Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.19 views

Cisco NX-OS Software DHCP Options Command Injection (CVE-2015-0658)

The DHCP implementation in the PowerOn Auto Provisioning POAP feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589. This...

7.9CVSS5.9AI score0.01138EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/03/22 12:0 a.m.9 views

The vulnerability of the PowerOn Auto Provisioning (POAP) mechanism in the network operating system of Cisco NX-OS switches allows a perpetrator to gain access to other devices.

The vulnerability of the PowerOn Auto Provisioning POAP mechanism in the network operating system of Cisco NX-OS switches involves errors during the automated device deployment process. Exploiting this vulnerability allows a malicious actor to download and execute malicious configuration scenario...

6.8CVSS5.6AI score
Exploits0References2
Cisco
Cisco
added 2019/03/06 4:0 p.m.89 views

Action Recommended to Secure the Cisco Nexus PowerOn Auto Provisioning Feature

Cisco Nexus devices support an automatic provisioning or zero-touch deployment feature called PowerOn Auto Provisioning POAP. This feature assists in automating the initial deployment and configuration of Nexus switches. POAP is enabled by default and activates on devices that have no startup...

0.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2016/05/12 12:0 a.m.32 views

Cisco NX-OS Software DHCP Options Command Injection Vulnerability (Cisco-SA-20150327-CVE-2015-0658)

A vulnerability in DHCP code used with PowerOn Auto Provisioning POAP of Cisco NX-OS could allow an unauthenticated, adjacent attacker to inject arbitrary commands into the Cisco NX-OS device. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced...

7.9CVSS7.1AI score0.01138EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/04/27 12:0 a.m.55 views

Cisco NX-OS DHCP POAP Command Injection Vulnerability

The remote Cisco device is running a version of NX-OS software that is affected by a command injection vulnerability due to the PowerOn Auto Provisioning POAP feature not properly validating the DHCP options returned by POAP. An attacker on an adjacent network, using crafted DHCP packets, can...

7.9CVSS6.1AI score0.01138EPSS
Exploits0References2
CNVD
CNVD
added 2015/03/30 12:0 a.m.3 views

Cisco NX-OS PowerOn Auto Provisioning (POAP) Arbitrary Command Execution Vulnerability

Cisco NX-OS software is a data center-class operating system that embodies modular design, perpetuity, and maintainability. The Cisco NX-OS PowerOn Auto Provisioning POAP DHCP code fails to properly restrict the initialization process, allowing remote attackers to send specially crafted answer...

7.9CVSS7.7AI score0.01138EPSS
Exploits0References1
Rows per page
Query Builder