Cisco Security Advisory https://tools.cisco.com/security/center/psirtrss20/CiscoSecurityAdvisory.xml en-us 1992-2010 Cisco Systems, Inc. All rights reserved. Cisco Security Advisory Cisco Systems, Inc. 15 Cisco TelePresence IX5000 Series Directory Traversal Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-telepresence-ix5000?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20TelePresence%20IX5000%20Series%20Directory%20Traversal%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco TelePresence IX5000 Series Directory Traversal Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitrary files on an affected device.<br /> <br /> The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using directory traversal techniques to read files within the Cisco TelePresence IX5000 Series filesystem.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-telepresence-ix5000">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-telepresence-ix5000</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco TelePresence IX5000 Series Directory Traversal Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitrary files on an affected device.<br /> <br /> The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using directory traversal techniques to read files within the Cisco TelePresence IX5000 Series filesystem.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-telepresence-ix5000">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-telepresence-ix5000</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-6652 Thu, 18 May 2017 17:04:13 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-telepresence-ix5000 Cisco Policy Suite Privilege Escalation Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Policy%20Suite%20Privilege%20Escalation%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Policy Suite Privilege Escalation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in a script file that is installed as part of the Cisco Policy Suite (CPS) Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to <em>root</em>.<br /> <br /> The vulnerability is due to incorrect <em>sudoers </em>permissions on the script file. An attacker could exploit this vulnerability by authenticating to the device and providing crafted user input at the CLI, using this script file to escalate their privilege level and execute commands as <em>root</em>. A successful exploit could allow the attacker to acquire <em>root-level</em> privileges and take full control of the appliance. The user has to be logged-in to the device with valid credentials for a specific set of users.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Policy Suite Privilege Escalation Vulnerability" border='0' height='0' width='0'></img>A vulnerability in a script file that is installed as part of the Cisco Policy Suite (CPS) Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to <em>root</em>.<br /> <br /> The vulnerability is due to incorrect <em>sudoers </em>permissions on the script file. An attacker could exploit this vulnerability by authenticating to the device and providing crafted user input at the CLI, using this script file to escalate their privilege level and execute commands as <em>root</em>. A successful exploit could allow the attacker to acquire <em>root-level</em> privileges and take full control of the appliance. The user has to be logged-in to the device with valid credentials for a specific set of users.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-6623 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps Cisco UCS C-Series Rack Servers TCP Port Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucsc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20UCS%20C-Series%20Rack%20Servers%20TCP%20Port%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco UCS C-Series Rack Servers TCP Port Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the TCP throttling process of Cisco&nbsp;UCS C-Series Rack Servers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.<br /> <br /> The vulnerability is due to insufficient rate-limiting protection. An attacker could exploit this vulnerability by sending a high rate of TCP SYN packets to a specific TCP listening port on an affected device. An exploit could allow the attacker to cause a specific TCP listening port to stop accepting new connections, resulting in a DoS condition.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucsc">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucsc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco UCS C-Series Rack Servers TCP Port Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the TCP throttling process of Cisco&nbsp;UCS C-Series Rack Servers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.<br /> <br /> The vulnerability is due to insufficient rate-limiting protection. An attacker could exploit this vulnerability by sending a high rate of TCP SYN packets to a specific TCP listening port on an affected device. An exploit could allow the attacker to cause a specific TCP listening port to stop accepting new connections, resulting in a DoS condition.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucsc">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucsc</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6633 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucsc Cisco Unified Communications Manager Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucm?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Communications%20Manager%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco&nbsp;Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting&nbsp;(XSS) attack against a user of the web-based management interface of an affected device.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.<br /> <br /> For additional information about XSS attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin <a href="https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss">Understanding Cross-Site Scripting (XSS) Threat Vectors</a> and the OWASP reference page <a href="https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)">Cross-site Scripting (XSS)</a>.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucm">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucm</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based management interface of Cisco&nbsp;Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting&nbsp;(XSS) attack against a user of the web-based management interface of an affected device.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.<br /> <br /> For additional information about XSS attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin <a href="https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss">Understanding Cross-Site Scripting (XSS) Threat Vectors</a> and the OWASP reference page <a href="https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)">Cross-site Scripting (XSS)</a>.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucm">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucm</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6654 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucm Cisco IP Phone 8851 Session Initiation Protocol Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-sip?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IP%20Phone%208851%20Session%20Initiation%20Protocol%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IP Phone 8851 Session Initiation Protocol Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Session Initiation Protocol (SIP) implementation of Cisco&nbsp;IP Phone 8851 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to an abnormal SIP message. An attacker could exploit this vulnerability by manipulating the CANCEL packet. An exploit could allow the attacker to cause a disruption of service to the phone.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-sip">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-sip</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IP Phone 8851 Session Initiation Protocol Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Session Initiation Protocol (SIP) implementation of Cisco&nbsp;IP Phone 8851 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to an abnormal SIP message. An attacker could exploit this vulnerability by manipulating the CANCEL packet. An exploit could allow the attacker to cause a disruption of service to the phone.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-sip">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-sip</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6630 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-sip Cisco Remote Expert Manager Temporary File Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem7?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Remote%20Expert%20Manager%20Temporary%20File%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Remote Expert Manager Temporary File Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.<br /> <br /> The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem7">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem7</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Remote Expert Manager Temporary File Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.<br /> <br /> The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem7">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem7</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6647 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem7 Cisco Remote Expert Manager Order Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem6?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Remote%20Expert%20Manager%20Order%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Remote Expert Manager Order Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.<br /> <br /> The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem6">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem6</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Remote Expert Manager Order Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.<br /> <br /> The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem6">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem6</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6646 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem6 Cisco Remote Expert Manager Virtual Temporary Directory Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem5?