Lucene search
K

91 matches found

ThreatPost
ThreatPost
added 2019/09/17 3:24 p.m.82 views

Cisco Extends Patch for IPv6 DoS Vulnerability

Cisco has extended its patch for a high-severity IPv6 denial-of-service DoS vulnerability that was first addressed in 2016. The bug CVE-2016-1409 is a vulnerability in the IPv6 packet processing functions of multiple Cisco products, which could allow an unauthenticated, remote attacker to cause a...

5CVSS1.3AI score0.03823EPSS
Exploits0References7
CVE
CVE
added 2019/03/11 10:0 p.m.73 views

CVE-2019-1615

CVE-2019-1615 concerns Cisco NX-OS Software Image Signature Verification. Affected: Nexus 3000 Series switches; Nexus 9000 Series Fabric Switches in ACI Mode; Nexus 9000 Series in Standalone NX-OS Mode; Nexus 9500 R‑Series Line Cards and Fabric Modules. Root cause: improper verification of digita...

6.7CVSS6.3AI score0.00244EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2019/03/11 10:0 p.m.11 views

CVE-2019-1611 Cisco FXOS and NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1611)

A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI...

4.2CVSS7.2AI score0.00463EPSS
Exploits0References2
Prion
Prion
added 2019/03/11 9:29 p.m.25 views

Input validation

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability is due to improper verification of digital signature...

4.6CVSS6.3AI score0.00244EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/03/11 9:29 p.m.16 views

CVE-2019-1611

A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI...

7.2CVSS5.8AI score0.00463EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/03/08 8:0 p.m.30 views

CVE-2019-1609 Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1609)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker coul...

4.2CVSS6.6AI score0.00894EPSS
Exploits1References2
Prion
Prion
added 2019/03/08 7:29 p.m.16 views

Input validation

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator. The vulnerability is due to improper implementation of filesystem permissions. An attacker...

7.2CVSS7.3AI score0.00372EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/03/08 7:29 p.m.20 views

CVE-2019-1603

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to escalate lower-level privileges to the administrator level. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by authenticating to the...

7.8CVSS7.7AI score0.0031EPSS
Exploits0References2
NVD
NVD
added 2019/03/08 7:29 p.m.22 views

CVE-2019-1602

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator. The vulnerability is due to improper implementation of filesystem permissions. An attacker...

7.8CVSS7.4AI score0.00372EPSS
Exploits0References2
OSV
OSV
added 2019/03/08 7:29 p.m.5 views

CVE-2019-1604

A vulnerability in the user account management interface of Cisco NX-OS Software could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to an incorrect authorization check of user accounts and their associated Group ID GID. An...

7.8CVSS7.2AI score0.00424EPSS
Exploits0References2
NVD
NVD
added 2019/03/08 7:29 p.m.20 views

CVE-2019-1604

A vulnerability in the user account management interface of Cisco NX-OS Software could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to an incorrect authorization check of user accounts and their associated Group ID GID. An...

7.8CVSS7.5AI score0.00424EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/03/07 8:0 p.m.27 views

CVE-2019-1600 Cisco FXOS and NX-OS Software Unauthorized Directory Access Vulnerability

A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive information that is stored in the file system of an affected system. The vulnerability is due to improper implementation of file system...

6.7CVSS4.3AI score0.00384EPSS
Exploits0References3
CVE
CVE
added 2019/03/07 8:0 p.m.69 views

CVE-2019-1600

CVE-2019-1600 concerns Cisco FXOS and NX-OS software. The vulnerability arises from improper file system permissions, allowing an authenticated, local attacker to access or modify restricted files and potentially expose sensitive data stored on the system. Affected products include Cisco FXOS/NX-...

6.7CVSS4.6AI score0.00384EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2019/03/07 7:0 p.m.15 views

CVE-2019-1596 Cisco NX-OS Software Bash Shell Privilege Escalation Vulnerability

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root. The attacker must authenticate with valid user credentials. The vulnerability is due to incorrect permissions of a system executable. A...

7.8CVSS6.9AI score0.00325EPSS
Exploits0References2
Prion
Prion
added 2018/07/11 6:29 p.m.17 views

Design/Logic Flaw

Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 FPC-P1, FPC-P2 line cards or PTX1K to crash and restart. By continuously sending specific MPLS packets, an attacker can repeatedly crash the line cards or PTX1K causing a sustained Denial of Service. Affected releases are Juniper...

5CVSS7.4AI score0.02425EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2018/07/11 6:29 p.m.4 views

Junos OS: MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) and PTX1K: Line card may crash upon receipt of specific MPLS packet.

Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 FPC-P1, FPC-P2 line cards or PTX1K to crash and restart. By continuously sending specific MPLS packets, an attacker can repeatedly crash the line cards or PTX1K causing a sustained Denial of Service. Affected releases are Juniper...

7.5CVSS5.5AI score0.02425EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2018/07/11 6:29 p.m.6 views

CVE-2018-0030

Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 FPC-P1, FPC-P2 line cards or PTX1K to crash and restart. By continuously sending specific MPLS packets, an attacker can repeatedly crash the line cards or PTX1K causing a sustained Denial of Service. Affected releases are Juniper...

7.5CVSS5.8AI score0.02425EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/07/11 6:0 p.m.22 views

CVE-2018-0030 Junos OS: MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) and PTX1K: Line card may crash upon receipt of specific MPLS packet.

Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 FPC-P1, FPC-P2 line cards or PTX1K to crash and restart. By continuously sending specific MPLS packets, an attacker can repeatedly crash the line cards or PTX1K causing a sustained Denial of Service. Affected releases are Juniper...

7.5CVSS7.5AI score0.02425EPSS
Exploits0References3
Prion
Prion
added 2018/06/20 9:29 p.m.17 views

Command injection

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting...

7.2CVSS7.7AI score0.00564EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/01/31 8:29 p.m.19 views

Race condition

A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router ASR 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service DoS condition. The...

7.8CVSS8.4AI score0.02688EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder