122 matches found
CVE-2018-0176
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerabilities are due to the affected softwa...
CVE-2018-0185
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0176
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerabilities are due to the affected softwa...
CVE-2018-0176
Summary: CVE-2018-0176 describes multiple vulnerabilities in the CLI parser of Cisco IOS XE Software that can allow an authenticated, local attacker with user EXEC privileges to gain access to the device’s underlying Linux shell and execute arbitrary commands with root privileges. The root cause ...
Cisco IOS XE Software User EXEC Mode Root Shell Access Vulnerabilities
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerabilities are due to the affected softwa...
Cisco IOS XE Software CLI Command Injection Vulnerabilities
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...
Cisco Web Security Appliance Multiple Vulnerabilities
According to its self-reported version, the remote Cisco Web Security Appliance WSA device is affected by one or more vulnerabilities : - An unspecified flaw exists in the web-based interface due to improper validation of user-supplied input. An authenticated, remote attacker who has valid...
Command injection
A vulnerability in the CLI parser of the Cisco Web Security Appliance WSA could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtu...
CVE-2017-6748
A vulnerability in the CLI parser of the Cisco Web Security Appliance WSA could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtu...
CVE-2017-6748
A vulnerability in the CLI parser of the Cisco Web Security Appliance WSA could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtu...
Cisco Web Security Appliance Authenticated Command Injection and Privilege Escalation Vulnerability
A vulnerability in the CLI parser of the Cisco Web Security Appliance WSA could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. SPDX-FileCopyrightText:...
Cisco Adaptive Security Appliance CLI Remote Code Execution Vulnerability
Cisco Adaptive Security Appliances ASA, Adaptive Security Appliances Software is a set of firewall appliances from Cisco USA. The device also includes IPS Intrusion Prevention System, SSL VPN, IPSec VPN, anti-spam and other features. A remote code execution vulnerability exists in the command-lin...
VulnCheck KEV: CVE-2016-6367
A vulnerability in the command-line interface CLI parser of Cisco ASA software could allow an authenticated, local attacker to create a denial-of-service DoS condition or potentially execute code...
Cisco Nexus Operating System Devices Command Line Interface Local Privilege Escalation Vulnerability (Cisco-SA-20150701-CVE-2015-4237)
A vulnerability in the Command Line Interface CLI parser of Cisco Nexus Operating System NX-OS devices could allow an authenticated, local attacker to perform a privilege escalation. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and...
CVE-2015-4237
The CLI parser in Cisco NX-OS 4.12E11, 6.211b, 6.212, 7.20ZZ99.1, 7.20ZZ99.3, and 9.11SV13.1.8 on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and...
Design/Logic Flaw
The CLI parser in Cisco NX-OS 4.12E11, 6.211b, 6.212, 7.20ZZ99.1, 7.20ZZ99.3, and 9.11SV13.1.8 on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and...
CVE-2015-4237
CVE-2015-4237 affects Cisco NX-OS on Nexus switches (NX-OS versions listed in the Cisco/NVD entries). The vulnerability is in the CLI parser where improper validation of special characters in filenames allows an authenticated, local attacker to run arbitrary OS commands, enabling local privilege ...
Cisco Nexus OS Device Command Line Interface Local Elevation of Privilege Vulnerability
Nexus is Cisco's line of network switches designed for data centers. A security vulnerability in the CLI parser of the Cisco Nexus Operating System NX-OS allows an authenticated, local attacker to gain elevated privileges by exploiting this vulnerability...
Cisco NX-OS Software Input Validation Vulnerability
A vulnerability in the command-line interface CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to create or overwrite files. The vulnerability is due to improper input filtering. An attacker could exploit this vulnerability by using a shell output redirection. A...