Lucene search
K

318 matches found

BDU FSTEC
BDU FSTEC
added 2018/01/24 12:0 a.m.4 views

The vulnerability of the command-line interface (CLI) of the NX-OS operating system of the Cisco Unified Computing System Central device’s centralized device management system allows a attacker to execute any command they desire.

The vulnerability of the command-line interface CLI of the NX-OS operating system of the Cisco Unified Computing System Central device management system exists due to insufficient verification of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary commands with...

7.2CVSS5.9AI score0.00603EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2018/01/24 12:0 a.m.7 views

The vulnerability of the NX-OS operating system of the Cisco Unified Computing System Central device management system is related to incorrect verification of the cryptographic signature of data. This allows a perpetrator to bypass the signature verification during the loading of updates.

The vulnerability of the NX-OS operating system of the Cisco Unified Computing System Central device management system is related to incorrect verification of the cryptographic signature of data. Exploiting this vulnerability could allow an attacker to bypass the signature verification and downlo...

7.2CVSS5.5AI score0.00233EPSS
Exploits0References3Affected Software2
Symantec
Symantec
added 2018/01/03 12:0 a.m.256 views

Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability

Description Multiple CPU Hardware are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Apple Mac Os X 10.11.6 Apple iOS 11.2 Apple macOS 10.12.6 Apple macOS 10.13.2 Apple tvOS...

4.7CVSS5.9AI score0.93838EPSS
Exploits13References6Affected Software54
CNVD
CNVD
added 2017/12/04 12:0 a.m.6 views

Cisco UCS Central Software Session Fixation Vulnerability

Cisco UCS Central Software is the United States Cisco Cisco company's set of global Cisco UCS Unified Computing System resources for server management and monitoring solutions. A session fixation vulnerability exists in the web-based management interface in Cisco UCS Central Software. A remote...

5.4CVSS6.9AI score0.00891EPSS
Exploits0References1
Prion
Prion
added 2017/11/30 9:29 a.m.19 views

Input validation

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. The vulnerability is due to insufficient input validation for a specific CLI command. An attacker could exploit this vulnerability by issuing a crafted...

2.1CVSS5.8AI score0.00377EPSS
Exploits0References2Affected Software3
OSV
OSV
added 2017/11/30 9:29 a.m.2 views

CVE-2017-12335

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...

6.3CVSS6AI score0.00935EPSS
Exploits0References3
Prion
Prion
added 2017/11/30 9:29 a.m.13 views

Design/Logic Flaw

A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installin...

4.9CVSS4.7AI score0.00325EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2017/11/30 9:29 a.m.24 views

CVE-2017-12341

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation during the...

7.2CVSS6.9AI score0.0068EPSS
Exploits0References2
Prion
Prion
added 2017/11/30 9:29 a.m.12 views

Command injection

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation during the...

7.2CVSS6.9AI score0.0068EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2017/11/30 9:29 a.m.18 views

Command injection

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...

4.6CVSS7AI score0.00935EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2017/11/30 9:29 a.m.21 views

Design/Logic Flaw

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. The vulnerability is due to insufficient NX-OS signature verification for software images. An authenticated, local attacker could exploit thi...

4.6CVSS6.3AI score0.00227EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2017/11/30 9:29 a.m.15 views

CVE-2017-12332

A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installin...

4.9CVSS4.6AI score0.00325EPSS
Exploits0References3
OSV
OSV
added 2017/11/30 9:29 a.m.5 views

CVE-2017-12333

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. The vulnerability is due to insufficient NX-OS signature verification for software images. An authenticated, local attacker could exploit thi...

6.7CVSS5.8AI score0.00227EPSS
Exploits0References3
Prion
Prion
added 2017/11/30 9:29 a.m.19 views

Input validation

A vulnerability in the TCL scripting subsystem of Cisco NX-OS System Software could allow an authenticated, local attacker to escape the interactive TCL shell and gain unauthorized access to the underlying operating system of the device. The vulnerability exists due to insufficient input validati...

4.6CVSS5.1AI score0.00427EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2017/11/30 9:29 a.m.3 views

CVE-2017-12331

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. The vulnerability is due to insufficient NX-OS signature verification for software patches. An authenticated, local attacker could exploit th...

6.7CVSS5.8AI score0.00233EPSS
Exploits0References3
NVD
NVD
added 2017/11/30 9:29 a.m.28 views

CVE-2017-12338

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. The vulnerability is due to insufficient input validation for a specific CLI command. An attacker could exploit this vulnerability by issuing a crafted...

6CVSS5.9AI score0.00377EPSS
Exploits0References2
Prion
Prion
added 2017/11/30 9:29 a.m.23 views

Design/Logic Flaw

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. The vulnerability is due to insufficient NX-OS signature verification for software patches. An authenticated, local attacker could exploit th...

7.2CVSS6.3AI score0.00233EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2017/11/30 9:29 a.m.20 views

Command injection

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation of command...

7.2CVSS6.9AI score0.00603EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2017/11/30 9:29 a.m.6 views

CVE-2017-12332

A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installin...

4.4CVSS5.9AI score0.00325EPSS
Exploits0References3
OSV
OSV
added 2017/11/30 9:29 a.m.3 views

CVE-2017-12341

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation during the...

6.7CVSS6AI score0.0068EPSS
Exploits0References2
Rows per page
Query Builder