Lucene search
K

7 matches found

Prion
Prion
added 2017/11/30 9:29 a.m.13 views

Design/Logic Flaw

A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installin...

4.9CVSS4.7AI score0.00325EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2017/11/30 9:29 a.m.18 views

Command injection

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...

4.6CVSS7AI score0.00935EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2017/11/30 9:29 a.m.25 views

CVE-2017-12341

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation during the...

7.2CVSS6.9AI score0.0068EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/11/30 9:0 a.m.30 views

CVE-2017-12338

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. The vulnerability is due to insufficient input validation for a specific CLI command. An attacker could exploit this vulnerability by issuing a crafted...

5.9AI score0.00377EPSS
Exploits0References2
CVE
CVE
added 2017/11/30 9:0 a.m.72 views

CVE-2017-12332

CVE-2017-12332 affects Cisco NX-OS System Software on multiple Cisco Nexus series switches and UCS Manager. The issue stems from insufficient restrictions in the patch installation process, allowing an authenticated, local attacker with valid administrator credentials to install a crafted patch i...

4.9CVSS4.6AI score0.00325EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/11/30 9:0 a.m.36 views

CVE-2017-12335

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...

6.9AI score0.00935EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/11/30 9:0 a.m.26 views

CVE-2017-12336

A vulnerability in the TCL scripting subsystem of Cisco NX-OS System Software could allow an authenticated, local attacker to escape the interactive TCL shell and gain unauthorized access to the underlying operating system of the device. The vulnerability exists due to insufficient input validati...

5AI score0.00427EPSS
Exploits0References3
Rows per page
Query Builder