cisco-sa-20161026-esa1
Cisco PSIRT2016-10-26
Cisco Email Security Appliance Malformed DGN File Attachment Denial of Service Vulnerability
CVEs:CVE-2016-1481
Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity). 1 is already weaponised in the wild — see the Exploited section.
Cisco Email Security Appliance Malformed DGN File Attachment Denial of Service Vulnerability
CVEs:CVE-2016-1481
Cisco Email Security Appliance Advanced Malware Protection Attachment Scanning Denial of Service Vulnerability
CVEs:CVE-2016-1486
Cisco Email Security Appliance Corrupted Attachment Fields Denial of Service Vulnerability
CVEs:CVE-2016-6356
Cisco Email Security Appliance Quarantine Email Rendering Vulnerability
CVEs:CVE-2016-1423
Cisco Email Security Appliance Drop Bypass Vulnerability
CVEs:CVE-2016-6357
Cisco Email Security Appliance FTP Denial of Service Vulnerability
CVEs:CVE-2016-6358
Cisco Email and Web Security Appliance Malformed MIME Header Vulnerability
CVEs:CVE-2016-1480
Cisco Email and Web Security Appliance MIME Header Bypass Vulnerability
CVEs:CVE-2016-6372
Cisco Email and Web Security Appliance JAR Advanced Malware Protection DoS Vulnerability
CVEs:CVE-2016-6360
Cisco Hosted Collaboration Mediation Fulfillment Cross-Site Request Forgery Vulnerability
CVEs:CVE-2016-6454
Cisco IP Interoperability and Collaboration System Universal Media Services Unauthorized Access Vulnerability
CVEs:CVE-2016-6397
Cisco IP Interoperability and Collaboration System Cross-Site Scripting Vulnerability
CVEs:CVE-2016-6429
Cisco IP Interoperability and Collaboration System Command-Line Interface Privilege Escalation Vulnerability
CVEs:CVE-2016-6430
Cisco Prime Collaboration Provisioning Cross-Site Scripting Vulnerability
CVEs:CVE-2016-6451
Vulnerability in Linux Kernel Affecting Cisco Products: October 2016
CVEs:CVE-2016-5195
Cisco Identity Services Engine SQL Injection Vulnerability
CVEs:CVE-2016-6453
Cisco ASA Software Local Certificate Authority Denial of Service Vulnerability
CVEs:CVE-2016-6431
Cisco ASA Software Identity Firewall Feature Buffer Overflow Vulnerability
CVEs:CVE-2016-6432
Cisco Meeting Server Cross-Site Request Forgery Vulnerability
CVEs:CVE-2016-6444
Cisco Meeting Server Information Disclosure Vulnerability
CVEs:CVE-2016-6446
Cisco Firepower Detection Engine HTTP Denial of Service Vulnerability
CVEs:CVE-2016-6439
Cisco cBR-8 Converged Broadband Router vty Integrity Vulnerability
CVEs:CVE-2016-6438
Cisco Finesse Cross-Site Request Forgery Vulnerability
CVEs:CVE-2016-6442
Cisco Meeting Server Client Authentication Bypass Vulnerability
CVEs:CVE-2016-6445
Cisco Prime Infrastructure and Evolved Programmable Network Manager Database Interface SQL Injection Vulnerability
CVEs:CVE-2016-6443
Cisco Unified Communications Manager iFrame Data Clickjacking Vulnerability
CVEs:CVE-2016-6440
Cisco Wide Area Application Services Central Manager Denial of Service Vulnerability
CVEs:CVE-2016-6437
Cisco ASA Software DHCP Relay Denial of Service Vulnerability
CVEs:CVE-2016-6424
Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability
CVEs:CVE-2016-1454
Cisco IOS Software for Cisco Catalyst 6500 Series Switches and 7600 Series Routers ACL Bypass Vulnerability
CVEs:CVE-2016-6422
Cisco Host Scan Package Cross-Site Scripting Vulnerability
CVEs:CVE-2016-6436
Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability
CVEs:CVE-2015-6392
Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability
CVEs:CVE-2015-6393
Cisco Firepower Threat Management Console Remote Command Execution Vulnerability
CVEs:CVE-2016-6433
Cisco Firepower Management Center Console Authentication Bypass Vulnerability
CVEs:CVE-2016-6434
Cisco Firepower Management Center Console Local File Inclusion Vulnerability
CVEs:CVE-2016-6435
Cisco IOS and IOS XE IKEv2 Denial of Service Vulnerability
CVEs:CVE-2016-6423
Cisco IOS XR Software Command-Line Interface Privilege Escalation Vulnerability
CVEs:CVE-2016-6428
Cisco Nexus 9000 Information Disclosure Vulnerability
CVEs:CVE-2016-1455
Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability
CVEs:CVE-2015-0721
Cisco Nexus 7000 and 7700 Series Switches Overlay Transport Virtualization Buffer Overflow Vulnerability
CVEs:CVE-2016-1453
Cisco Unified Intelligence Center (CUIC) Software Cross-Site Scripting Vulnerability
CVEs:CVE-2016-6425
Cisco Unified Intelligence Center (CUIC) Software Unauthenticated User Account Creation Vulnerability
CVEs:CVE-2016-6426
Cisco Unified Intelligence Center (CUIC) Software Cross-Site Request Forgery Vulnerability
CVEs:CVE-2016-6427
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.