Vulnetix
Try Vulnetix Request Demo
Cisco Security Advisories · November 2017 — Cisco Security Advisories
69 advisories 85 CVEs 1 EXPLOITED

PSIRT bulletins (cisco-sa-*) and cross-source CVEs naming Cisco for 2017-11. Mirrored into Vulnetix VDB.

Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity). 1 is already weaponised in the wild — see the Exploited section.

Back to archive Open Console

Advisories

cisco-sa-20171129-apic

Cisco PSIRT2017-11-29

Cisco Application Policy Infrastructure Controller Local Command Injection and Privilege Escalation Vulnerability

CVEs:CVE-2017-12352

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-202553 affected Cisco
Upstream advisory

cisco-sa-20171129-fxnx

Cisco PSIRT2017-11-29

Cisco FXOS and NX-OS System Software CLI Command Injection Vulnerability

CVEs:CVE-2017-12329

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-225888 affected Cisco
CVRFPID-80720 affected Cisco
Upstream advisory

cisco-sa-20171129-jabber

Cisco PSIRT2017-11-29

Cisco Jabber Clients Cross-Site Scripting Vulnerability

CVEs:CVE-2017-12356

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-192127 affected Cisco
CVRFPID-210554 affected Cisco
CVRFPID-210568 affected Cisco
Upstream advisory

cisco-sa-20171129-jabber1

Cisco PSIRT2017-11-29

Cisco Jabber Clients Cross-Site Scripting Vulnerability

CVEs:CVE-2017-12358

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-190570 affected Cisco
CVRFPID-192127 affected Cisco
CVRFPID-210554 affected Cisco
CVRFPID-210568 affected Cisco
Upstream advisory

cisco-sa-20171129-switch

Cisco PSIRT2017-11-29

Cisco Multilayer Director, Nexus 7000 Series, and Nexus 7700 Series Switches Bash Shell Unauthorized Access Vulnerability

CVEs:CVE-2017-12340

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-80720 affected Cisco
Upstream advisory

cisco-sa-20171129-webex

Cisco PSIRT2017-11-29

Cisco WebEx Network Recording Player Buffer Overflow Vulnerability

CVEs:CVE-2017-12359

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-100455 affected Cisco
CVRFPID-190702 affected Cisco
CVRFPID-228295 affected Cisco
CVRFPID-97151 affected Cisco
Upstream advisory

cisco-sa-20171129-webex1

Cisco PSIRT2017-11-29

Cisco WebEx Network Recording Player Denial of Service Vulnerability

CVEs:CVE-2017-12360

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-228295 affected Cisco
CVRFPID-96064 affected Cisco
Upstream advisory

cisco-sa-20171115-esa

Cisco PSIRT2017-11-15

Cisco Email Security Appliance and Content Security Management Appliance HTTP Response Splitting Vulnerability

CVEs:CVE-2017-12309

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-189790 affected Cisco
CVRFPID-189791 affected Cisco
Upstream advisory

cisco-sa-20171115-ios

Cisco PSIRT2017-11-15

Cisco IOS and IOS XE Software IOS daemon Cross-Site Scripting Vulnerability

CVEs:CVE-2017-12304

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-2097 affected Cisco
CVRFPID-93036 affected Cisco
Upstream advisory

cisco-sa-20171115-vos

Cisco PSIRT2017-11-15

Cisco Voice Operating System-Based Products Unauthorized Access Vulnerability

CVEs:CVE-2017-12337

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-188690 affected Cisco
CVRFPID-189784 affected Cisco
CVRFPID-193469 affected Cisco
CVRFPID-194456 affected Cisco
CVRFPID-194833 affected Cisco
CVRFPID-198393 affected Cisco
CVRFPID-203607 affected Cisco
CVRFPID-4844 affected Cisco
CVRFPID-73608 affected Cisco
CVRFPID-88444 affected Cisco
CVRFPID-92631 affected Cisco
Upstream advisory

cisco-sa-20171103-bgp

Cisco PSIRTExploitedHIGH2017-11-03

Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial of Service Vulnerability

