205 matches found
CVE-2018-15368 Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...
CVE-2018-0477
The CVE-2018-0477 entry describes a local, command-injection vulnerability in the CLI parser of Cisco IOS XE Software. An authenticated attacker with Privilege Level 15 can exploit improper sanitization of CLI command arguments to access internal data structures and execute arbitrary root command...
Cisco IOS XE Software CLI Parser Command Injection Vulnerability (CNVD-2018-20299)
Cisco IOS XE Software is an operating system developed by Cisco for its network devices.CLI parser is one of the command line command parsers. A command injection vulnerability exists in the CLI parser in Cisco IOS XE Software, which arises from an affected application failing to properly filter...
Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...
Cisco IOS XE Software Command Injection Vulnerabilities
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerabilities exist because the affected software improperly sanitizes command...
Cisco Enterprise NFV Infrastructure Software Secure Copy Protocol Server Input Validation Vulnerability
Cisco Enterprise NFV Infrastructure Software NFVIS is a suite of NVF infrastructure software platforms from the U.S.-based Cisco. The platform enables full lifecycle management of virtualization services through a central coordinator and controller. secure copy protocol SCP server is one of the...
Cisco Warns of Three Critical Bugs in Digital Network Architecture Platform
Cisco Systems patched three bugs on Wednesday that are rated critical, tied to its Digital Network Architecture DNA Center platform. Cisco also warned of four additional vulnerabilities – each rated high. All of the vulnerabilities have available patches for mitigation. All three of the critical...
CVE-2018-0279
A vulnerability in the Secure Copy Protocol SCP server of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation of...
Cisco IOS XE Software CLI Parser OS Command Injection Vulnerability
Cisco IOS XE Software is an operating system developed by Cisco for its network devices.CLI parser is one of the command line command parsers. The CLI parser in Cisco IOS XE Software is vulnerable to an operating system command injection vulnerability that arises from a program that fails to...
Cisco IOS XE Software CLI Parser Command Injection Vulnerability (CNVD-2018-08180)
Cisco IOS XE Software is an operating system developed by Cisco for its network devices.CLI parser is one of the command line command parsers. A command injection vulnerability exists in the CLI parser in Cisco IOS XE Software, which arises from the program's failure to adequately filter command...
Design/Logic Flaw
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0194
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0194
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0194
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0194
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0194
Cisco IOS XE Software CLI Command Injection vulnerabilities affect the CLI parser, allowing an authenticated, local attacker to submit malicious commands that reach the Linux shell with root privileges due to insufficient sanitization of command arguments. This could enable full device compromise...
Cisco IOS XE Software CLI Parser Command Injection Vulnerability
Cisco IOS XE Software is an operating system developed by Cisco for its network devices.CLI parser is one of the command line command parsers. A command injection vulnerability exists in the CLI parser in Cisco IOS XE Software, which arises from the program's failure to adequately filter command...
CVE-2018-0193
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0193
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0183
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...