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Remote%20Expert%20Manager%20Virtual%20Temporary%20Directory%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Remote Expert Manager Virtual Temporary Directory Information Disclosure Vulnerability " border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.<br /> <br /> The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem5">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem5</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Remote Expert Manager Virtual Temporary Directory Information Disclosure Vulnerability " border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.<br /> <br /> The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem5">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem5</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6645 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem5 Cisco Remote Expert Manager Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem4?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Remote%20Expert%20Manager%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Remote Expert Manager Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. <br /> <br /> The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem4">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem4</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Remote Expert Manager Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. <br /> <br /> The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem4">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem4</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6644 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem4 Cisco Remote Expert Manager Virtual Directory Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem3?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Remote%20Expert%20Manager%20Virtual%20Directory%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Remote Expert Manager Virtual Directory Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. <br /> <br /> The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem3">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem3</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Remote Expert Manager Virtual Directory Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. <br /> <br /> The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem3">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem3</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6643 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem3 Cisco Remote Expert Manager Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Remote%20Expert%20Manager%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Remote Expert Manager Information Disclosure Vulnerability " border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. <br /> <br /> The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Remote Expert Manager Information Disclosure Vulnerability " border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. <br /> <br /> The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem2</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6642 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem2 Cisco Remote Expert Manager Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Remote%20Expert%20Manager%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Remote Expert Manager Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the TCP connection handling functionality of Cisco&nbsp;Remote Expert Manager Software could allow an unauthenticated, remote attacker to disable TCP ports and cause a denial of service&nbsp;(DoS) condition on an affected system.<br /> <br /> The vulnerability is due to a lack of rate-limiting functionality in the TCP Listen application of the affected software. An attacker could exploit this vulnerability by sending a crafted TCP traffic stream in which specific types of TCP packets are flooded to an affected device, for example a TCP packet stream in which the TCP FIN bit is set in all the TCP packets. A successful exploit could allow the attacker to cause certain TCP listening ports on the affected system to stop accepting incoming connections for a period of time or until the affected device is restarted, resulting in a DoS condition. In addition, system resources, such as CPU and memory, could be exhausted during the attack.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Remote Expert Manager Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the TCP connection handling functionality of Cisco&nbsp;Remote Expert Manager Software could allow an unauthenticated, remote attacker to disable TCP ports and cause a denial of service&nbsp;(DoS) condition on an affected system.<br /> <br /> The vulnerability is due to a lack of rate-limiting functionality in the TCP Listen application of the affected software. An attacker could exploit this vulnerability by sending a crafted TCP traffic stream in which specific types of TCP packets are flooded to an affected device, for example a TCP packet stream in which the TCP FIN bit is set in all the TCP packets. A successful exploit could allow the attacker to cause certain TCP listening ports on the affected system to stop accepting incoming connections for a period of time or until the affected device is restarted, resulting in a DoS condition. In addition, system resources, such as CPU and memory, could be exhausted during the attack.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6641 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem1 Cisco Prime Collaboration Provisioning Directory Traversal Arbitrary File Deletion Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp5?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Collaboration%20Provisioning%20Directory%20Traversal%20Arbitrary%20File%20Deletion%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Provisioning Directory Traversal Arbitrary File Deletion Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to delete any file from an affected system.<br /> <br /> The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls&nbsp;(RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to delete any file from the system.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp5">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp5</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Provisioning Directory Traversal Arbitrary File Deletion Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to delete any file from an affected system.<br /> <br /> The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls&nbsp;(RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to delete any file from the system.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp5">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp5</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6637 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp5 Cisco Prime Collaboration Provisioning Directory Traversal Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp4?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Collaboration%20Provisioning%20Directory%20Traversal%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Provisioning Directory Traversal Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to view any file on an affected system.<br /> <br /> The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to view any file on the system.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp4">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp4</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Provisioning Directory Traversal Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to view any file on an affected system.<br /> <br /> The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to view any file on the system.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp4">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp4</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6636 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp4 Cisco Prime Collaboration Provisioning Directory Traversal Arbitrary File Deletion Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp3?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Collaboration%20Provisioning%20Directory%20Traversal%20Arbitrary%20File%20Deletion%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Provisioning Directory Traversal Arbitrary File Deletion Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to delete any file from an affected system.<br /> <br /> The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls&nbsp;(RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to delete any file from the system.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp3">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp3</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Provisioning Directory Traversal Arbitrary File Deletion Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco&nbsp;Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to delete any file from an affected system.<br /> <br /> The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls&nbsp;(RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to delete any file from the system.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp3">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp3</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6635 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp3 Cisco Prime Collaboration Provisioning Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Collaboration%20Provisioning%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Provisioning Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> The vulnerability is due to insufficient protection of sensitive data when responding to an HTTP request on the web interface. An attacker could exploit the vulnerability by sending a crafted HTTP request to the application to access specific system files. An exploit could allow the attacker to obtain sensitive information about the application which could include user credentials.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Provisioning Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks.<br /> <br /> The vulnerability is due to insufficient protection of sensitive data when responding to an HTTP request on the web interface. An attacker could exploit the vulnerability by sending a crafted HTTP request to the application to access specific system files. An exploit could allow the attacker to obtain sensitive information about the application which could include user credentials.