cisco-sa-20160531-wsa-esa
Cisco PSIRT2016-05-31
Cisco ESA and WSA AMP ClamAV Denial of Service Vulnerability
CVEs:CVE-2016-1405
Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity). 1 is already weaponised in the wild — see the Exploited section.
Cisco ESA and WSA AMP ClamAV Denial of Service Vulnerability
CVEs:CVE-2016-1405
Cisco Firepower Management Center Web Interface Code Injection Vulnerability
CVEs:CVE-2016-1413
Cisco WebEx Meeting Center Improved Logging Capabilities
CVEs:CVE-2016-1410
Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability
CVEs:CVE-2016-1409
Cisco UCS Invicta Software Default GPG Key Vulnerability
CVEs:CVE-2016-1404
Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager JSON Privilege Escalation Vulnerability
CVEs:CVE-2016-1406
Cisco IOS XR Software LPTS Denial of Service Vulnerability
CVEs:CVE-2016-1407
Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability
CVEs:CVE-2016-1380
Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability
CVEs:CVE-2016-1381
Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability
CVEs:CVE-2016-1382
Cisco Web Security Appliance Connection Denial of Service Vulnerability
CVEs:CVE-2016-1383
Cisco Unified Computing System Central Cross-Site Scripting Vulnerability
CVEs:CVE-2016-1401
Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability
CVEs:CVE-2016-1379
Cisco Adaptive Security Appliance XML Parser Denial of Service Vulnerability
CVEs:CVE-2016-1385
Cisco Identity Services Engine Active Directory Integration Component Remote Denial of Service Vulnerability
CVEs:CVE-2016-1402
Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability
CVEs:CVE-2016-1400
Cisco Industrial Ethernet 4000 and Ethernet 5000 Series Switches ICMP IPv4 Packet Corruption Vulnerability
CVEs:CVE-2016-1399
Cisco Cloud Network Automation Provisioner SQL Injection Vulnerability
CVEs:CVE-2016-1393
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016
CVEs:CVE-2016-2106CVE-2016-2176CVE-2016-2105CVE-2016-2109CVE-2016-2107CVE-2016-2108
Cisco Finesse HTTP Request Processing Server-Side Request Forgery Vulnerability
CVEs:CVE-2016-1373
Cisco FirePOWER System Software Packet Processing Denial of Service Vulnerability
CVEs:CVE-2016-1368
Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability
CVEs:CVE-2016-1369
Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability
CVEs:CVE-2016-1387
Cisco Prime Collaboration Assurance Open Redirect Vulnerability
CVEs:CVE-2016-1392
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.