CVE-2014-2059

CVE-2014-2059 describes a directory traversal in Jenkins via the CLI CreateJobCommand (hudson/cli/CreateJobCommand.java). The vulnerability allows remote authenticated users to overwrite arbitrary files through the job name, affecting Jenkins before 1.551 and LTS before 1.532.2. Connected sources...

CVE-2014-0747

The Certificate Authority Proxy Function CAPF CLI implementation in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to inject commands via unspecified CAPF programs, aka Bug ID CSCum95493...

CVE-2014-0741

The certificate-import feature in the Certificate Authority Proxy Function CAPF CLI implementation in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461...

Code injection

The Certificate Authority Proxy Function CAPF CLI implementation in the CSR management feature in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464...

Design/Logic Flaw

The certificate-import feature in the Certificate Authority Proxy Function CAPF CLI implementation in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461...

CVE-2014-0742

The Certificate Authority Proxy Function CAPF CLI implementation in the CSR management feature in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464...

CVE-2014-0747

CVE-2014-0747 affects Cisco Unified Communications Manager CAPF CLI. The vulnerability arises from insufficient input validation in the CAPF CLI, allowing an authenticated, local attacker to inject commands into the underlying operating system. Affected are Cisco Unified CM versions 10.0(1) and e...

CVE-2014-0741

The CVE-2014-0741 issue affects Cisco Unified Communications Manager (Unified CM) via the CAPF certificate-import CLI. The root cause is insufficient input validation in the CAPF command-import flow, allowing an authenticated, local attacker with local access to read or modify arbitrary files on ...

CVE-2014-0741

The certificate-import feature in the Certificate Authority Proxy Function CAPF CLI implementation in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461...

CVE-2014-0742

CVE-2014-0742 concerns Cisco Unified Communications Manager (Unified CM) CAPF CSR management CLI. The CAPF CSR management feature contains insufficient input validation, allowing an authenticated, local attacker to read or write arbitrary files on the underlying OS via crafted CLI input (Bug ID C...

CVE-2014-0747

The Certificate Authority Proxy Function CAPF CLI implementation in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to inject commands via unspecified CAPF programs, aka Bug ID CSCum95493...

Cisco Unified Communications Manager CAPF CLI Command Injection Vulnerability

A vulnerability in the Certificate Authority Proxy Function CAPF command-line interface CLI of Cisco Unified Communications Manager Cisco Unified CM could allow an authenticated, local attacker to inject commands into the underlying operating system. The vulnerability is due to insufficient input...

CVE-2014-0730

Cisco Unified Computing System UCS Central Software 1.1 and earlier allows local users to gain privileges via a CLI copy command in a local-mgmt context, aka Bug ID CSCul53128...

Hardcoded credentials

Cisco UCS Director formerly Cloupia before 4.0.0.3 has a hardcoded password for the root account, which makes it easier for remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930...

CVE-2014-0709

Cisco UCS Director formerly Cloupia before 4.0.0.3 has a hardcoded password for the root account, which makes it easier for remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930...

McAfee VirusScan Enterprise < 8.8 / 8.7 HF643440 CLI Local Privilege Escalation (SB10014)

The remote Windows host has a version of McAfee VirusScan Enterprise VSE prior to 8.8 or 8.7 Hot-Fix 643440. It is, therefore, reportedly affected by a CLI local privilege escalation vulnerability that could disable VSE and its connection to McAfee ePolicy Orchestrator ePO. C Tenable Network...

Juniper Networks Junos OS Multiple Privilege Escalation Vulnerabilities in Junos CLI

Privilege escalation vulnerability through certain CLI commands. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; ...

Juniper Junos CLI libc recomp() rpd DoS (JSA10612)

According to its self-reported version number, the remote Juniper Junos device is affected by a denial of service vulnerability in the regcomp implementation of the GNU C Library used in the command-line interpreter CLI. A attacker can exploit this vulnerability to crash the RE by using a crafted...

Design/Logic Flaw

Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R5, 13.1 before 13.1R3-S1, 13.2 before 13.2R2, and 13.3 before 13.3R1 allows local users to gain...

Fedora 20 : php-5.5.7-1.fc20 (2013-23164)

12 Dec 2013, PHP 5.5.7 CLI server : - Added some MIME types to the CLI web server Chris Jones - Implemented FR 65917 getallheaders is not supported by the built-in web server - also implements apacheresponseheaders Andrea Faulds Core : - Fixed bug 66094 unregistertickfunction tries to cast a...