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp2</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-6621 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp2 Cisco Prime Collaboration Provisioning Authentication Bypass Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Collaboration%20Provisioning%20Authentication%20Bypass%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Provisioning Authentication Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with <em>root </em>privileges.<br /> <br /> The vulnerability is due to missing security constraints in certain HTTP request methods, which could allow access to files via the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. An exploit could allow the attacker to bypass authentication and perform command injection in Cisco Prime Collaboration Provisioning with <em>root</em> privileges.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Prime Collaboration Provisioning Authentication Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with <em>root </em>privileges.<br /> <br /> The vulnerability is due to missing security constraints in certain HTTP request methods, which could allow access to files via the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. An exploit could allow the attacker to bypass authentication and perform command injection in Cisco Prime Collaboration Provisioning with <em>root</em> privileges.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2017-6622 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1 Cisco Nexus 5000 Series Switches Telnet CLI Command Injection Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Nexus%205000%20Series%20Switches%20Telnet%20CLI%20Command%20Injection%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Nexus 5000 Series Switches Telnet CLI Command Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Telnet CLI command of Cisco NX-OS System Software running on Cisco Nexus 5000 Series Switches could allow an authenticated, local attacker to perform a command injection attack.<br /> <br /> The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into the Telnet CLI command. An exploit could allow the attacker to read or write arbitrary files at the user&rsquo;s privilege level outside of the user&rsquo;s path.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Nexus 5000 Series Switches Telnet CLI Command Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Telnet CLI command of Cisco NX-OS System Software running on Cisco Nexus 5000 Series Switches could allow an authenticated, local attacker to perform a command injection attack.<br /> <br /> The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into the Telnet CLI command. An exploit could allow the attacker to read or write arbitrary files at the user&rsquo;s privilege level outside of the user&rsquo;s path.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6650 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss1 Cisco Nexus 5000 Series Switches CLI Command Injection Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Nexus%205000%20Series%20Switches%20CLI%20Command%20Injection%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Nexus 5000 Series Switches CLI Command Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the CLI of Cisco NX-OS System Software running on Cisco Nexus 5000 Series Switches could allow an authenticated, local attacker to perform a command injection attack.<br /> <br /> The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command. An exploit could allow the attacker to read or write arbitrary files at the user&rsquo;s privilege level outside of the user&rsquo;s path.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Nexus 5000 Series Switches CLI Command Injection Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the CLI of Cisco NX-OS System Software running on Cisco Nexus 5000 Series Switches could allow an authenticated, local attacker to perform a command injection attack.<br /> <br /> The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command. An exploit could allow the attacker to read or write arbitrary files at the user&rsquo;s privilege level outside of the user&rsquo;s path.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6649 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss Cisco Identity Services Engine GUI Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ise?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Identity%20Services%20Engine%20GUI%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Identity Services Engine GUI Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device where the ISE GUI may fail to respond to new or established connection requests.<br /> <br /> The vulnerability is due to insufficient TCP rate limiting protection on the GUI. An attacker could exploit this vulnerability by sending the affected device a high rate of TCP connections to the GUI. An exploit could allow the attacker to cause the GUI to stop responding while the high rate of connections is in progress.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ise">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ise</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Identity Services Engine GUI Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device where the ISE GUI may fail to respond to new or established connection requests.<br /> <br /> The vulnerability is due to insufficient TCP rate limiting protection on the GUI. An attacker could exploit this vulnerability by sending the affected device a high rate of TCP connections to the GUI. An exploit could allow the attacker to cause the GUI to stop responding while the high rate of connections is in progress.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ise">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ise</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6653 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ise Cisco Industrial Ethernet 1000 Series Switches Device Manager Cross-Site Request Forgery Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ie1000csrf?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Industrial%20Ethernet%201000%20Series%20Switches%20Device%20Manager%20Cross-Site%20Request%20Forgery%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Industrial Ethernet 1000 Series Switches Device Manager Cross-Site Request Forgery Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Device Manager web interface of Cisco&nbsp;Industrial Ethernet 1000 Series Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery&nbsp;(CSRF) attack against a user of an affected system. <br /> <br /> The vulnerability is due to insufficient CSRF protection by the Device Manager web interface. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link or visit an attacker-controlled website. A successful exploit could allow the attacker to submit arbitrary requests to an affected device via the Device Manager web interface and with the privileges of the user.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ie1000csrf">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ie1000csrf</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Industrial Ethernet 1000 Series Switches Device Manager Cross-Site Request Forgery Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Device Manager web interface of Cisco&nbsp;Industrial Ethernet 1000 Series Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery&nbsp;(CSRF) attack against a user of an affected system. <br /> <br /> The vulnerability is due to insufficient CSRF protection by the Device Manager web interface. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link or visit an attacker-controlled website. A successful exploit could allow the attacker to submit arbitrary requests to an affected device via the Device Manager web interface and with the privileges of the user.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ie1000csrf">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ie1000csrf</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6634 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ie1000csrf Cisco FirePOWER System Software SSL Logging Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20FirePOWER%20System%20Software%20SSL%20Logging%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco FirePOWER System Software SSL Logging Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the logging configuration of Secure Sockets Layer&nbsp;(SSL) policies for Cisco&nbsp;FirePOWER System Software could allow an unauthenticated, remote attacker to cause a denial of service&nbsp;(DoS) condition due to high consumption of system resources.<br /> <br /> The vulnerability is due to the logging of certain TCP packets by the affected software. An attacker could exploit this vulnerability by sending a flood of crafted TCP packets to an affected device. A successful exploit could allow the attacker to cause a DoS condition. The success of an exploit is dependent on how an administrator has configured logging for SSL policies for a device.<br /> <br /> There are workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco FirePOWER System Software SSL Logging Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the logging configuration of Secure Sockets Layer&nbsp;(SSL) policies for Cisco&nbsp;FirePOWER System Software could allow an unauthenticated, remote attacker to cause a denial of service&nbsp;(DoS) condition due to high consumption of system resources.<br /> <br /> The vulnerability is due to the logging of certain TCP packets by the affected software. An attacker could exploit this vulnerability by sending a flood of crafted TCP packets to an affected device. A successful exploit could allow the attacker to cause a DoS condition. The success of an exploit is dependent on how an administrator has configured logging for SSL policies for a device.<br /> <br /> There are workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6632 Wed, 17 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr Cisco Snort++ Protocol Decoder Denial of Service Vulnerabilities https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170515-snort?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Snort++%20Protocol%20Decoder%20Denial%20of%20Service%20Vulnerabilities&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Snort++ Protocol Decoder Denial of Service Vulnerabilities" border='0' height='0' width='0'></img>Two vulnerabilities in the protocol decoders of Snort++ (Snort 3) could allow an unauthenticated, remote attacker to create a Denial of Service (DoS) condition.