Lucene search
K

327 matches found

ATTACKERKB
ATTACKERKB
added 2023/03/08 4:0 p.m.10 views

CVE-2023-20064

A vulnerability in the GRand Unified Bootloader GRUB for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary comman...

4.6CVSS5.9AI score0.00258EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/03/08 4:0 p.m.2 views

CVE-2023-20049

A vulnerability in the bidirectional forwarding detection BFD hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote...

8.6CVSS6AI score0.01046EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/03/01 12:0 a.m.6 views

The vulnerability in the implementation of the Common Industrial Protocol (CIP) for Cisco IOS and Cisco IOS XE operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the implementation of the Common Industrial Protocol CIP in Cisco IOS and Cisco IOS XE operating systems is related to insufficient validation of input data during the processing of CIP packets. Exploiting this vulnerability can allow a malicious actor to cause service...

8.6CVSS7.2AI score0.01014EPSS
Exploits0References3Affected Software2
ATTACKERKB
ATTACKERKB
added 2023/02/22 4:0 p.m.2 views

CVE-2023-20050

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An...

7.8CVSS6.1AI score0.00251EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/02/20 12:0 a.m.7 views

The vulnerability in the implementation of the incoming packet processing function on Cisco IOS XR operating systems of the microprogramming-based switching software for Cisco Catalyst 3650, Cisco Catalyst 3850, and Cisco Catalyst 9300 devices arises from errors in processing parameter values related to the length of incoming data. This vulnerability allows an attacker to cause service interruptions.

The vulnerability of the incoming packet processing function in Cisco IOS XR operating systems of Cisco Catalyst 3650, Cisco Catalyst 3850, and Cisco Catalyst 9300 switches is related to errors in processing input data length parameters. Exploiting this vulnerability can allow an attacker to caus...

8.6CVSS7.5AI score0.00841EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/01/23 12:0 a.m.9 views

The vulnerability in the implementation of the SSH network protocol for Cisco IOS and Cisco IOS XE operating systems allows a hacker to cause a service failure.

The vulnerability of the SSH network protocol implementation in Cisco IOS and Cisco IOS XE operating systems is related to insufficient handling of exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.7CVSS7.1AI score0.00801EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/09/28 4:0 p.m.5 views

CVE-2022-20915

A vulnerability in the implementation of IPv6 VPN over MPLS 6VPE with Zone-Based Firewall ZBFW of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling of an IP...

7.4CVSS7.1AI score0.0028EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/09/28 12:0 a.m.11 views

Cisco IOS和Cisco IOS XE Software 安全漏洞

Cisco IOS and Cisco IOS XE Software are both products of Cisco, a U.S. company. cisco IOS is a set of operating systems developed for its network devices. cisco IOS XE Software is an operating system for enterprise wired and wireless access, aggregation, core, and WAN in a single operating system...

7.7CVSS6.7AI score0.00801EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/08/02 12:0 a.m.10 views

The vulnerability of DHCP option 82 for Cisco IOS and Cisco IOS XE operating systems allows a attacker to trigger a device reboot or cause a service failure.

The vulnerability of DHCP option 82 for Cisco IOS and Cisco IOS XE operating systems exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot or cause a service failure using a specially crafted DHCPv4 packet...

8.6CVSS7.6AI score0.07758EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.5 views

The vulnerability of Cisco IOS operating system loaders, related to security mechanism deficiencies, allows attackers to trigger service failures.

The vulnerability of Cisco IOS operating system loaders is related to security mechanisms that are flawed. Exploiting this vulnerability can allow attackers to cause service failures...

4.9CVSS5.7AI score0.00216EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/07/01 12:0 a.m.9 views

The vulnerability of the Border Gateway Protocol (BGP) implementation in the Ethernet VPN (EVPN) technology of the Cisco IOS XR operating system allows a attacker to cause a service failure.

The vulnerability of the Border Gateway Protocol BGP implementation of the Ethernet VPN EVPN technology in the Cisco IOS XR operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

7.8CVSS6.1AI score0.05347EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/01 12:0 a.m.6 views

The vulnerability of the Internet Key Exchange version 2 (IKEv2) function in Cisco IOS operating systems allows a hacker to induce a service failure.

The vulnerability of the Internet Key Exchange version 2 IKEv2 module in Cisco IOS operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

8.6CVSS7.5AI score0.07331EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/06/10 12:0 a.m.7 views

The vulnerability affects the implementation of the Control Point Access Point Wireless Provisioning Protocol (CAPWAP) on Cisco IOS XE operating systems, as well as Control Points and Cisco Catalyst 9800 and 9800-CL for Cloud wireless network controllers. This allows a malicious actor to cause service interruptions.

The vulnerability of the CAPWAP protocol implementation in Cisco IOS XE operating systems, as well as in Catalyst access points and Cisco Catalyst 9800 and 9800-CL for Cloud wireless network controllers, is related to an unvalidated return value that causes the zero pointer to be swapped...

8.6CVSS6.5AI score0.01293EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/05/23 12:0 a.m.7 views

The vulnerability in the packet management subsystem of the Remote Package Manager (RPM) of the Cisco IOS XR network operating system for Cisco 8000 series routers allows a attacker to access the Redis database running on the NOSi container.

The vulnerability of the package management subsystem of the Remote Package Manager RPM in Cisco IOS XR network operating systems for Cisco 8000 series routers is related to the exposure of protected information. Exploiting this vulnerability could allow an attacker to gain access to the Redis...

6.5CVSS5.5AI score0.1176EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/20 12:0 a.m.7 views

The vulnerability of the TCL-script interpreter (Tool Command Language) of the Cisco IOS XE operating system, which allows attackers to escalate their privileges.

The vulnerability of the TCL-script interpreter of the Cisco IOS XE operating system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

5.2CVSS6.2AI score0.00272EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/04/13 12:0 a.m.3 views

Cisco IOS XE 路径遍历漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE. An attacker exploited the...

9CVSS7.2AI score0.01987EPSS
Exploits1References6
CNNVD
CNNVD
added 2022/04/13 12:0 a.m.5 views

Cisco IOS XE Software 操作系统命令注入漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. An operating system command injection vulnerability exists in Cisco IOS XE. Multiple...

9CVSS7.2AI score0.02325EPSS
Exploits1References5
VulnCheck KEV
VulnCheck KEV
added 2022/03/03 12:0 a.m.4 views

VulnCheck KEV: CVE-2017-12238

A vulnerability in the Virtual Private LAN Service VPLS code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service...

6.5CVSS6.6AI score0.02034EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2022/03/03 12:0 a.m.4 views

VulnCheck KEV: CVE-2017-12235

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service...

7.8CVSS7.1AI score0.07128EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2022/03/03 12:0 a.m.11 views

VulnCheck KEV: CVE-2017-12233

There is a vulnerability in the implementation of the Common Industrial Protocol CIP feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service...

7.8CVSS7.1AI score0.07128EPSS
Exploits0References1
Rows per page
Query Builder