products Confidential Information Decryption Man-in-the-Middle Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Cisco%20Products%20Confidential%20Information%20Decryption%20Man-in-the-Middle%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Cisco Products Confidential Information Decryption Man-in-the-Middle Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the cryptographic implementation of multiple Cisco products could allow an unauthenticated, remote attacker to make use of hard-coded certificate and keys embedded within the firmware of the affected device.<br /> <br /> The vulnerability is due to the lack of unique key and certificate generation within affected appliances. An attacker could exploit this vulnerability by using the static information to conduct man-in-the-middle attacks to decrypt confidential information on user connections.<br /> <br /> This is an attack on the client attempting to access the device and does not compromise the device itself. To exploit the issue, an attacker needs not only the public and private key pair but also a privileged position in the network that would allow him or her to&nbsp; monitor the traffic between client and server, intercept the traffic, and modify or inject its own traffic. There are no workarounds that address this vulnerability. <br /> <br /> Cisco has not released software updates that address this vulnerability.&nbsp; <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Cisco Products Confidential Information Decryption Man-in-the-Middle Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the cryptographic implementation of multiple Cisco products could allow an unauthenticated, remote attacker to make use of hard-coded certificate and keys embedded within the firmware of the affected device.<br /> <br /> The vulnerability is due to the lack of unique key and certificate generation within affected appliances. An attacker could exploit this vulnerability by using the static information to conduct man-in-the-middle attacks to decrypt confidential information on user connections.<br /> <br /> This is an attack on the client attempting to access the device and does not compromise the device itself. To exploit the issue, an attacker needs not only the public and private key pair but also a privileged position in the network that would allow him or her to&nbsp; monitor the traffic between client and server, intercept the traffic, and modify or inject its own traffic. There are no workarounds that address this vulnerability. <br /> <br /> Cisco has not released software updates that address this vulnerability.&nbsp; <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2015-6358 Thu, 21 Jan 2016 19:17:10 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci Cisco Modular Encoding Platform D9036 Software Default Credentials Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-d9036?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Modular%20Encoding%20Platform%20D9036%20Software%20Default%20Credentials%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Modular Encoding Platform D9036 Software Default Credentials Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco Modular Encoding Platform D9036 Software could allow an unauthenticated, remote attacker to log in to the system shell with the privileges of the <em>root </em>user. <br /> &nbsp;<br /> The vulnerability occurs because the <em>root </em>user has a default and static password. This account is created at installation and cannot be changed or deleted without impacting the functionality of the system. An attacker could exploit this vulnerability by remotely connecting to the affected system via SSH using this account. Successful exploitation could allow the attacker to access the system with the privileges of the <em>root </em>user.<br /> <br /> In addition to the <em class="moz-txt-slash"><span class="moz-txt-tag"></span>root<span class="moz-txt-tag"></span></em> user, the <em class="moz-txt-slash"><span class="moz-txt-tag"></span>guest<span class="moz-txt-tag"></span></em> user account also has a default and static password. The <em class="moz-txt-slash"><span class="moz-txt-tag"></span>guest<span class="moz-txt-tag"></span></em> account is created at installation and cannot be changed or deleted without impacting the functionality of the system. However, this account has limited privileges on the system.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-d9036">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-d9036</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Modular Encoding Platform D9036 Software Default Credentials Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco Modular Encoding Platform D9036 Software could allow an unauthenticated, remote attacker to log in to the system shell with the privileges of the <em>root </em>user. <br /> &nbsp;<br /> The vulnerability occurs because the <em>root </em>user has a default and static password. This account is created at installation and cannot be changed or deleted without impacting the functionality of the system. An attacker could exploit this vulnerability by remotely connecting to the affected system via SSH using this account. Successful exploitation could allow the attacker to access the system with the privileges of the <em>root </em>user.<br /> <br /> In addition to the <em class="moz-txt-slash"><span class="moz-txt-tag"></span>root<span class="moz-txt-tag"></span></em> user, the <em class="moz-txt-slash"><span class="moz-txt-tag"></span>guest<span class="moz-txt-tag"></span></em> user account also has a default and static password. The <em class="moz-txt-slash"><span class="moz-txt-tag"></span>guest<span class="moz-txt-tag"></span></em> account is created at installation and cannot be changed or deleted without impacting the functionality of the system. However, this account has limited privileges on the system.