<br /> <br /> The vulnerabilities are due to lack of validation in the protocol decoders. An attacker could exploit these vulnerabilities by crafting a malicious packet and sending it through the targeted device. A successful exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped.<br /> <br /> There are no workarounds that address these vulnerabilities. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170515-snort">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170515-snort</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Snort++ Protocol Decoder Denial of Service Vulnerabilities" border='0' height='0' width='0'></img>Two vulnerabilities in the protocol decoders of Snort++ (Snort 3) could allow an unauthenticated, remote attacker to create a Denial of Service (DoS) condition.<br /> <br /> The vulnerabilities are due to lack of validation in the protocol decoders. An attacker could exploit these vulnerabilities by crafting a malicious packet and sending it through the targeted device. A successful exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped.<br /> <br /> There are no workarounds that address these vulnerabilities. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170515-snort">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170515-snort</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6657,CVE-2017-6658 Mon, 15 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170515-snort Cisco Integrated Management Controller User Session Hijacking Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Integrated%20Management%20Controller%20User%20Session%20Hijacking%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Integrated Management Controller User Session Hijacking Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the session identification management functionality of the web-based GUI of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system.<br /> <br /> The vulnerability exists because the affected software does not assign a new session identifier to a user session when a user authenticates to the web-based GUI. An attacker could exploit this vulnerability by using a hijacked session identifier to connect to the software through the web-based GUI. A successful exploit could allow the attacker to hijack an authenticated user&rsquo;s browser session on the affected system.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Integrated Management Controller User Session Hijacking Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the session identification management functionality of the web-based GUI of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system.<br /> <br /> The vulnerability exists because the affected software does not assign a new session identifier to a user session when a user authenticates to the web-based GUI. An attacker could exploit this vulnerability by using a hijacked session identifier to connect to the software through the web-based GUI. A successful exploit could allow the attacker to hijack an authenticated user&rsquo;s browser session on the affected system.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc2</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6617 Fri, 12 May 2017 17:17:38 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc2 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Integrated%20Management%20Controller%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Integrated Management Controller Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to perform a persistent cross-site scripting (XSS) attack.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the affected software. A successful exploit could allow the attacker to execute arbitrary code in the context of the web-based GUI on the affected system.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Integrated Management Controller Cross-Site Scripting Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to perform a persistent cross-site scripting (XSS) attack.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the affected software. A successful exploit could allow the attacker to execute arbitrary code in the context of the web-based GUI on the affected system.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6618 Fri, 12 May 2017 17:17:36 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc1 Cisco Integrated Management Controller Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151211-imc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Integrated%20Management%20Controller%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Integrated Management Controller Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to make the IMC IP interface inaccessible.<br /> <br /> The vulnerability is due to incomplete sanitization of input for certain parameters. An attacker could exploit this vulnerability by sending a crafted HTTP request to the IMC. A successful exploit could allow the attacker to cause the IMC to become inaccessible via the IP interface, resulting in a denial of service (DoS) condition.<br /> <br /> There are workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151211-imc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151211-imc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Integrated Management Controller Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to make the IMC IP interface inaccessible.<br /> <br /> The vulnerability is due to incomplete sanitization of input for certain parameters. An attacker could exploit this vulnerability by sending a crafted HTTP request to the IMC. A successful exploit could allow the attacker to cause the IMC to become inaccessible via the IP interface, resulting in a denial of service (DoS) condition.<br /> <br /> There are workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151211-imc">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151211-imc</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2015-6399 Thu, 11 May 2017 19:46:46 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151211-imc Cisco AsyncOS Software for Cisco ESA Filtering Bypass Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20AsyncOS%20Software%20for%20Cisco%20ESA%20Filtering%20Bypass%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco AsyncOS Software for Cisco ESA Filtering Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device.<br /> <br /> The vulnerability is due to improper error handling of a malformed MIME header in an email attachment. An attacker could exploit this vulnerability by sending an email with a crafted MIME attachment. For example, a successful exploit could allow the attacker to bypass user filters configured to prevent executable files from being opened. The malformed MIME headers may not be RFC compliant but some mail clients could still allow users to access the attachment, which may not have been properly filtered by the device.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco AsyncOS Software for Cisco ESA Filtering Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device.<br /> <br /> The vulnerability is due to improper error handling of a malformed MIME header in an email attachment. An attacker could exploit this vulnerability by sending an email with a crafted MIME attachment. For example, a successful exploit could allow the attacker to bypass user filters configured to prevent executable files from being opened. The malformed MIME headers may not be RFC compliant but some mail clients could still allow users to access the attachment, which may not have been properly filtered by the device.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3827 Thu, 11 May 2017 19:32:25 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos Cisco WebEx Meetings Server Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170510-cwms?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20WebEx%20Meetings%20Server%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco WebEx Meetings Server Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco WebEx Meetings Server could allow unauthenticated, remote attackers to gain information that could allow them to access scheduled customer meetings.<br /> <br /> The vulnerability is due to an incomplete configuration of the <em>robots.txt</em> file on customer-hosted WebEx solutions and occurs when the Short URL functionality is not activated. All releases of Cisco WebEx Meetings Server later than release 2.5MR4 provide this functionality. <br /> <br /> An attacker could exploit this vulnerability via an exposed parameter to search for indexed meeting information. A successful exploit could allow the attacker to obtain scheduled meeting information and potentially allow the attacker to attend scheduled, customer meetings.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds are available to address this vulnerability. This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170510-cwms">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170510-cwms</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco WebEx Meetings Server Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco WebEx Meetings Server could allow unauthenticated, remote attackers to gain information that could allow them to access scheduled customer meetings.<br /> <br /> The vulnerability is due to an incomplete configuration of the <em>robots.txt</em> file on customer-hosted WebEx solutions and occurs when the Short URL functionality is not activated. All releases of Cisco WebEx Meetings Server later than release 2.5MR4 provide this functionality. <br /> <br /> An attacker could exploit this vulnerability via an exposed parameter to search for indexed meeting information. A successful exploit could allow the attacker to obtain scheduled meeting information and potentially allow the attacker to attend scheduled, customer meetings.