CVEs:CVE-2017-12319

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-200768 affected Cisco
CVRFPID-200770 affected Cisco
CVRFPID-200771 affected Cisco
CVRFPID-201495 affected Cisco
CVRFPID-203353 affected Cisco
CVRFPID-206160 affected Cisco
CVRFPID-206161 affected Cisco
CVRFPID-206162 affected Cisco
CVRFPID-206172 affected Cisco
CVRFPID-206173 affected Cisco
CVRFPID-206174 affected Cisco
CVRFPID-206175 affected Cisco
CVRFPID-206176 affected Cisco
CVRFPID-206178 affected Cisco
CVRFPID-206180 affected Cisco
CVRFPID-206181 affected Cisco
CVRFPID-206190 affected Cisco
CVRFPID-206191 affected Cisco
CVRFPID-206192 affected Cisco
CVRFPID-206193 affected Cisco
CVRFPID-206211 affected Cisco
CVRFPID-210073 affected Cisco
CVRFPID-210074 affected Cisco
CVRFPID-210075 affected Cisco
CVRFPID-210076 affected Cisco
CVRFPID-210077 affected Cisco
CVRFPID-210078 affected Cisco
CVRFPID-210079 affected Cisco
CVRFPID-210081 affected Cisco
CVRFPID-210264 affected Cisco
CVRFPID-212268 affected Cisco
CVRFPID-212408 affected Cisco
CVRFPID-212411 affected Cisco
CVRFPID-212412 affected Cisco
CVRFPID-212436 affected Cisco
CVRFPID-212674 affected Cisco
CVRFPID-213100 affected Cisco
CVRFPID-213473 affected Cisco
CVRFPID-213474 affected Cisco
CVRFPID-213475 affected Cisco
CVRFPID-213476 affected Cisco
CVRFPID-213477 affected Cisco
CVRFPID-213478 affected Cisco
CVRFPID-213557 affected Cisco
CVRFPID-213635 affected Cisco
CVRFPID-213661 affected Cisco
CVRFPID-213700 affected Cisco
CVRFPID-213776 affected Cisco
CVRFPID-213777 affected Cisco
CVRFPID-213778 affected Cisco
CVRFPID-213779 affected Cisco
CVRFPID-213781 affected Cisco
CVRFPID-213790 affected Cisco
CVRFPID-213797 affected Cisco
CVRFPID-213809 affected Cisco
CVRFPID-213811 affected Cisco
CVRFPID-213812 affected Cisco
CVRFPID-214993 affected Cisco
CVRFPID-217234 affected Cisco
CVRFPID-217253 affected Cisco
CVRFPID-217261 affected Cisco
CVRFPID-217262 affected Cisco
CVRFPID-217263 affected Cisco
CVRFPID-217264 affected Cisco
CVRFPID-217265 affected Cisco
CVRFPID-217266 affected Cisco
CVRFPID-217267 affected Cisco
CVRFPID-217268 affected Cisco
CVRFPID-217270 affected Cisco
CVRFPID-217271 affected Cisco
CVRFPID-217272 affected Cisco
CVRFPID-217273 affected Cisco
CVRFPID-217276 affected Cisco
CVRFPID-217279 affected Cisco
CVRFPID-217280 affected Cisco
CVRFPID-217282 affected Cisco
CVRFPID-217283 affected Cisco
CVRFPID-220290 affected Cisco
CVRFPID-220357 affected Cisco
CVRFPID-220489 affected Cisco
CVRFPID-220517 affected Cisco
CVRFPID-220688 affected Cisco
CVRFPID-220993 affected Cisco
CVRFPID-221108 affected Cisco
CVRFPID-222257 affected Cisco
CVRFPID-222435 affected Cisco
CVRFPID-222693 affected Cisco
CVRFPID-222694 affected Cisco
CVRFPID-222695 affected Cisco
CVRFPID-222925 affected Cisco
CVRFPID-222942 affected Cisco
CVRFPID-223018 affected Cisco
CVRFPID-223019 affected Cisco
CVRFPID-223241 affected Cisco
CVRFPID-223252 affected Cisco
CVRFPID-224424 affected Cisco
CVRFPID-224702 affected Cisco
CVRFPID-224840 affected Cisco
CVRFPID-225099 affected Cisco
CVRFPID-225168 affected Cisco
CVRFPID-225359 affected Cisco
CVRFPID-225466 affected Cisco
CVRFPID-225568 affected Cisco
CVRFPID-225569 affected Cisco
CVRFPID-225832 affected Cisco
CVRFPID-226078 affected Cisco
CVRFPID-226160 affected Cisco
CVRFPID-226331 affected Cisco
CVRFPID-226354 affected Cisco
CVRFPID-227556 affected Cisco
CVRFPID-227923 affected Cisco
CVRFPID-228193 affected Cisco
CVRFPID-228194 affected Cisco
CVRFPID-230240 affected Cisco
CVRFPID-230302 affected Cisco
CVRFPID-230303 affected Cisco
CVRFPID-230998 affected Cisco
CVRFPID-231004 affected Cisco
CVRFPID-296860 affected Cisco
Upstream advisory

cisco-sa-20171101-aironet2

Cisco PSIRT2017-11-01

Cisco Aironet 1560, 2800, and 3800 Series Access Point Platforms Extensible Authentication Protocol Denial of Service Vulnerability

CVEs:CVE-2017-12274

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-190024 affected Cisco
Upstream advisory

cisco-sa-20171101-aironet4

Cisco PSIRT2017-11-01

Cisco Aironet 3800 Series Access Points Protected Management Frames User Denial of Service Vulnerability

