Cisco Firepower Threat Defense和Cisco FXOS Software 操作系统操作系统命令注入漏洞

Cisco Firepower Threat Defense FTD and Cisco FXOS Software are both products of Cisco, Inc. Cisco Firepower Threat Defense is a unified suite of software that provides next-generation firewall services.Cisco FXOS Cisco FXOS Software is a suite of firewall software that runs in Cisco security...

CVE-2022-20850

A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit...

PT-2021-2833 · Cisco · Cisco Asa +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance Software ASA and Cisco Firepower Threat Defense FTD Software affected versions not specified Description: The issue is related to insufficient input validation of commands supplied by the user in the CLI of t...

PT-2020-4424 · Cisco +1 · Cisco Ios Xe +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in the application-hosting subsystem could allow an authenticated, local attacker to elevate privileges to root on an affected device. The attacker could execu...

PT-2020-2649 · Cisco · Cisco Ios Xe Sd-Wan

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE SD-WAN Software affected versions not specified Description: The issue is related to insufficient input validation in the CLI interface of the software. This could allow an authenticated, local attacker to inject arbitrary comman...

CVE-2019-12717

A vulnerability in a CLI command related to the virtualization manager VMAN in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of...

CVE-2019-1769

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system of an attached line card with the privilege level of root. The vulnerability is due to insufficient...

PT-2019-2368 · Cisco · Cisco Fx-Os +2

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS versions prior to 8.31 Cisco FX-OS affected versions not specified Description: The issue is related to insufficient validation of arguments passed to certain CLI commands, which could allow an authenticated, local attacker with...

Cisco NX-OS Arbitrary Command Execution Vulnerability

Cisco NX-OS Software is the United States Cisco Cisco company's set of data center-oriented operating system. An input validation vulnerability exists in the role-based access detection mechanism in Cisco NX-OS Software, which stems from the program's lack of file system validation and input...

CVE-2017-6781

A vulnerability in the management of shell user accounts for Cisco Policy Suite CPS Software for CPS appliances could allow an authenticated, local attacker to gain elevated privileges on an affected system. The affected privilege level is not at the root level. The vulnerability is due to...

Cisco Unified Computing System Local Elevation of Privilege Vulnerability

Cisco Unified Computing System Manager provides unified, embedded management of all hardware and software components within a unified computing system. An elevation of privilege vulnerability exists in Cisco Unified Computing System UCS versions prior to 3.02d in UCS Manager and UCS 6200 Fabric...

CVE-2016-1390

Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892...

Design/Logic Flaw

Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892...

CVE-2016-1390

Cisco Prime Network Analysis Module (NAM) and Cisco Prime Virtual Network Analysis Module (vNAM) are affected by CVE-2016-1390. The issue arises from insufficient sanitization of CLI input, allowing a local, authenticated attacker to obtain root privileges by crafting input that is processed by t...

CVE-2016-1390

Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892...