<br /> <br /> Cisco has released software updates that address this vulnerability. Workarounds are available to address this vulnerability. This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170510-cwms">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170510-cwms</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-6651 Wed, 10 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170510-cwms Cisco IOS and IOS XE Software Simple Network Management Protocol Subsystem Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ios-xe-snmp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20and%20IOS%20XE%20Software%20Simple%20Network%20Management%20Protocol%20Subsystem%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software Simple Network Management Protocol Subsystem Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Simple Network Management Protocol&nbsp;(SNMP) subsystem of Cisco&nbsp;IOS and IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to a race condition that could occur when the affected software processes an SNMP read request that contains certain criteria for a specific object ID (OID) and an active crypto session is disconnected on an affected device. An attacker who can authenticate to an affected device could trigger this vulnerability by issuing an SNMP request for a specific OID on the device. A successful exploit will cause the device to restart due to an attempt to access an invalid memory region. The attacker does not control how or when crypto sessions are disconnected on the device.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ios-xe-snmp">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ios-xe-snmp</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software Simple Network Management Protocol Subsystem Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Simple Network Management Protocol&nbsp;(SNMP) subsystem of Cisco&nbsp;IOS and IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to a race condition that could occur when the affected software processes an SNMP read request that contains certain criteria for a specific object ID (OID) and an active crypto session is disconnected on an affected device. An attacker who can authenticate to an affected device could trigger this vulnerability by issuing an SNMP request for a specific OID on the device. A successful exploit will cause the device to restart due to an attempt to access an invalid memory region. The attacker does not control how or when crypto sessions are disconnected on the device.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ios-xe-snmp">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ios-xe-snmp</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6615 Tue, 09 May 2017 13:27:43 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ios-xe-snmp Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20and%20IOS%20XE%20Software%20Cluster%20Management%20Protocol%20Remote%20Code%20Execution%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.<br /> <br /> The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors:<br /> <ul> <li> The failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device, and</li> <li>The incorrect processing of malformed CMP-specific Telnet options. </li> </ul> An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.<br /> <br /> The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors:<br /> <ul> <li> The failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device, and</li> <li>The incorrect processing of malformed CMP-specific Telnet options. </li> </ul> An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2017-3881 Mon, 08 May 2017 20:47:27 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp Apache Struts2 Jakarta Multipart Parser File Upload Code Execution Vulnerability Affecting Cisco Products https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Apache%20Struts2%20Jakarta%20Multipart%20Parser%20File%20Upload%20Code%20Execution%20Vulnerability%20Affecting%20Cisco%20Products&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Apache Struts2 Jakarta Multipart Parser File Upload Code Execution Vulnerability Affecting Cisco Products" border='0' height='0' width='0'></img><p>On March 6, 2017, Apache disclosed a vulnerability in the Jakarta Multipart parser used in Apache Struts2 that could allow an attacker to execute commands remotely on a targeted system by using a<em> </em>crafted <span class="more"><em>Content-Type</em>, <em>Content-Disposition</em>, or <em>Content-Length</em> value.<br /> </span></p> This vulnerability has been assigned CVE-ID CVE-2017-5638.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Apache Struts2 Jakarta Multipart Parser File Upload Code Execution Vulnerability Affecting Cisco Products" border='0' height='0' width='0'></img><p>On March 6, 2017, Apache disclosed a vulnerability in the Jakarta Multipart parser used in Apache Struts2 that could allow an attacker to execute commands remotely on a targeted system by using a<em> </em>crafted <span class="more"><em>Content-Type</em>, <em>Content-Disposition</em>, or <em>Content-Length</em> value.<br /> </span></p> This vulnerability has been assigned CVE-ID CVE-2017-5638.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2017-5638 Fri, 05 May 2017 17:02:20 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2 Cisco TelePresence ICMP Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ctp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20TelePresence%20ICMP%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco TelePresence ICMP Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the ICMP ingress packet processing of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause the TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to incomplete input validation for the size of a received ICMP packet. An attacker could exploit this vulnerability by sending a crafted ICMP packet to the local IP address of the targeted endpoint. A successful exploit could allow the attacker to cause a DoS of the TelePresence endpoint, during which time calls could be dropped. This vulnerability would affect either IPv4 or IPv6 ICMP traffic.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ctp">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ctp</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco TelePresence ICMP Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the ICMP ingress packet processing of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause the TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to incomplete input validation for the size of a received ICMP packet. An attacker could exploit this vulnerability by sending a crafted ICMP packet to the local IP address of the targeted endpoint. A successful exploit could allow the attacker to cause a DoS of the TelePresence endpoint, during which time calls could be dropped. This vulnerability would affect either IPv4 or IPv6 ICMP traffic.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ctp">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ctp</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3825 Thu, 04 May 2017 18:42:24 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ctp Cisco CVR100W Wireless-N VPN Router Universal Plug-and-Play Buffer Overflow Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20CVR100W%20Wireless-N%20VPN%20Router%20Universal%20Plug-and-Play%20Buffer%20Overflow%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco CVR100W Wireless-N VPN Router Universal Plug-and-Play Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2&ndash;adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. The remote code execution could occur with <em>root </em>privileges.<br /> <br /> The vulnerability is due to incomplete range checks of the UPnP input data, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a malicious request to the UPnP listening port of the targeted device. An exploit could allow the attacker to cause the device to reload or potentially execute arbitrary code with <em>root</em> privileges.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco CVR100W Wireless-N VPN Router Universal Plug-and-Play Buffer Overflow Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2&ndash;adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. The remote code execution could occur with <em>root </em>privileges.<br /> <br /> The vulnerability is due to incomplete range checks of the UPnP input data, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a malicious request to the UPnP listening port of the targeted device. An exploit could allow the attacker to cause the device to reload or potentially execute arbitrary code with <em>root</em> privileges.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w1</a> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2017-3882 Thu, 04 May 2017 15:30:08 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w1 Cisco IOS XR Software Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ios-xr?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20XR%20Software%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XR Software Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Event Management Service daemon (<em>emsd</em>) of Cisco IOS XR routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device.<br /> <br /> The vulnerability is due to improper handling of gRPC requests. An attacker could exploit this vulnerability by repeatedly sending unauthenticated gRPC requests to the affected device. A successful exploit could allow the attacker to crash the device in such a manner that manual intervention is required to recover.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ios-xr">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ios-xr</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS XR Software Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Event Management Service daemon (<em>emsd</em>) of Cisco IOS XR routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device.<br /> <br /> The vulnerability is due to improper handling of gRPC requests. An attacker could exploit this vulnerability by repeatedly sending unauthenticated gRPC requests to the affected device. A successful exploit could allow the attacker to crash the device in such a manner that manual intervention is required to recover.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ios-xr">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ios-xr</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3876 Wed, 03 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ios-xr Cisco Aironet 1800, 2800, and 3800 Series Access Points Plug-and-Play Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cme?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Aironet%201800,%202800,%20and%203800%20Series%20Access%20Points%20Plug-and-Play%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Aironet 1800, 2800, and 3800 Series Access Points Plug-and-Play Arbitrary Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Plug-and-Play (PnP) subsystem of the Cisco Aironet 1800, 2800, and 3800 Series Access Points running a Lightweight Access Point (AP) or Mobility Express image could allow an unauthenticated, adjacent attacker to execute arbitrary code with <em>root </em>privileges.