CVEs:CVE-2017-12283

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-190024 affected Cisco
Upstream advisory

cisco-sa-20171101-apicem

Cisco PSIRT2017-11-01

Cisco Application Policy Infrastructure Controller Enterprise Module Unauthorized Access Vulnerability

CVEs:CVE-2017-12262

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-209735 affected Cisco
Upstream advisory

cisco-sa-20171101-arce

Cisco PSIRT2017-11-01

Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance Command Injection Vulnerability

CVEs:CVE-2017-12243

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-112776 affected Cisco
CVRFPID-225888 affected Cisco
Upstream advisory

cisco-sa-20171101-fpwr

Cisco PSIRT2017-11-01

Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance Smart Licensing Command Injection Vulnerability

CVEs:CVE-2017-12277

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-225888 affected Cisco
Upstream advisory

cisco-sa-20171101-wlc1

Cisco PSIRT2017-11-01

Cisco Wireless LAN Controller Simple Network Management Protocol Memory Leak Denial of Service Vulnerability

CVEs:CVE-2017-12278

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-109059 affected Cisco
CVRFPID-109060 affected Cisco
CVRFPID-109061 affected Cisco
CVRFPID-114903 affected Cisco
CVRFPID-114904 affected Cisco
CVRFPID-114905 affected Cisco
CVRFPID-188676 affected Cisco
CVRFPID-194376 affected Cisco
CVRFPID-194377 affected Cisco
CVRFPID-194378 affected Cisco
CVRFPID-194379 affected Cisco
CVRFPID-194380 affected Cisco
CVRFPID-200677 affected Cisco
CVRFPID-200678 affected Cisco
CVRFPID-200772 affected Cisco
CVRFPID-202724 affected Cisco
CVRFPID-202725 affected Cisco
CVRFPID-202728 affected Cisco
CVRFPID-207941 affected Cisco
CVRFPID-208536 affected Cisco
CVRFPID-210367 affected Cisco
CVRFPID-210368 affected Cisco
CVRFPID-210976 affected Cisco
CVRFPID-210977 affected Cisco
CVRFPID-210978 affected Cisco
CVRFPID-210979 affected Cisco
CVRFPID-210980 affected Cisco
CVRFPID-210981 affected Cisco
CVRFPID-211322 affected Cisco
CVRFPID-222773 affected Cisco
CVRFPID-223146 affected Cisco
CVRFPID-230322 affected Cisco
CVRFPID-230394 affected Cisco
CVRFPID-230395 affected Cisco
CVRFPID-230396 affected Cisco
CVRFPID-230397 affected Cisco
CVRFPID-230403 affected Cisco
CVRFPID-230405 affected Cisco
CVRFPID-230406 affected Cisco
CVRFPID-230407 affected Cisco
CVRFPID-230408 affected Cisco
CVRFPID-230409 affected Cisco
CVRFPID-230410 affected Cisco
CVRFPID-230411 affected Cisco
CVRFPID-230844 affected Cisco
CVRFPID-230845 affected Cisco
CVRFPID-230848 affected Cisco
CVRFPID-230849 affected Cisco
CVRFPID-230850 affected Cisco
CVRFPID-230851 affected Cisco
CVRFPID-230852 affected Cisco
CVRFPID-230853 affected Cisco
CVRFPID-230854 affected Cisco
CVRFPID-230855 affected Cisco
CVRFPID-230909 affected Cisco
Upstream advisory

cisco-sa-20171101-wlc2

Cisco PSIRT2017-11-01

Cisco Wireless LAN Controller 802.11v Basic Service Set Transition Management Denial of Service Vulnerability

CVEs:CVE-2017-12275

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-202728 affected Cisco
CVRFPID-207941 affected Cisco
CVRFPID-210976 affected Cisco
CVRFPID-210977 affected Cisco
CVRFPID-210978 affected Cisco
CVRFPID-210979 affected Cisco
CVRFPID-210980 affected Cisco
CVRFPID-210981 affected Cisco
CVRFPID-222773 affected Cisco
CVRFPID-223146 affected Cisco
CVRFPID-230322 affected Cisco
CVRFPID-230394 affected Cisco
CVRFPID-230395 affected Cisco
CVRFPID-230396 affected Cisco
CVRFPID-230397 affected Cisco
CVRFPID-230403 affected Cisco
CVRFPID-230405 affected Cisco
CVRFPID-230407 affected Cisco
CVRFPID-230408 affected Cisco
CVRFPID-230409 affected Cisco
CVRFPID-230410 affected Cisco
CVRFPID-230844 affected Cisco
CVRFPID-230845 affected Cisco
Upstream advisory

cisco-sa-20171101-wlc4

Cisco PSIRT2017-11-01

Cisco Wireless LAN Controller Access Network Query Protocol Denial of Service Vulnerability

CVEs:CVE-2017-12282

Affected products

ProductStatusVendorPackageEcosystem
CVRFPID-7368 affected Cisco
Upstream advisory

Need live exploit intelligence?

Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.

All months Open Console