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-d9036">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-d9036</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2015-6412 Wed, 20 Jan 2016 16:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-d9036 Cisco Adaptive Security Appliance Non-DCERPC Traffic Bypass Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160111-asa?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Appliance%20Non-DCERPC%20Traffic%20Bypass%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance Non-DCERPC Traffic Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Distributed Computing Environment/Remote Procedure Calls (DCERPC) Inspection feature of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to send traffic that is not DCERPC between hosts configured only for DCERPC inspection. The DCERPC traffic should be allowed only on TCP port 135.<br /> <br /> The vulnerability is due to an internal access control list (ACL), which is used to allow DCERPC traffic but is incorrectly programmed to allow all traffic types and not restricted to DCERPC TCP port 135. An attacker could exploit this vulnerability by sending non-DCERPC traffic between hosts configured for DCERPC inspection that would normally be dropped. An exploit could allow the attacker to access hosts that should normally be restricted through the ASA.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160111-asa">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160111-asa</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Adaptive Security Appliance Non-DCERPC Traffic Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Distributed Computing Environment/Remote Procedure Calls (DCERPC) Inspection feature of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to send traffic that is not DCERPC between hosts configured only for DCERPC inspection. The DCERPC traffic should be allowed only on TCP port 135.<br /> <br /> The vulnerability is due to an internal access control list (ACL), which is used to allow DCERPC traffic but is incorrectly programmed to allow all traffic types and not restricted to DCERPC TCP port 135. An attacker could exploit this vulnerability by sending non-DCERPC traffic between hosts configured for DCERPC inspection that would normally be dropped. An exploit could allow the attacker to access hosts that should normally be restricted through the ASA.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160111-asa">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160111-asa</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2015-6423 Wed, 20 Jan 2016 15:42:34 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160111-asa Cisco Identity Services Engine Unauthorized Access Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Identity%20Services%20Engine%20Unauthorized%20Access%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Identity Services Engine Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>Cisco Identity Services Engine versions prior to 2.0 contain a vulnerability that could allow a low-privileged authenticated, remote attacker to access specific web resources that are designed to be accessed only by higher-privileged administrative users.<br /> <br /> The vulnerability occurs because specific types of web resources are not correctly filtered for administrative users with different privileges. An attacker could exploit this vulnerability by authenticating at a low-privileged account and then accessing the web resources directly. An exploit could allow the attacker to access web pages that are reserved for higher-privileged administrative users.<br /> <br /> Cisco has released software updates that address these vulnerabilities. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Identity Services Engine Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>Cisco Identity Services Engine versions prior to 2.0 contain a vulnerability that could allow a low-privileged authenticated, remote attacker to access specific web resources that are designed to be accessed only by higher-privileged administrative users.<br /> <br /> The vulnerability occurs because specific types of web resources are not correctly filtered for administrative users with different privileges. An attacker could exploit this vulnerability by authenticating at a low-privileged account and then accessing the web resources directly. An exploit could allow the attacker to access web pages that are reserved for higher-privileged administrative users.<br /> <br /> Cisco has released software updates that address these vulnerabilities. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise2">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise2</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2015-6317 Tue, 19 Jan 2016 14:43:31 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise2 Cisco Web Security Appliance Security Bypass Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160119-wsa?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Web%20Security%20Appliance%20Security%20Bypass%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance Security Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the proxy engine of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass security restrictions.<br /> &nbsp;<br /> The vulnerability is due to improper handling of malformed HTTP methods. An attacker could exploit this vulnerability by crafting an improper HTTP method. A successful exploit could allow the attacker to circumvent WSA functionality that prevents proxied network traffic.<br /> <br /> Cisco released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160119-wsa">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160119-wsa</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Web Security Appliance Security Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the proxy engine of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass security restrictions.