EUVD-2015-0772

Malware in sbrugna...

The vulnerability of the Cisco Unified Threat Defense Snort Intrusion Prevention System Engine’s operating system, Cisco IOS XE, related to the operation of data out of the buffer in memory. This allows attackers to bypass existing security restrictions and trigger a service failure.

The vulnerability of the Cisco Unified Threat Defense Snort Intrusion Prevention System Engine’s operating system, Cisco IOS XE, lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software, which stems from a...

Cisco NX-OS Software 输入验证错误漏洞

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. Cisco NX-OS Software suffers from an authentication error vulnerability that stems from incorrect input validation when TACACS+ and RADIUS process authentication attempts. ...

A week in security (June 5 - 11)

Last week on Malwarebytes Labs: Trusting AI not to lie: The cost of truth: Lock and Code S04E12 5 unusual cybersecurity tips that actually work The 2023 State of Ransomware in Education: 84% increase in attacks over 6-month period Information stealer compromises legitimate sites to attack other...

The vulnerability of the IPv4 Virtual Fragmentation Reassembly (VFR) function in Cisco IOS XE allows a attacker to trigger a service failure or cause a device to restart.

The vulnerability of the IPv4 Virtual Fragmentation Reassembly VFR function in Cisco IOS XE operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot or cause a service failure by sending fragmented...

The vulnerability of the system check function in Cisco IOS XE for Cisco Catalyst 9200 Series network devices allows a hacker to execute arbitrary code.

The vulnerability of the Cisco IOS XE software’s network device authentication function on the Cisco Catalyst 9200 series devices is related to improper verification of the cryptographic signature. Exploiting this vulnerability allows an attacker to execute arbitrary code...

Cisco IOS XE Software 资源管理错误漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from insufficient...

The vulnerability of the Cisco IOS XR command-line interface allows a attacker to execute arbitrary commands on the underlying Linux operating system.

The vulnerability of the Cisco IOS XR operating system’s command-line interface is related to the implementation or modification of arguments. Exploiting this vulnerability allows an attacker to execute arbitrary commands on the Linux kernel with root privileges...

PT-2021-2449 · Cisco · Cisco Ios Xe Sd-Wan +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE SD-WAN Software affected versions not specified Description: A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain...

The vulnerability of the enf_broker process in the system for processing incoming packets on Cisco IOS XR allows a hacker to trigger a service failure.

The vulnerability of the enfbroker process in the Cisco IOS XR operating system’s incoming packet processing function is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the Cisco IOS XE operating system, related to the lack of measures to neutralize special elements used in the operating system’s commands, allows a perpetrator to increase their privileges and execute arbitrary code.

The vulnerability of the Cisco IOS XE operating system is related to the lack of measures to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...

The vulnerability of the Cisco IOS XR command-line interface allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Cisco IOS XR operating system’s command-line interface is related to privilege management errors. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability in the web-based management interface of Cisco SD-WAN allows a hacker to enhance their privileges.

The vulnerability of the Cisco SD-WAN programmatically-defined network management web interface is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to enhance their privileges through specially crafted HTTP requests...

Cisco IOS XR Resource Management Error Vulnerability (CNVD-2020-14349)

Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. A security vulnerability exists in Cisco IOS XR. The vulnerability stems from mismanagement of system resources e.g., memory, disk space, files, etc. by the network system or produc...

The vulnerability of the authentication mechanism of the Secure Shell service for the Cisco IOS XR operating system allows a perpetrator to gain access to a vulnerable device.

The vulnerability of the SSH authentication mechanism in Cisco IOS XR operating systems is related to authentication errors. Exploiting this vulnerability allows a malicious actor to bypass the authentication process and gain access to vulnerable devices remotely...

CVE-2018-0092

A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software could allow an authenticated, local attacker to improperly delete valid user accounts. The network-operator role should not be able to delete other configured users on the device. The vulnerability is...

CVE-2017-6600

A vulnerability in the CLI of the Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb61351...

The vulnerability of the Cisco IOS operating system, which allows a remote attacker to trigger a service failure

The vulnerability in the VFR interface allows a remote attacker to trigger a service failure by using specially crafted ICMPv4 packets...

PT-1999-1004 · Cisco · Cisco Ios

Name of the Vulnerable Software and Affected Versions: Cisco IOS versions prior to the fixed version Description: The issue allows malicious UDP packets sent to the syslog port to crash the system. Recommendations: For Cisco IOS versions prior to the fixed version, apply the necessary configurati...