CVE-2017-12333

CVE-2017-12333 : Cisco NX-OS System Software contains a vulnerability that allows an authenticated, local attacker to bypass signature verification when loading a software image due to insufficient NX-OS signature verification. Affected products include Multilayer Director Switches, Nexus 7000 Se...

CVE-2017-12334

Cisco NX-OS System Software CLI Command Injection vulnerability (CVE-2017-12334) affects multiple Cisco NX-OS platforms (e.g., Multilayer Director Switches, Nexus 2000/3000/3500/5000/5500/5600/6000/7000/7700/9000 series and UCS Manager). Root cause: insufficient input validation of CLI command ar...

CVE-2017-12339

Summary: CVE-2017-12339 is a vulnerability in the CLI of Cisco NX-OS System Software that allows an authenticated, local attacker to perform a command injection due to insufficient input validation of CLI command arguments. The attacker could inject crafted arguments to execute arbitrary commands...

CVE-2017-12341

CVE-2017-12341 affects Cisco NX-OS System Software CLI. The issue arises from insufficient input validation during patch image installation, allowing an authenticated local attacker with valid admin credentials to execute arbitrary commands as root prior to patch activation. Affected platforms in...

CVE-2017-12354

The CVE-2017-12354 issue affects Cisco Secure Access Control System (ACS) web-based interface, where an unauthenticated, remote attacker can view sensitive system software version information. Root cause: the software does not adequately protect version information in responses to HTTP requests. ...

CVE-2017-12334

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation of command...

CVE-2017-12335

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...

CVE-2017-12351

A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container. An attacker would need valid administrator credentials to perform this attack. The vulnerability is due t...

Cisco NX-OS System Software Patch Signature Bypass Vulnerability

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. The vulnerability is due to insufficient NX-OS signature verification for software patches. An authenticated, local attacker could exploit th...

Cisco NX-OS System Software Image Signature Bypass Vulnerability

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. The vulnerability is due to insufficient NX-OS signature verification for software images. An authenticated, local attacker could exploit thi...

Cisco NX-OS System Software Guest Shell Unauthorized Internal Interface Access Vulnerability

A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container. An attacker would need valid administrator credentials to perform this attack. The vulnerability is due t...

Arbitrary file deletion

A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 SMB2 protocol. The vulnerability is due to the incorrect detection of an SMB2 fil...

CVE-2017-12300

A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 SMB2 protocol. The vulnerability is due to the incorrect detection of an SMB2 fil...

CVE-2017-12300

CVE-2017-12300 affects Cisco Firepower System Software’s SNORT detection engine. The vulnerability stems from incorrect SMB2 file detection when the file length is used for matching, allowing an unauthenticated, remote attacker to bypass a file policy blocking SMB2 traffic by sending a crafted SM...

CVE-2017-12300

A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 SMB2 protocol. The vulnerability is due to the incorrect detection of an SMB2 fil...

Cisco Firepower System Software Server Message Block Version 2 File Policy Bypass Vulnerability

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 SMB2 protocol. The vulnerability is due to the incorrect detection of an SMB2 file when...

CVE-2017-3883

CVE-2017-3883 affects Cisco FXOS and NX-OS System Software with AAA enabled. An unauthenticated remote attacker can brute-force login attempts, causing AAA processes to block keepalive messages; memory pressure can trigger AAA restart or device reload, leading to a denial of service. Affected pro...

CVE-2017-3883

A vulnerability in the authentication, authorization, and accounting AAA implementation of Cisco Firepower Extensible Operating System FXOS and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability occurs because AAA process...

Ukraine Police Warns of New NotPetya-Style Large Scale CyberAttack

Remember NotPetya? The Ransomware that shut down thousands of businesses, organisations and banks in Ukraine as well as different parts of Europe in June this year. Now, Ukrainian government authorities are once again warning its citizens to brace themselves for next wave of "large-scale"...

Cisco Firepower System Software Denial of Service Vulnerability (CNVD-2017-33345)

Cisco 3000 Series Industrial Security Appliances ISR and others are security firewall appliances from Cisco.Firepower System Software is a set of firewall software used in them. A security vulnerability exists in the inspection engine of the Firepower System Software in several Cisco products whe...