<br /> &nbsp;<br /> The vulnerability is due to improper handling of malformed HTTP methods. An attacker could exploit this vulnerability by crafting an improper HTTP method. A successful exploit could allow the attacker to circumvent WSA functionality that prevents proxied network traffic.<br /> <br /> Cisco released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160119-wsa">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160119-wsa</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1296 Tue, 19 Jan 2016 08:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160119-wsa Cisco FireSIGHT Management Center DOM-Based Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-fmc1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20FireSIGHT%20Management%20Center%20DOM-Based%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco FireSIGHT Management Center DOM-Based Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>Cisco FireSIGHT Management Center (MC) contains a DOM-based cross-site scripting vulnerability (XSS) in the management page. An unauthenticated, remote attacker could persuade a user to perform a malicious action, allowing the attacker to perform a XSS attack.<br /> <br /> The vulnerability is due to mishandling of certain attributes that are processed in cookies passed as part of a request. A successful exploit could allow the attacker to execute arbitrary script or HTML code on the user's browser in the context of the affected site.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-fmc1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-fmc1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco FireSIGHT Management Center DOM-Based Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>Cisco FireSIGHT Management Center (MC) contains a DOM-based cross-site scripting vulnerability (XSS) in the management page. An unauthenticated, remote attacker could persuade a user to perform a malicious action, allowing the attacker to perform a XSS attack.<br /> <br /> The vulnerability is due to mishandling of certain attributes that are processed in cookies passed as part of a request. A successful exploit could allow the attacker to execute arbitrary script or HTML code on the user's browser in the context of the affected site.<br /> <br /> Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-fmc1">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-fmc1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1294 Fri, 15 Jan 2016 20:38:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-fmc1 Cisco FireSIGHT Management Center Stored Cross-Site Scripting Vulnerabilities http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-FireSIGHT?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20FireSIGHT%20Management%20Center%20Stored%20Cross-Site%20Scripting%20Vulnerabilities&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco FireSIGHT Management Center Stored Cross-Site Scripting Vulnerabilities" border='0' height='0' width='0'></img>Multiple vulnerabilities in the web framework of Cisco FireSIGHT Management Center could allow an unauthenticated, remote attacker to execute a stored cross-site scripting (XSS) attack against a user of the Cisco FireSIGHT Management Center web interface.<br /> &nbsp;<br /> The vulnerabilities are due to improper sanitization of parameter values. An attacker could exploit these vulnerabilities by injecting malicious code into an affected parameter and persuading a user to access a web page that requires reading or executing the parameter.<br /> <br /> Cisco released software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-FireSIGHT">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-FireSIGHT</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco FireSIGHT Management Center Stored Cross-Site Scripting Vulnerabilities" border='0' height='0' width='0'></img>Multiple vulnerabilities in the web framework of Cisco FireSIGHT Management Center could allow an unauthenticated, remote attacker to execute a stored cross-site scripting (XSS) attack against a user of the Cisco FireSIGHT Management Center web interface.<br /> &nbsp;<br /> The vulnerabilities are due to improper sanitization of parameter values. An attacker could exploit these vulnerabilities by injecting malicious code into an affected parameter and persuading a user to access a web page that requires reading or executing the parameter.<br /> <br /> Cisco released software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities. <br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-FireSIGHT">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-FireSIGHT</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-1293 Fri, 15 Jan 2016 11:00:00 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-FireSIGHT Cisco IOS XR Software OSPF Link State Advertisement PCE Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160104-iosxr?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20XR%20Software%20OSPF%20Link%20State%20Advertisement%20PCE%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XR Software OSPF Link State Advertisement PCE Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Open Shortest Path First (OSPF) Link State Advertisement (LSA) handling by Cisco&nbsp;IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br /> &nbsp;<br /> The vulnerability is due to the number of OSPF Path Computation Elements (PCEs) that are configured for an OSPF LSA opaque area update. An attacker could exploit this vulnerability by sending a crafted OSPF LSA update to an affected device that is running the vulnerable software and OSPF configuration. A successful exploit could allow the attacker to cause a DoS condition due to the OSPF process restarting when the crafted OSPF LSA update is received.