327 matches found
CVE-2023-20064
A vulnerability in the GRand Unified Bootloader GRUB for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary comman...
CVE-2023-20049
A vulnerability in the bidirectional forwarding detection BFD hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote...
The vulnerability in the implementation of the Common Industrial Protocol (CIP) for Cisco IOS and Cisco IOS XE operating systems allows a perpetrator to trigger a service failure.
The vulnerability of the implementation of the Common Industrial Protocol CIP in Cisco IOS and Cisco IOS XE operating systems is related to insufficient validation of input data during the processing of CIP packets. Exploiting this vulnerability can allow a malicious actor to cause service...
CVE-2023-20050
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An...
The vulnerability in the implementation of the incoming packet processing function on Cisco IOS XR operating systems of the microprogramming-based switching software for Cisco Catalyst 3650, Cisco Catalyst 3850, and Cisco Catalyst 9300 devices arises from errors in processing parameter values related to the length of incoming data. This vulnerability allows an attacker to cause service interruptions.
The vulnerability of the incoming packet processing function in Cisco IOS XR operating systems of Cisco Catalyst 3650, Cisco Catalyst 3850, and Cisco Catalyst 9300 switches is related to errors in processing input data length parameters. Exploiting this vulnerability can allow an attacker to caus...
The vulnerability in the implementation of the SSH network protocol for Cisco IOS and Cisco IOS XE operating systems allows a hacker to cause a service failure.
The vulnerability of the SSH network protocol implementation in Cisco IOS and Cisco IOS XE operating systems is related to insufficient handling of exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
CVE-2022-20915
A vulnerability in the implementation of IPv6 VPN over MPLS 6VPE with Zone-Based Firewall ZBFW of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling of an IP...
Cisco IOS和Cisco IOS XE Software 安全漏洞
Cisco IOS and Cisco IOS XE Software are both products of Cisco, a U.S. company. cisco IOS is a set of operating systems developed for its network devices. cisco IOS XE Software is an operating system for enterprise wired and wireless access, aggregation, core, and WAN in a single operating system...
The vulnerability of DHCP option 82 for Cisco IOS and Cisco IOS XE operating systems allows a attacker to trigger a device reboot or cause a service failure.
The vulnerability of DHCP option 82 for Cisco IOS and Cisco IOS XE operating systems exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot or cause a service failure using a specially crafted DHCPv4 packet...
The vulnerability of Cisco IOS operating system loaders, related to security mechanism deficiencies, allows attackers to trigger service failures.
The vulnerability of Cisco IOS operating system loaders is related to security mechanisms that are flawed. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of the Border Gateway Protocol (BGP) implementation in the Ethernet VPN (EVPN) technology of the Cisco IOS XR operating system allows a attacker to cause a service failure.
The vulnerability of the Border Gateway Protocol BGP implementation of the Ethernet VPN EVPN technology in the Cisco IOS XR operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability of the Internet Key Exchange version 2 (IKEv2) function in Cisco IOS operating systems allows a hacker to induce a service failure.
The vulnerability of the Internet Key Exchange version 2 IKEv2 module in Cisco IOS operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
The vulnerability affects the implementation of the Control Point Access Point Wireless Provisioning Protocol (CAPWAP) on Cisco IOS XE operating systems, as well as Control Points and Cisco Catalyst 9800 and 9800-CL for Cloud wireless network controllers. This allows a malicious actor to cause service interruptions.
The vulnerability of the CAPWAP protocol implementation in Cisco IOS XE operating systems, as well as in Catalyst access points and Cisco Catalyst 9800 and 9800-CL for Cloud wireless network controllers, is related to an unvalidated return value that causes the zero pointer to be swapped...
The vulnerability in the packet management subsystem of the Remote Package Manager (RPM) of the Cisco IOS XR network operating system for Cisco 8000 series routers allows a attacker to access the Redis database running on the NOSi container.
The vulnerability of the package management subsystem of the Remote Package Manager RPM in Cisco IOS XR network operating systems for Cisco 8000 series routers is related to the exposure of protected information. Exploiting this vulnerability could allow an attacker to gain access to the Redis...
The vulnerability of the TCL-script interpreter (Tool Command Language) of the Cisco IOS XE operating system, which allows attackers to escalate their privileges.
The vulnerability of the TCL-script interpreter of the Cisco IOS XE operating system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
Cisco IOS XE 路径遍历漏洞
Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE. An attacker exploited the...
Cisco IOS XE Software 操作系统命令注入漏洞
Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. An operating system command injection vulnerability exists in Cisco IOS XE. Multiple...
VulnCheck KEV: CVE-2017-12238
A vulnerability in the Virtual Private LAN Service VPLS code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service...
VulnCheck KEV: CVE-2017-12235
A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service...
VulnCheck KEV: CVE-2017-12233
There is a vulnerability in the implementation of the Common Industrial Protocol CIP feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service...