Lucene search
K

108 matches found

Tenable Nessus
Tenable Nessus
added 2023/02/09 12:0 a.m.46 views

Cisco IOS XE Software IOx Application Hosting Environment Command Injection (cisco-sa-iox-8whGn5dL)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an...

8.8CVSS8.6AI score0.01506EPSS
Exploits0References3
Cisco
Cisco
added 2023/02/01 4:0 p.m.131 views

Cisco IOx Application Hosting Environment Command Injection Vulnerability

A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an...

7.2CVSS8.1AI score0.01506EPSS
Exploits0References1
Trellix
Trellix
added 2023/02/01 12:0 a.m.26 views

When Pwning Cisco Persistence Is Key When Pwning Supply Chain Cisco Is Key

When Pwning Cisco, Persistence is Key - When Pwning Supply Chain, Cisco is Key By Trellix · February 1, 2023 This story was also written by Kasimir Schulz and Sam Quinn. Unlike those of the past, modern routers now function like high-powered servers with many ethernet ports running not only routi...

8.8CVSS10AI score0.01506EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/04/22 12:0 a.m.30 views

Cisco IOS Software IOx Application Hosting Environment (cisco-sa-iox-yuXQ6hFj)

According to its self-reported version, Cisco IOS is affected by multiple vulnerabilities: - Multiple parameter injection vulnerabilities in the Cisco IOx application hosting environment. Due to incomplete sanitization of parameters that are part of an application package, an authenticated, remot...

9CVSS6.8AI score0.02531EPSS
Exploits4References24
NVD
NVD
added 2022/04/15 3:15 p.m.23 views

CVE-2022-20724

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

7.6CVSS0.0124EPSS
Exploits1References2
OSV
OSV
added 2022/04/15 3:15 p.m.4 views

CVE-2022-20721

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

4.9CVSS6.1AI score0.01232EPSS
Exploits0References2
NVD
NVD
added 2022/04/15 3:15 p.m.23 views

CVE-2022-20718

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

9CVSS0.02325EPSS
Exploits1References2
NVD
NVD
added 2022/04/15 3:15 p.m.25 views

CVE-2022-20722

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

6.8CVSS0.01232EPSS
Exploits0References2
NVD
NVD
added 2022/04/15 3:15 p.m.23 views

CVE-2022-20721

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

6.8CVSS0.01232EPSS
Exploits0References2
NVD
NVD
added 2022/04/15 3:15 p.m.22 views

CVE-2022-20719

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

9CVSS0.02531EPSS
Exploits1References2
NVD
NVD
added 2022/04/15 3:15 p.m.22 views

CVE-2022-20720

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

9CVSS0.01414EPSS
Exploits0References2
NVD
NVD
added 2022/04/15 3:15 p.m.25 views

CVE-2022-20727

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

7.2CVSS0.01043EPSS
Exploits0References1
NVD
NVD
added 2022/04/15 3:15 p.m.34 views

CVE-2022-20723

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

9CVSS0.01987EPSS
Exploits1References2
NVD
NVD
added 2022/04/15 3:15 p.m.23 views

CVE-2022-20726

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

7.5CVSS0.01057EPSS
Exploits0References1
Prion
Prion
added 2022/04/15 3:15 p.m.13 views

Cross site scripting

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

7.2CVSS6.4AI score0.00607EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/04/15 3:15 p.m.16 views

Cross site scripting

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

9CVSS6.7AI score0.01987EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/04/15 3:15 p.m.15 views

Cross site scripting

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

9CVSS6.7AI score0.02325EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/04/15 3:15 p.m.21 views

Cross site scripting

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

9CVSS6.7AI score0.01414EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/04/15 3:15 p.m.13 views

Cross site scripting

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

6.8CVSS5.3AI score0.01232EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/04/15 2:21 p.m.109 views

CVE-2022-20720

Cisco IOx Application Hosting Environment (CVE-2022-20720) on multiple Cisco platforms is affected by a path traversal vulnerability due to insufficient path validation. An authenticated remote attacker can create a symbolic link within a deployed application and read or execute arbitrary code as...

9CVSS6.4AI score0.01414EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder