Lucene search
K

327 matches found

CNNVD
CNNVD
added 2024/07/01 12:0 a.m.5 views

Cisco NX-OS Software 操作系统命令注入漏洞

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. A command injection vulnerability exists in Cisco NX-OS Software, which arises from insufficient validation of parameters passed to specific configuration CLI commands, and...

6.7CVSS7.8AI score0.04271EPSS
Exploits1References3
VulnCheck KEV
VulnCheck KEV
added 2024/07/01 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-20399

Cisco NX-OS contains a command injection vulnerability in the command line interface CLI that could allow an authenticated, local attacker to execute commands as root on the underlying operating system of an affected device...

6.7CVSS7.4AI score0.04271EPSS
Exploits1References1
OSV
OSV
added 2024/03/27 6:15 p.m.6 views

CVE-2024-20308

A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap underflow, resulting in an affected device reloading. This vulnerability exists because crafted, fragmented IKEv1 packets are not properl...

7.5CVSS5.8AI score0.00803EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.8 views

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from a flaw in the...

8.6CVSS6.5AI score0.00816EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.5 views

多款Cisco产品安全漏洞

Cisco IOS and Cisco IOS XE Software are both products of Cisco, Inc.Cisco IOS is a set of operating systems developed for its network devices.Cisco IOS XE Software is an operating system. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE...

7.5CVSS6.9AI score0.00726EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.4 views

Cisco IOS 和 IOS XE Software 代码问题漏洞

Cisco IOS and Cisco IOS XE Software are both products of Cisco, Inc.Cisco IOS is a set of operating systems developed for its network devices.Cisco IOS XE Software is an operating system. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE...

7.4CVSS6.3AI score0.00258EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/03/25 12:0 a.m.5 views

The vulnerability of the Simple Network Management Plane (SNMP) server of the Cisco IOS operating system, which allows a hacker to bypass security restrictions

The vulnerability of the Simple Network Management Plane SNMP on the Cisco IOS operating system is related to deficiencies in access control based on Access Control Lists ACLs. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...

4.3CVSS5.5AI score0.0025EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/03/05 12:0 a.m.5 views

The vulnerability of the MPLS traffic processor of the Cisco NX-OS operating system allows a attacker to trigger a service failure.

The vulnerability of the MPLS traffic processor of the Cisco NX-OS operating system is related to copying data into a buffer without checking the size of the input data. Exploiting this vulnerability could allow an attacker to cause a service failure...

8.6CVSS7.8AI score0.00926EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.4 views

Cisco NX-OS Software Security Vulnerability

Cisco NX-OS Software is a set of data center-grade operating system software used by Cisco switches in the United States. A security vulnerability exists in Cisco NX-OS Software. An attacker could exploit this vulnerability to cause a denial of service...

8.6CVSS6.6AI score0.00709EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/10/09 12:0 a.m.7 views

The vulnerability of the Authentication, Authorization, and Accounting (AAA) function, as well as the SCP function of Cisco IOS and Cisco IOS XE operating systems, allows attackers to circumvent security restrictions and obtain or modify the configuration of vulnerable devices.

The vulnerability of the Authentication, Authorization, and Accounting AAA function and the SCP function of Cisco IOS and Cisco IOS XE operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions and obta...

8CVSS7.7AI score0.00586EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/10/06 12:0 a.m.9 views

The vulnerability in the function for protecting group IP traffic in the GET VPN implementation, based on the Group Domain of Interpretation (GDOI) and G-IKEv2 protocols, allows a attacker to execute arbitrary code, cause service failures, or gain full control over the application.

The vulnerability in the function for protecting group IP traffic in the GET VPN implementation of the Group Domain of Interpretation GDOI and G-IKEv2 protocols on Cisco IOS and IOS XE operating systems stems from the operation of operations beyond the buffer in memory when processing protocol...

7.1CVSS7.5AI score0.02344EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/10/05 12:0 a.m.7 views

The vulnerability of the Layer 2 Tunneling Protocol (L2TP) implementation in the Cisco IOS XE operating system allows a hacker to induce a service failure.

The vulnerability of the Layer 2 Tunneling Protocol L2TP implementation in the Cisco IOS XE operating system is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

8.6CVSS7.1AI score0.00653EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/10/05 12:0 a.m.6 views

The vulnerability of the Multicast Leaf Recycle Elimination (mLRE) function in the Cisco IOS XE operating system for Cisco ASR Series 1000 routers allows a attacker to trigger a service failure.

The vulnerability of the Multicast Leaf Recycle Elimination mLRE function in the Cisco IOS XE router operating system from the Cisco ASR series 1000 is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to trigger a service failure...

8.6CVSS7.2AI score0.00652EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/10/04 12:0 a.m.6 views

The vulnerability in the web interface of the Cisco IOS XE operating system allows a hacker to execute arbitrary commands.

The vulnerability of the Cisco IOS XE operating system’s web interface is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

9CVSS6.7AI score0.0074EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/09/27 12:0 a.m.4 views

Cisco IOS XE Software Input Validation Error Vulnerability

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from a flaw in th...

8.8CVSS7.1AI score0.0074EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/09/27 12:0 a.m.6 views

Cisco IOS XE Software Security Vulnerability

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from a flaw in th...

8.6CVSS6.7AI score0.00653EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/09/27 12:0 a.m.5 views

Cisco IOS Security Vulnerabilities

Cisco IOS is an operating system developed by Cisco for its network devices. A security vulnerability exists in the Cisco IOS software and Cisco IOS XE, which stems from a vulnerability in the authentication, authorization, and billing AAA functionality that could allow an authenticated, remote...

9.1CVSS6.9AI score0.00586EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/09/14 12:0 a.m.6 views

The vulnerability of the command-line interface of the Cisco operating system FX-OS in Cisco Firepower 1000, Firepower 2100, Firepower 4100, and Firepower 9300 Security Appliances allows a attacker to create or overwrite any file in the file system.

The vulnerability of the command-line interface of the Cisco operating system, Cisco FX-OS, in Cisco Firepower 1000, Firepower 2100, Firepower 4100, and Firepower 9300 Security Appliances, as well as the Secure Firewall 3100 Series, is related to the improper assignment of permissions for a...

4.6CVSS6.2AI score0.0017EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/04/13 12:0 a.m.11 views

The vulnerability of the CAPWAP control protocol implementation in the Cisco IOS XE operating system allows a attacker to trigger a service failure.

The vulnerability of the CAPWAP control protocol implementation in the Cisco IOS XE operating system is related to the use of resources with similar identifiers. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

6.8CVSS6.7AI score0.00775EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/03/22 4:0 p.m.4 views

CVE-2023-20029

A vulnerability in the Meraki onboarding feature of Cisco IOS XE Software could allow an authenticated, local attacker to gain root level privileges on an affected device. This vulnerability is due to insufficient memory protection in the Meraki onboarding feature of an affected device. An attack...

7.8CVSS5.9AI score0.00168EPSS
Exploits0References2
Rows per page
Query Builder