13 matches found
CVE-2022-20656
A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the system. This vulnerability is due...
CVE-2022-20722
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
Cross site scripting
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
CVE-2022-20720
Cisco IOx Application Hosting Environment (CVE-2022-20720) on multiple Cisco platforms is affected by a path traversal vulnerability due to insufficient path validation. An authenticated remote attacker can create a symbolic link within a deployed application and read or execute arbitrary code as...
CVE-2022-20725
Cisco IOx Application Hosting Environment on multiple Cisco platforms contains CVE-2022-20725, a cross-site scripting vulnerability in the web-based Local Manager interface. The issue arises from insufficient sanitization/validation of parameters and inputs in the IOx hosting environment (alongsi...
CVE-2022-20726
The CVE-2022-20726 issue concerns Cisco IOx Application Hosting Environment across multiple Cisco platforms. The connected sources provide concrete details: a denial-of-service vulnerability in the IOx Web server is caused by insufficient error handling of socket operations, permitting an unauthe...
CVE-2022-20719 Cisco IOx Application Hosting Environment Vulnerabilities
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
Cisco IOx Application Hosting Environment Vulnerabilities
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
Cisco IOS Software IOx Application Environment Path Traversal (cisco-sa-iox-pt-hWGcPf7g)
According to its self-reported version, Cisco IOS is affected by a vulnerability. - A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to conduct directory traversal attacks and read and write files on the...
Cisco IOx Application Environment Path Traversal Vulnerability
A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to conduct directory traversal attacks and read and write files on the underlying operating system or host system. This vulnerability occurs because the devic...
CVE-2019-12656
A vulnerability in the IOx application environment of multiple Cisco platforms could allow an unauthenticated, remote attacker to cause the IOx web server to stop processing HTTPS requests, resulting in a denial of service DoS condition. The vulnerability is due to a Transport Layer Security TLS...
Race condition
A vulnerability in the IOx application environment of multiple Cisco platforms could allow an unauthenticated, remote attacker to cause the IOx web server to stop processing HTTPS requests, resulting in a denial of service DoS condition. The vulnerability is due to a Transport Layer Security TLS...
Cisco Talos adds new Content Category
Our goal at Cisco Talos is to provide detailed and actionable information in order to let customers decide how best to protect their networks and users based on their needs. To this end, Cisco Talos is adding a new content category to Talos Intelligence. Starting on April 3, supported Cisco...