PT-2024-6114

Name of the Vulnerable Software and Affected Versions Cisco NX-OS Software affected versions not specified Description A vulnerability in the Python interpreter could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying...

Cisco IOS XR Security Vulnerability

Cisco IOS XR is a set of operating systems developed by the U.S.-based Cisco for its network devices. A security vulnerability exists in the Cisco IOS XR Software that stems from a security flaw in the Access Control Lists ACLs on MPLS interfaces that allows an unauthenticated attacker to bypass...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software IPv6 VPN. An attacker...

Cisco IOS XE SD-WAN Software 资源管理错误漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. An elevation of privilege vulnerability exists in the CLI management for SD-WAN in Cisco IOS XE. The vulnerability stems from a problem with the way the software handles concurren...

Cisco IOS XE HTTP Server Denial of Service Vulnerability

Cisco IOS XE is a set of operating systems developed by Cisco for its network devices. A denial of service vulnerability exists in the HTTP server code of Cisco IOS XE. The vulnerability stems from a logic error in the logging mechanism. An attacker could exploit this vulnerability to cause the...

Cisco IOS XR Input Validation Error Vulnerability (CNVD-2019-46439)

Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. An input validation error vulnerability exists in the Intermediate System to Intermediate System IS-IS routing protocol in Cisco IOS XR versions 6.5.1 through 6.6.3, which stems fro...

The vulnerability of the command-line interface of the Cisco NX-OSS network operating system devices allows a attacker to obtain the user’s encrypted SSH key or import an encrypted SSH key protected by a password.

The vulnerability of the command-line interface of the Cisco NX-OSS network operating system is related to errors in managing SSH keys. Exploiting this vulnerability can allow an attacker to obtain a secret SSH key of a user or import a secret SSH key protected by a password...

The vulnerability of the NX-API Sandbox interface of the Cisco NX-OS routing system’s Cisco routers allows attackers to perform cross-site scripting attacks.

The vulnerability of the NX-API Sandbox network operating system of Cisco NX-OS routers is related to insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the Event Management Service daemon (emsd) on the Cisco IOS XR operating system allows a hacker to trigger a service failure.

The vulnerability of the Event Management Service daemon emsd on the Cisco IOS XR operating system is related to insufficient validation of input data during gRPC requests. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially crafted gRPC requests...

The vulnerability of the Simple Network Management Protocol packet processor in the Cisco NX-OS operating system allows a attacker to trigger a service failure.

The vulnerability of the Simple Network Management Protocol SNMP packet handler in the Cisco NX-OS operating system arises due to errors in the data block verification of the SNMP protocol. Exploiting this vulnerability can allow a malicious actor to perform a reboot on the device remotely...

Cisco IOS Software Denial of Service Vulnerability (CNVD-2017-06812)

Cisco IOS is the interconnected Internet operating system used on most Cisco Systems routers and network switches. A denial of service vulnerability exists in the Event Management Service daemon emsd of the Cisco IOS XR router, which stems from an incorrect handling of gRPC requests. An...

Cisco IOS and IOS XE Software ZBFW Feature Security Bypass Vulnerability

Cisco IOS and IOS XE Software are operating systems developed by Cisco for its network devices.Zone-Based Firewall ZBFW is one of the policy firewall components. A security bypass vulnerability exists in the ZBFW feature in Cisco IOS and IOS XE Software, which stems from the program failing to...

VulnCheck KEV: CVE-2016-1409

The Neighbor Discovery ND protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service packet-processing outage via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild...

Cisco IOS and IOS XE Software DHCPv6 relay denial of service vulnerability

Cisco IOS and IOS XE Software are both operating systems developed by Cisco for its network devices. A denial of service vulnerability exists in the DHCP version 6 DHCPv6 relay feature of Cisco IOS and IOS XE Software. A remote attacker could exploit this vulnerability by sending a specially...