6 matches found
Cisco NX-OS Software DHCP Options Command Injection (CVE-2015-0658)
The DHCP implementation in the PowerOn Auto Provisioning POAP feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589. This...
The vulnerability of the PowerOn Auto Provisioning (POAP) mechanism in the network operating system of Cisco NX-OS switches allows a perpetrator to gain access to other devices.
The vulnerability of the PowerOn Auto Provisioning POAP mechanism in the network operating system of Cisco NX-OS switches involves errors during the automated device deployment process. Exploiting this vulnerability allows a malicious actor to download and execute malicious configuration scenario...
Action Recommended to Secure the Cisco Nexus PowerOn Auto Provisioning Feature
Cisco Nexus devices support an automatic provisioning or zero-touch deployment feature called PowerOn Auto Provisioning POAP. This feature assists in automating the initial deployment and configuration of Nexus switches. POAP is enabled by default and activates on devices that have no startup...
Cisco NX-OS Software DHCP Options Command Injection Vulnerability (Cisco-SA-20150327-CVE-2015-0658)
A vulnerability in DHCP code used with PowerOn Auto Provisioning POAP of Cisco NX-OS could allow an unauthenticated, adjacent attacker to inject arbitrary commands into the Cisco NX-OS device. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced...
Cisco NX-OS DHCP POAP Command Injection Vulnerability
The remote Cisco device is running a version of NX-OS software that is affected by a command injection vulnerability due to the PowerOn Auto Provisioning POAP feature not properly validating the DHCP options returned by POAP. An attacker on an adjacent network, using crafted DHCP packets, can...
Cisco NX-OS PowerOn Auto Provisioning (POAP) Arbitrary Command Execution Vulnerability
Cisco NX-OS software is a data center-class operating system that embodies modular design, perpetuity, and maintainability. The Cisco NX-OS PowerOn Auto Provisioning POAP DHCP code fails to properly restrict the initialization process, allowing remote attackers to send specially crafted answer...