• Cisco AMP for Endpoints Mac Connector Software Denial of Service Vulnerability

A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition.

Read more: Cisco Advisory

  • Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.

Read more: Cisco Advisory

  • Cisco Small Business 300 Series Managed Switches Persistent Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business 300 Series (Sx300) Managed Switches could allow an authenticated, remote attacker to conduct a persistent cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

Read more: Cisco Advisory

  • Cisco Small Business 300 Series Managed Switches Authenticated Reflected Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business 300 Series (Sx300) Managed Switches could allow an authenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

Read more: Cisco Advisory

  • Cisco Unified Communications Manager Reflected Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

Read more: Cisco Advisory

  • Cisco Web Security Appliance Reflected and Document Object Model-Based Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected or Document Object Model–based (DOM-based) cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

Read more: Cisco Advisory

  • Cisco Prime Collaboration Provisioning Unauthorized Password Change Denial of Service Vulnerability

A vulnerability in the password change function of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to cause the system to become inoperable.

The vulnerability is due to insufficient validation of a password change request. An attacker could exploit this vulnerability by changing a specific administrator account password. A successful exploit could allow the attacker to cause the affected device to become inoperable, resulting in a denial of service (DoS) condition.

Read more: Cisco Advisory

 

OUR SECURITY SERVICES INCLUDE:

FNS1 THREATcheck

 Register for your FREE Threat Check today: https://fns1.com/threatcheck/
Advertisements