<br /> <br /> The vulnerability is due to insufficient validation of PnP server responses. The PnP feature is only active while the device does not contain a configuration, such as a first time boot or after a factory reset has been issued. An attacker with the ability to respond to PnP configuration requests from the affected device can exploit the vulnerability by returning malicious PnP responses. If a Cisco Application Policy Infrastructure Controller - Enterprise Module (APIC-EM) is available on the network, the attacker would need to exploit the issue in the short window before a valid PnP response was received. If successful, the attacker could gain the ability to execute arbitrary code with <em>root </em>privileges on the underlying operating system of the device.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cme">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cme</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Aironet 1800, 2800, and 3800 Series Access Points Plug-and-Play Arbitrary Code Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Plug-and-Play (PnP) subsystem of the Cisco Aironet 1800, 2800, and 3800 Series Access Points running a Lightweight Access Point (AP) or Mobility Express image could allow an unauthenticated, adjacent attacker to execute arbitrary code with <em>root </em>privileges.<br /> <br /> The vulnerability is due to insufficient validation of PnP server responses. The PnP feature is only active while the device does not contain a configuration, such as a first time boot or after a factory reset has been issued. An attacker with the ability to respond to PnP configuration requests from the affected device can exploit the vulnerability by returning malicious PnP responses. If a Cisco Application Policy Infrastructure Controller - Enterprise Module (APIC-EM) is available on the network, the attacker would need to exploit the issue in the short window before a valid PnP response was received. If successful, the attacker could gain the ability to execute arbitrary code with <em>root </em>privileges on the underlying operating system of the device.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link: <br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cme">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cme</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3873 Wed, 03 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cme Cisco Wide Area Application Services SMART-SSL Accelerator Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-waas?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Wide%20Area%20Application%20Services%20SMART-SSL%20Accelerator%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Wide Area Application Services SMART-SSL Accelerator Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition where the WAN optimization could stop functioning while the process restarts.<br /> <br /> The vulnerability is due to a Secure Sockets Layer/Transport Layer Security (SSL/TLS) alert being incorrectly handled when in a specific SSL/TLS connection state. An attacker could exploit this vulnerability by establishing a SMART-SSL connection through the targeted device. The attacker would then send a crafted stream of SSL/TLS traffic. An exploit could allow the attacker to cause a DoS condition where WAN optimization could stop processing traffic for a short period of time.<br /> <br /> There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-waas">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-waas</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Wide Area Application Services SMART-SSL Accelerator Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition where the WAN optimization could stop functioning while the process restarts.<br /> <br /> The vulnerability is due to a Secure Sockets Layer/Transport Layer Security (SSL/TLS) alert being incorrectly handled when in a specific SSL/TLS connection state. An attacker could exploit this vulnerability by establishing a SMART-SSL connection through the targeted device. The attacker would then send a crafted stream of SSL/TLS traffic. An exploit could allow the attacker to cause a DoS condition where WAN optimization could stop processing traffic for a short period of time.<br /> <br /> There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-waas">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-waas</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6628 Wed, 03 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-waas Cisco Firepower Threat Defense and Cisco ASA with FirePOWER Module Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Firepower%20Threat%20Defense%20and%20Cisco%20ASA%20with%20FirePOWER%20Module%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Firepower Threat Defense and Cisco ASA with FirePOWER Module Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition.<br /> &nbsp;<br /> The vulnerability is due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system.<br /> <br /> There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Firepower Threat Defense and Cisco ASA with FirePOWER Module Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition.<br /> &nbsp;<br /> The vulnerability is due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system.<br /> <br /> There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6625 Wed, 03 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd Cisco Finesse for Cisco Unified Contact Center Enterprise Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-finesse-ucce?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Finesse%20for%20Cisco%20Unified%20Contact%20Center%20Enterprise%20Information%20Disclosure%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Finesse for Cisco Unified Contact Center Enterprise Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco&nbsp;Finesse Notification Service for Cisco&nbsp;Unified Contact Center Enterprise (UCCE) could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop.<br /> <br /> The vulnerability is due to the existence of a user account that has an undocumented, hard-coded password. An attacker could exploit this vulnerability by using the hard-coded credentials to subscribe to the Finesse Notification Service, which would allow the attacker to receive notifications when an agent signs in or out of the Finesse Desktop, when information about an agent changes, or when an agent's state changes.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-finesse-ucce">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-finesse-ucce</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Finesse for Cisco Unified Contact Center Enterprise Information Disclosure Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Cisco&nbsp;Finesse Notification Service for Cisco&nbsp;Unified Contact Center Enterprise (UCCE) could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop.<br /> <br /> The vulnerability is due to the existence of a user account that has an undocumented, hard-coded password. An attacker could exploit this vulnerability by using the hard-coded credentials to subscribe to the Finesse Notification Service, which would allow the attacker to receive notifications when an agent signs in or out of the Finesse Desktop, when information about an agent changes, or when an agent's state changes.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-finesse-ucce">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-finesse-ucce</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6626 Wed, 03 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-finesse-ucce Cisco CVR100W Wireless-N VPN Router Remote Management Security Bypass Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20CVR100W%20Wireless-N%20VPN%20Router%20Remote%20Management%20Security%20Bypass%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco CVR100W Wireless-N VPN Router Remote Management Security Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the remote management access control list (ACL) feature of the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, remote attacker to bypass the remote management ACL.<br /> <br /> The vulnerability is due to incorrect implementation of the ACL decision made during the ingress connection request to the remote management interface. An attacker could exploit this vulnerability by sending a connection to the management IP address or domain name of the targeted device. A successful exploit could allow the attacker to bypass the configured remote management ACL. This can occur when the <em>Remote Management</em> configuration parameter is set to <em>Disabled</em>.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w2</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco CVR100W Wireless-N VPN Router Remote Management Security Bypass Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the remote management access control list (ACL) feature of the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, remote attacker to bypass the remote management ACL.<br /> <br /> The vulnerability is due to incorrect implementation of the ACL decision made during the ingress connection request to the remote management interface. An attacker could exploit this vulnerability by sending a connection to the management IP address or domain name of the targeted device. A successful exploit could allow the attacker to bypass the configured remote management ACL. This can occur when the <em>Remote Management</em> configuration parameter is set to <em>Disabled</em>.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w2">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w2</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6620 Wed, 03 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w2 Cisco Unity Connection ImageID Parameter Unauthorized Access Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cuc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unity%20Connection%20ImageID%20Parameter%20Unauthorized%20Access%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unity Connection ImageID Parameter Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the <em>ImageID</em> parameter of Cisco Unity Connection could allow an unauthenticated, remote attacker to access files in arbitrary locations on the filesystem of an affected device.