174 matches found
LibMiner: Container-Based Cryptocurrency Miner Targeting Unprotected Redis Servers
Qualys is actively tracking threats which target containers. In our recent analysis, we have identified a few docker instances executing a malware which we term as “LibMiner”. This malware has the capability to deploy and execute Cryptominer. It uses a unique technique for lateral movement across...
Cisco NX-OS Software Bash Bypass Guest Shell (cisco-sa-20190515-nxos-bash-bypass)
According to its self-reported version, Cisco NX-OS Software is affected by following vulnerability in the Bash shell implementation due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An authenticated, local attacker c...
Cisco NX-OS Software Bash Shell Privilege Escalation Vulnerability
According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root. The attacker must authenticate with valid user credentials...
Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation Vulnerability
According to its self-reported version, a bash shell implementation for Cisco NX-OS software is affected access control bypass privilege vulnerability. An authenticated local attacker can escalate their privilege level by executing commands authorized to other user roles. TRUSTED...
Command injection
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must...
CVE-2019-1730
Cisco NX-OS Software contains a Bash bypass vulnerability (CVE-2019-1730) where the Bash shell invocation in the restricted Guest Shell can be exploited by an authenticated, local attacker to run commands at the network-admin level outside the Guest Shell. The root cause is the incorrect implemen...
Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must...
UBUNTU-CVE-2019-9804
In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with the native version of Bash o...
Design/Logic Flaw
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root. The attacker must authenticate with valid user credentials. The vulnerability is due to incorrect permissions of a system executable. A...
CVE-2019-1596 Cisco NX-OS Software Bash Shell Privilege Escalation Vulnerability
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root. The attacker must authenticate with valid user credentials. The vulnerability is due to incorrect permissions of a system executable. A...
CVE-2019-1596 Cisco NX-OS Software Bash Shell Privilege Escalation Vulnerability
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root. The attacker must authenticate with valid user credentials. The vulnerability is due to incorrect permissions of a system executable. A...
Cisco NX-OS Elevation of Privilege Vulnerability
Cisco NX-OS is a set of data center-grade operating system software used by switches. An elevation of privilege vulnerability exists in the Bash shell implementation of Cisco NX-OS. The vulnerability stems from a failure of the Bash shell commands to be implemented correctly, resulting in the...
Cisco NX-OS Software Privilege License and Access Control Vulnerability
Cisco Nexus 9500 R-Series Line Cards and Fabric Modules and so on are the products of Cisco Corporation.Cisco Nexus 9500 R-Series Line Cards and Fabric Modules is a 9500R Series Line Cards Modules.Cisco Nexus 3000 Series Switches is a 3000 Series Switch.Cisco Nexus 3500 Platform Switches is a 350...
CVE-2019-1593
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The vulnerability is due to th...
CVE-2019-1593
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The vulnerability is due to th...
Design/Logic Flaw
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The vulnerability is due to th...
CVE-2019-1593 Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation Vulnerability
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The vulnerability is due to th...
CVE-2019-1593 Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation Vulnerability
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The vulnerability is due to th...
CVE-2019-1593
Cisco NX-OS Software contains a vulnerability in the Bash shell implementation that allows a locally authenticated attacker to bypass RBAC and escalate privileges by executing commands intended for higher-privilege roles. The issue stems from an incorrect Bash shell command implementation that by...
Cisco NX-OS Software Bash Shell Privilege Escalation Vulnerability
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root. The attacker must authenticate with valid user credentials. The vulnerability is due to incorrect permissions of a system executable. A...