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160104-iosxr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160104-iosxr</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XR Software OSPF Link State Advertisement PCE Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Open Shortest Path First (OSPF) Link State Advertisement (LSA) handling by Cisco&nbsp;IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br /> &nbsp;<br /> The vulnerability is due to the number of OSPF Path Computation Elements (PCEs) that are configured for an OSPF LSA opaque area update. An attacker could exploit this vulnerability by sending a crafted OSPF LSA update to an affected device that is running the vulnerable software and OSPF configuration. A successful exploit could allow the attacker to cause a DoS condition due to the OSPF process restarting when the crafted OSPF LSA update is received.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.<br /> <br /> This advisory is available at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160104-iosxr">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160104-iosxr</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2015-6432 Thu, 14 Jan 2016 21:39:16 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160104-iosxr Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20and%20IOS%20XE%20Software%20IPv6%20First%20Hop%20Security%20Denial%20of%20Service%20Vulnerabilities&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities" border='0' height='0' width='0'></img>Two vulnerabilities in the IPv6 first hop security feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.<br /> <br /> Cisco has released software updates that address these vulnerabilities. There are no workarounds to mitigate these vulnerabilities. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs</a><br /> <br /> <span id="ctl00_MainBodyContainer_DgFields_ctl02_lblField"><strong>Note:</strong> The September 23, 2015, release of the Cisco IOS and IOS XE Software Security Advisory bundled publication includes three Cisco Security Advisories. All the advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in <em>Cisco Event Response: September 2015 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication</em> at the following link: <p><a href="http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep15.html">http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep15.html</a></p> </span> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities" border='0' height='0' width='0'></img>Two vulnerabilities in the IPv6 first hop security feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.<br /> <br /> Cisco has released software updates that address these vulnerabilities. There are no workarounds to mitigate these vulnerabilities. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs</a><br /> <br /> <span id="ctl00_MainBodyContainer_DgFields_ctl02_lblField"><strong>Note:</strong> The September 23, 2015, release of the Cisco IOS and IOS XE Software Security Advisory bundled publication includes three Cisco Security Advisories. All the advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in <em>Cisco Event Response: September 2015 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication</em> at the following link: <p><a href="http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep15.html">http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep15.html</a></p> </span> <br/>Security Impact Rating: High <br/>CVE: CVE-2015-6278,CVE-2015-6279 Thu, 14 Jan 2016 17:29:51 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs Cisco IOS Software Virtual Routing and Forwarding ICMP Queue Wedge Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20Software%20Virtual%20Routing%20and%20Forwarding%20ICMP%20Queue%20Wedge%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS Software Virtual Routing and Forwarding ICMP Queue Wedge Vulnerability" border='0' height='0' width='0'></img>A vulnerability within the virtual routing and forwarding (VRF) subsystem of Cisco IOS software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to a failure to properly process malicious ICMP version 4 (ICMPv4) messages received on a VRF-enabled interface. An attacker could exploit this vulnerability by submitting ICMPv4 messages designed to trigger the vulnerability on an affected device. When the ICMPv4 messages are processed, the packet queue of the affected interface may not be cleared, leading to a queue wedge. When a wedge occurs, the affected device will stop processing any additional packets received on the wedged interface.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge</a><br /> <br /> <span id="ctl00_MainBodyContainer_DgFields_ctl02_lblField"><strong>Note:</strong> The March 25, 2015, Cisco IOS &amp; XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in <em>Cisco Event Response: Semiannual Cisco IOS &amp; XE Software Security Advisory Bundled Publication</em> at the following link: <p><a href="http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html">http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html</a></p> </span> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS Software Virtual Routing and Forwarding ICMP Queue Wedge Vulnerability" border='0' height='0' width='0'></img>A vulnerability within the virtual routing and forwarding (VRF) subsystem of Cisco IOS software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to a failure to properly process malicious ICMP version 4 (ICMPv4) messages received on a VRF-enabled interface. An attacker could exploit this vulnerability by submitting ICMPv4 messages designed to trigger the vulnerability on an affected device. When the ICMPv4 messages are processed, the packet queue of the affected interface may not be cleared, leading to a queue wedge. When a wedge occurs, the affected device will stop processing any additional packets received on the wedged interface.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge</a><br /> <br /> <span id="ctl00_MainBodyContainer_DgFields_ctl02_lblField"><strong>Note:</strong> The March 25, 2015, Cisco IOS &amp; XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in <em>Cisco Event Response: Semiannual Cisco IOS &amp; XE Software Security Advisory Bundled Publication</em> at the following link: <p><a href="http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html">http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html</a></p> </span> <br/>Security Impact Rating: High <br/>CVE: CVE-2015-0638 Thu, 14 Jan 2016 17:27:10 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20Software%20and%20IOS%20XE%20Software%20TCP%20Packet%20Memory%20Leak%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the TCP input module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak and eventual reload of the affected device.<br /> <br /> The vulnerability is due to improper handling of certain crafted packet sequences used in establishing a TCP three-way handshake. An attacker could exploit this vulnerability by sending a crafted sequence of TCP packets while establishing a three-way handshake. A successful exploit could allow the attacker to cause a memory leak and eventual reload of the affected device.<br /> <br /> There are no workarounds for this vulnerability.<br /> <br /> Cisco has released software updates that address this vulnerability. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak</a><br /> <br /> <span id="ctl00_MainBodyContainer_DgFields_ctl02_lblField"><strong>Note:</strong> The March 25, 2015, Cisco IOS &amp; XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in <em>Cisco Event Response: Semiannual Cisco IOS &amp; XE Software Security Advisory Bundled Publication</em> at the following link: <p><a href="http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html">http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html</a></p> </span> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the TCP input module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak and eventual reload of the affected device.<br /> <br /> The vulnerability is due to improper handling of certain crafted packet sequences used in establishing a TCP three-way handshake. An attacker could exploit this vulnerability by sending a crafted sequence of TCP packets while establishing a three-way handshake. A successful exploit could allow the attacker to cause a memory leak and eventual reload of the affected device.<br /> <br /> There are no workarounds for this vulnerability.<br /> <br /> Cisco has released software updates that address this vulnerability. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak</a><br /> <br /> <span id="ctl00_MainBodyContainer_DgFields_ctl02_lblField"><strong>Note:</strong> The March 25, 2015, Cisco IOS &amp; XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in <em>Cisco Event Response: Semiannual Cisco IOS &amp; XE Software Security Advisory Bundled Publication</em> at the following link: <p><a href="http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html">http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html</a></p> </span> <br/>Security Impact Rating: High <br/>CVE: CVE-2015-0646 Thu, 14 Jan 2016 17:24:39 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak Cisco IOS Software and IOS XE Software mDNS Gateway Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-mdns?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20Software%20and%20IOS%20XE%20Software%20mDNS%20Gateway%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS Software and IOS XE Software mDNS Gateway Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the multicast DNS (mDNS) gateway function of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to reload the vulnerable device.<br /> <br /> The vulnerability is due to improper validation of mDNS packets. An attacker could exploit this vulnerability by sending malformed IP version 4 (IPv4) or IP version 6 (IPv6) packets on UDP port 5353. An exploit could allow the attacker to cause a denial of service (DoS) condition.<br /> <br /> Cisco has released software updates that address this vulnerability. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-mdns">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-mdns</a>wo<br /> <br /> <span id="ctl00_MainBodyContainer_DgFields_ctl02_lblField"><strong>Note:</strong> The March 25, 2015, Cisco IOS &amp; XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in <em>Cisco Event Response: Semiannual Cisco IOS &amp; XE Software Security Advisory Bundled Publication</em> at the following link: <p><a href="http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html">http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html</a></p> </span> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS Software and IOS XE Software mDNS Gateway Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the multicast DNS (mDNS) gateway function of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to reload the vulnerable device.<br /> <br /> The vulnerability is due to improper validation of mDNS packets. An attacker could exploit this vulnerability by sending malformed IP version 4 (IPv4) or IP version 6 (IPv6) packets on UDP port 5353. An exploit could allow the attacker to cause a denial of service (DoS) condition.<br /> <br /> Cisco has released software updates that address this vulnerability. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-mdns">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-mdns</a>wo<br /> <br /> <span id="ctl00_MainBodyContainer_DgFields_ctl02_lblField"><strong>Note:</strong> The March 25, 2015, Cisco IOS &amp; XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in <em>Cisco Event Response: Semiannual Cisco IOS &amp; XE Software Security Advisory Bundled Publication</em> at the following link: <p><a href="http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html">http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html</a></p> </span> <br/>Security Impact Rating: High <br/>CVE: CVE-2015-0650 Thu, 14 Jan 2016 17:22:43 PST http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-mdns