<br /> <br /> The issue is due to improper sanitization of user-supplied input in HTTP POST parameters that describe filenames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cuc">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cuc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unity Connection ImageID Parameter Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the <em>ImageID</em> parameter of Cisco Unity Connection could allow an unauthenticated, remote attacker to access files in arbitrary locations on the filesystem of an affected device.<br /> <br /> The issue is due to improper sanitization of user-supplied input in HTTP POST parameters that describe filenames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cuc">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cuc</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6629 Wed, 03 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cuc Cisco CallManager Express Unauthorized Access Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cme1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20CallManager%20Express%20Unauthorized%20Access%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco CallManager Express Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco&nbsp;IOS Software for Cisco CallManager Express&nbsp;(CME) could allow an unauthenticated, remote attacker to make unauthorized phone calls.<br /> <br /> The vulnerability is due to a configuration restriction in the toll-fraud protections component of the affected software. An attacker could exploit this vulnerability to place unauthorized, long-distance phone calls by using an affected system.<br /> <br /> There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cme1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cme1</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco CallManager Express Unauthorized Access Vulnerability" border='0' height='0' width='0'></img>A vulnerability in Cisco&nbsp;IOS Software for Cisco CallManager Express&nbsp;(CME) could allow an unauthenticated, remote attacker to make unauthorized phone calls.<br /> <br /> The vulnerability is due to a configuration restriction in the toll-fraud protections component of the affected software. An attacker could exploit this vulnerability to place unauthorized, long-distance phone calls by using an affected system.<br /> <br /> There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cme1">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cme1</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6624 Wed, 03 May 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cme1 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20January%20and%20February%202017&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017" border='0' height='0' width='0'></img>On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new vulnerabilities. The foundation also released one vulnerability that was already disclosed in the OpenSSL advisory for November 2016 and included in the Cisco Security Advisory <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161114-openssl">Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016</a>. OpenSSL classifies all the new vulnerabilities as &ldquo;Moderate Severity.&rdquo;<br /> <br /> The first vulnerability affects only OpenSSL used on 32-bit systems architecture and may cause OpenSSL to crash. The second vulnerability affects only version 1.1.0 and occurs only when OpenSSL is used on the client side. The second vulnerability may cause OpenSSL to crash when connecting to a malicious server. The third vulnerability affects only systems based on x86_64 architecture. A successful exploit of the third vulnerability could allow the attacker to access sensitive private key information.<br /> <br /> Multiple Cisco products incorporate a version of the OpenSSL package that is affected by one or more of these vulnerabilities. <br /> <br /> There are no Cisco products affected by the vulnerability identified by CVE ID CVE-2017-3730.<br /> <br /> On February 16, 2017, the OpenSSL Software Foundation released another security advisory that included one high severity vulnerability identified by CVE ID CVE-2017-3733. <br /> <br /> There are no Cisco products affected by this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017" border='0' height='0' width='0'></img>On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new vulnerabilities. The foundation also released one vulnerability that was already disclosed in the OpenSSL advisory for November 2016 and included in the Cisco Security Advisory <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161114-openssl">Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016</a>. OpenSSL classifies all the new vulnerabilities as &ldquo;Moderate Severity.&rdquo;<br /> <br /> The first vulnerability affects only OpenSSL used on 32-bit systems architecture and may cause OpenSSL to crash. The second vulnerability affects only version 1.1.0 and occurs only when OpenSSL is used on the client side. The second vulnerability may cause OpenSSL to crash when connecting to a malicious server. The third vulnerability affects only systems based on x86_64 architecture. A successful exploit of the third vulnerability could allow the attacker to access sensitive private key information.<br /> <br /> Multiple Cisco products incorporate a version of the OpenSSL package that is affected by one or more of these vulnerabilities. <br /> <br /> There are no Cisco products affected by the vulnerability identified by CVE ID CVE-2017-3730.<br /> <br /> On February 16, 2017, the OpenSSL Software Foundation released another security advisory that included one high severity vulnerability identified by CVE ID CVE-2017-3733. <br /> <br /> There are no Cisco products affected by this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3730,CVE-2017-3731,CVE-2017-3732,CVE-2017-3733 Thu, 27 Apr 2017 21:26:43 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20September%202016&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 " border='0' height='0' width='0'></img>On September 22, 2016, the OpenSSL Software Foundation released an advisory that describes 14 vulnerabilities. Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as &ldquo;Critical Severity,&rdquo; one as &ldquo;Moderate Severity,&rdquo; and the other 12 as &ldquo;Low Severity.&rdquo; <br /> <br /> Subsequently, on September 26, the OpenSSL Software Foundation released an additional advisory that describes two new vulnerabilities. These vulnerabilities affect the OpenSSL versions that were released to address the vulnerabilities disclosed in the previous advisory. One of the new vulnerabilities was rated as &ldquo;High Severity&rdquo; and the other as &ldquo;Moderate Severity.&rdquo; <br /> <br /> Of the 16 released vulnerabilities:<br /> <ul> <li>Fourteen track issues that could result in a denial of service (DoS) condition</li> <li>One (CVE-2016-2183, aka SWEET32) tracks an implementation of a Birthday attack against Transport Layer Security (TLS) block ciphers that use a 64-bit block size that could result in loss of confidentiality</li> <li>One (CVE-2016-2178) is a timing side-channel attack that, in specific circumstances, could allow an attacker to derive the private DSA key that belongs to another user or service running on the same system</li> </ul> <br /> Five of the 16 vulnerabilities exclusively affect the recently released OpenSSL versions that are part of the 1.1.0 release series, which has not yet been integrated into any Cisco product.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 " border='0' height='0' width='0'></img>On September 22, 2016, the OpenSSL Software Foundation released an advisory that describes 14 vulnerabilities. Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as &ldquo;Critical Severity,&rdquo; one as &ldquo;Moderate Severity,&rdquo; and the other 12 as &ldquo;Low Severity.&rdquo; <br /> <br /> Subsequently, on September 26, the OpenSSL Software Foundation released an additional advisory that describes two new vulnerabilities. These vulnerabilities affect the OpenSSL versions that were released to address the vulnerabilities disclosed in the previous advisory. One of the new vulnerabilities was rated as &ldquo;High Severity&rdquo; and the other as &ldquo;Moderate Severity.&rdquo; <br /> <br /> Of the 16 released vulnerabilities:<br /> <ul> <li>Fourteen track issues that could result in a denial of service (DoS) condition</li> <li>One (CVE-2016-2183, aka SWEET32) tracks an implementation of a Birthday attack against Transport Layer Security (TLS) block ciphers that use a 64-bit block size that could result in loss of confidentiality</li> <li>One (CVE-2016-2178) is a timing side-channel attack that, in specific circumstances, could allow an attacker to derive the private DSA key that belongs to another user or service running on the same system</li> </ul> <br /> Five of the 16 vulnerabilities exclusively affect the recently released OpenSSL versions that are part of the 1.1.0 release series, which has not yet been integrated into any Cisco product.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-2177,CVE-2016-2178,CVE-2016-2179,CVE-2016-2180,CVE-2016-2181,CVE-2016-2182,CVE-2016-2183,CVE-2016-6302,CVE-2016-6303,CVE-2016-6304,CVE-2016-6305,CVE-2016-6306,CVE-2016-6307,CVE-2016-6308,CVE-2016-6309,CVE-2016-7052 Mon, 24 Apr 2017 17:02:54 CDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl Cisco Unified Communications Manager Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ucm?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Communications%20Manager%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco&nbsp;Unified Communications Manager (Cisco Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.<br /> <br /> The vulnerability is due to insufficient rate limiting protection. An attacker could exploit this vulnerability by sending the affected device a high rate of SIP messages. An exploit could allow the attacker to cause the device to reload unexpectedly. The device and services will restart automatically.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ucm">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ucm</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Unified Communications Manager Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco&nbsp;Unified Communications Manager (Cisco Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.<br /> <br /> The vulnerability is due to insufficient rate limiting protection. An attacker could exploit this vulnerability by sending the affected device a high rate of SIP messages. An exploit could allow the attacker to cause the device to reload unexpectedly. The device and services will restart automatically.