352 matches found
[ASA-201707-28] wireshark-cli: denial of service
Arch Linux Security Advisory ASA-201707-28 ========================================== Severity: Low Date : 2017-07-26 CVE-ID : CVE-2017-11406 CVE-2017-11407 CVE-2017-11408 CVE-2017-11410 CVE-2017-11411 Package : wireshark-cli Type : denial of service Remote : Yes Link :...
CVE-2017-10603
An XML injection vulnerability in Junos OS CLI can allow a locally authenticated user to elevate privileges and run arbitrary commands as the root user. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS 15.1X53 prior to 15.1X53-D47, 15....
CVE-2017-6707
A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core VPC Software could allow an authenticated, local attacker to break from the StarOS CLI of an...
CVE-2017-6718
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges to the root level. More Information: CSCvb99384. Known Affected Releases: 6.2.1.BASE. Known Fixed Releases: 6.2.11.3i.ROUT 6.2.1.29i.ROUT 6.2.1.26i.ROUT...
CVE-2017-6719
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands on the host operating system with root privileges, aka Command Injection. More Information: CSCvb99406. Known Affected Releases: 6.2.1.BASE. Known Fixed Releases:...
Cisco IOS XR Software Local Command Injection Vulnerability
Cisco IOS is the interconnected Internet operating system used on most Cisco Systems routers and network switches. Cisco IOS XR Software has a security vulnerability in the CLI implementation, where an authenticated local attacker can execute arbitrary commands with root privileges on the host...
Cisco Elastic Services Controller Default Administrator Credentials Vulnerability
Cisco Elastic Services Controller is a cloud and systems management solution. Cisco Elastic Services Controllers has a security vulnerability in the ConfD CLI implementation that stems from the presence of a default, weak, hard-coded password for the admin user on the affected system. A remote...
CVE-2017-6650
A vulnerability in the Telnet CLI command of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An...
Unauthorized Domain Creation
admin-cli is vulnerable to unauthorised domain creation. The vulnerability is possible since it does not verify the validity of admin's credentials before creation of domain...
Cisco Prime Network Analysis Module and Cisco Prime Virtual Network Analysis Module Local Command Injection Vulnerability
Cisco Prime Network Analysis Module and Cisco Prime Virtual Network Analysis Module are network analysis software used by network administrators to manage and configure the network's usage, operational status, and so on. A local command injection vulnerability exists in the CLI of Cisco Prime...
CloudBees Jenkins CI and LTS Split Response Vulnerability
CloudBees Jenkins CI is a set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . LTS is a long-term support for CloudBees Jenkins CI version . An HTTP...
Cisco Prime Collaboration CLI Command Execution Vulnerability
Cisco Prime Collaboration is a suite of enterprise collaboration network management solutions. A security vulnerability in the CLI of Cisco Prime Collaboration allows a local attacker to exploit the vulnerability to execute arbitrary operating system commands with root privileges...