30 matches found
CVE-2020-13122
The novish command-line interface, included in NoviFlow NoviWare before NW500.2.12 and deployed on NoviSwitch devices, is vulnerable to command injection in the "show status destination ipaddr" command. This could be used by a read-only user monitoring group or admin to execute commands on the...
CVE-2020-13122
The novish command-line interface, included in NoviFlow NoviWare before NW500.2.12 and deployed on NoviSwitch devices, is vulnerable to command injection in the "show status destination ipaddr" command. This could be used by a read-only user monitoring group or admin to execute commands on the...
Command injection
The novish command-line interface, included in NoviFlow NoviWare before NW500.2.12 and deployed on NoviSwitch devices, is vulnerable to command injection in the "show status destination ipaddr" command. This could be used by a read-only user monitoring group or admin to execute commands on the...
CVE-2020-13122
The novish command-line interface, included in NoviFlow NoviWare before NW500.2.12 and deployed on NoviSwitch devices, is vulnerable to command injection in the "show status destination ipaddr" command. This could be used by a read-only user monitoring group or admin to execute commands on the...
CVE-2020-13122
The CVE-2020-13122 entry concerns the novish command-line interface in NoviFlow NoviWare prior to NW500.2.12, deployed on NoviSwitch devices. The vulnerability is a command-injection in the CLI command “show status destination ipaddr,” allowing a read-only monitoring user or an admin to execute a...
The vulnerability of the ACL component of the NoviWare operating system allows a attacker to gain access to the network interface of the novi_process_manager_daemon service and execute arbitrary code in privileged mode on the switch.
The vulnerability of NoviWare’s operating system component stems from the improper handling of unserialized network packets, which leads to buffer overflows on the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the application of ACL modifications,...
The vulnerability of NoviWare’s operating system component, caused by a buffer overflow in the stack, allows an attacker to execute arbitrary code.
The vulnerability of NoviWare’s operating system component lies in the overflow of memory in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the application of ACL changes, using specially crafted network packets containing operating system...
The vulnerability of the NoviWare operating system arises from buffer overflows during the execution of the “show log cli” command, allowing an attacker to gain superuser privileges.
The vulnerability of the NoviWare operating system arises due to an overflow in the buffer during the processing of the “show log cli” command. Exploiting this vulnerability allows a malicious actor, who operates remotely and has read access to data, to gain superuser privileges by using the...
NoviFlow NoviWare and NoviSwitch Device Buffer Overflow Vulnerability
NoviFlow NoviWare and NoviSwitch devices are both products of NoviFlow Canada.NoviSwitch devices are a series of switching devices.NoviWare is the switching software used in... A buffer overflow vulnerability exists in the 'show log cli' command in the novish command line interface in NoviFlow...
NoviFlow NoviWare and NoviSwitch Device Stack Buffer Overflow Vulnerability
NoviFlow NoviWare and NoviSwitch devices are both products of NoviFlow Canada.NoviSwitch devices are a series of switching devices.NoviWare is the switching software used in... A stack buffer overflow vulnerability exists in the Network interface of the cliengine and noviengine services in NoviFl...
NoviFlow NoviWare and NoviSwitch Device Remote Code Execution Vulnerability
NoviFlow NoviWare and NoviSwitch devices are both products of NoviFlow Canada.NoviSwitch devices are a series of switching devices.NoviWare is the switching software used in... A security vulnerability exists in the network interface of noviprocessmanagerdaemon in NoviFlow NoviWare NW400.2.6 and...
CVE-2017-12786
Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be...
CVE-2017-12787
A network interface of the noviprocessmanagerdaemon service, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be...
Stack overflow
A network interface of the noviprocessmanagerdaemon service, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be...
CVE-2017-12785
The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. This could be used by a read-only user monitor role to gain privileged root code execution on the...
Stack overflow
Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be...
Command injection
The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. This could be used by a read-only user monitor role to gain privileged root code execution on the...
CVE-2017-12785
The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. This could be used by a read-only user monitor role to gain privileged root code execution on the...
CVE-2017-12786
Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be...
CVE-2017-12786
The CVE-2017-12786 entry affects NoviFlow NoviWare NW400.2.6 and NoviSwitch devices. A stack-based buffer overflow in the cliengine/noviengine network interfaces can be triggered during ACL modifications, allowing remote, unauthenticated attackers to achieve privileged (root) code execution on th...