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ucm">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ucm</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3808 Fri, 21 Apr 2017 18:12:27 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ucm Cisco ASA Software DNS Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-dns?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ASA%20Software%20DNS%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software DNS Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the DNS code of Cisco&nbsp;ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload or corrupt the information present in the device's local DNS cache.<br /> <br /> The vulnerability is due to a flaw in handling crafted DNS response messages. An attacker could exploit this vulnerability by triggering a DNS request from the Cisco&nbsp;ASA Software and replying with a crafted response. A successful exploit could cause the device to reload, resulting in a denial of service (DoS) condition or corruption of the local DNS cache information.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected device can be used to exploit this vulnerability. This vulnerability affects Cisco&nbsp;ASA Software configured in routed or transparent firewall mode and single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-dns">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-dns</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software DNS Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the DNS code of Cisco&nbsp;ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload or corrupt the information present in the device's local DNS cache.<br /> <br /> The vulnerability is due to a flaw in handling crafted DNS response messages. An attacker could exploit this vulnerability by triggering a DNS request from the Cisco&nbsp;ASA Software and replying with a crafted response. A successful exploit could cause the device to reload, resulting in a denial of service (DoS) condition or corruption of the local DNS cache information.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected device can be used to exploit this vulnerability. This vulnerability affects Cisco&nbsp;ASA Software configured in routed or transparent firewall mode and single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-dns">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-dns</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-6607 Wed, 19 Apr 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-dns Cisco Integrated Management Controller Command Execution Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Integrated%20Management%20Controller%20Command%20Execution%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Integrated Management Controller Command Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based GUI of Cisco&nbsp;Integrated Management Controller (IMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected system.<br /> <br /> The vulnerability exists because the affected software does not sufficiently sanitize user-supplied HTTP input. An attacker could exploit this vulnerability by sending an HTTP POST request that contains crafted, deserialized user data to the affected software. A successful exploit could allow the attacker to execute arbitrary commands with <em>root</em>-level privileges on the affected system, which the attacker could use to conduct further attacks.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco Integrated Management Controller Command Execution Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the web-based GUI of Cisco&nbsp;Integrated Management Controller (IMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected system.<br /> <br /> The vulnerability exists because the affected software does not sufficiently sanitize user-supplied HTTP input. An attacker could exploit this vulnerability by sending an HTTP POST request that contains crafted, deserialized user data to the affected software. A successful exploit could allow the attacker to execute arbitrary commands with <em>root</em>-level privileges on the affected system, which the attacker could use to conduct further attacks.<br /> <br /> There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-6619 Wed, 19 Apr 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc Cisco ASA Software Internet Key Exchange Version 1 XAUTH Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ASA%20Software%20Internet%20Key%20Exchange%20Version%201%20XAUTH%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software Internet Key Exchange Version 1 XAUTH Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco&nbsp;ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system.<br /> <br /> The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid IKEv1 Phase 1 needs to be established to exploit this vulnerability, which means that an attacker would need to have knowledge of a pre-shared key or have a valid certificate for phase 1 authentication.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software Internet Key Exchange Version 1 XAUTH Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco&nbsp;ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system.<br /> <br /> The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid IKEv1 Phase 1 needs to be established to exploit this vulnerability, which means that an attacker would need to have knowledge of a pre-shared key or have a valid certificate for phase 1 authentication.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-6610 Wed, 19 Apr 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth Cisco ASA Software SSL/TLS Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-tls?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ASA%20Software%20SSL/TLS%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software SSL/TLS Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) code of Cisco&nbsp;ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system.<br /> <br /> The vulnerability is due to improper parsing of crafted SSL or TLS packets. An attacker could exploit this vulnerability by sending a crafted packet to the affected system.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. A valid SSL or TLS session is needed to exploit this vulnerability.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-tls">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-tls</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software SSL/TLS Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) code of Cisco&nbsp;ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system.<br /> <br /> The vulnerability is due to improper parsing of crafted SSL or TLS packets. An attacker could exploit this vulnerability by sending a crafted packet to the affected system.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. A valid SSL or TLS session is needed to exploit this vulnerability.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-tls">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-tls</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-6608 Wed, 19 Apr 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-tls Cisco ASA Software and Cisco FTD Software TCP Normalizer Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-norm?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ASA%20Software%20and%20Cisco%20FTD%20Software%20TCP%20Normalizer%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software and Cisco FTD Software TCP Normalizer Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause Cisco ASA and FTD to drop any further incoming traffic on all interfaces, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper limitation of the global out-of-order TCP queue for specific block sizes. An attacker could exploit this vulnerability by sending a large number of unique permitted TCP connections with out-of-order segments. An exploit could allow the attacker to exhaust available blocks in the global out-of-order TCP queue, causing the dropping of any further incoming traffic on all interfaces and resulting in a DoS condition.<br /> <br /> There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-norm">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-norm</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software and Cisco FTD Software TCP Normalizer Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause Cisco ASA and FTD to drop any further incoming traffic on all interfaces, resulting in a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper limitation of the global out-of-order TCP queue for specific block sizes. An attacker could exploit this vulnerability by sending a large number of unique permitted TCP connections with out-of-order segments. An exploit could allow the attacker to exhaust available blocks in the global out-of-order TCP queue, causing the dropping of any further incoming traffic on all interfaces and resulting in a DoS condition.<br /> <br /> There are no workarounds that address this vulnerability. <br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-norm">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-norm</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3793 Wed, 19 Apr 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-norm Cisco ASA Software IPsec Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ASA%20Software%20IPsec%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software IPsec Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the IPsec code of Cisco&nbsp;ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system.<br /> <br /> The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. An attacker needs to establish a valid IPsec tunnel before exploiting this vulnerability.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec</a> <img src="https://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco ASA Software IPsec Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the IPsec code of Cisco&nbsp;ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system.<br /> <br /> The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system.<br /> <br /> <strong>Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. An attacker needs to establish a valid IPsec tunnel before exploiting this vulnerability.<br /> <br /> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br /> <br /> This advisory is available at the following link:<br /> <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-6609 Wed, 19 Apr 2017 16:00:00 CDT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec