8014 matches found
CVE-2023-44178 Junos OS : Stack overflow vulnerability in CLI command processing
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service DoS condition. This issue affect...
CVE-2023-44176
CVE-2023-44176 is a stack-based buffer overflow in the CLI command processing of Juniper Networks Junos OS. The vulnerability allows a low-privileged attacker to execute specific CLI commands, triggering a Denial of Service with repeated actions potentially sustaining it. Affected Junos OS versio...
CVE-2023-44176 Junos OS : Stack overflow vulnerability in CLI command processing
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service DoS condition. This issue affect...
CVE-2023-44177 Junos OS and Junos OS Evolved: Stack overflow vulnerability in CLI command processing
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service DoS condition. This...
CVE-2023-44487 affecting package cf-cli for versions less than 8.4.0-13
CVE-2023-44487 affecting package cf-cli for versions less than 8.4.0-13. A patched version of the package is available...
AZL-34590 CVE-2023-39325 affecting package cf-cli for versions less than 8.7.3-2
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...
Design/Logic Flaw
An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system. Th...
CVE-2023-44187 Junos OS Evolved: 'file copy' CLI command can disclose password to shell users
An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system. Th...
CVE-2023-44187
The CVE affects Juniper Junos OS Evolved: the 'file copy' CLI command can disclose passwords entered on the command line to a local attacker with shell access. Affected versions require upgrading to fixed releases: 20.4R3-S7-EVO or later; 21.1R1-EVO to 21.2R3-S5-EVO or later; 21.2R3-S5-EVO or lat...
CVE-2023-44187 Junos OS Evolved: 'file copy' CLI command can disclose password to shell users
An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system. Th...
PT-2023-6330 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 19.1R3-S10 Junos OS versions 19.2 prior to 19.2R3-S7 Junos OS versions 19.3 prior to 19.3R3-S8 Junos OS versions 19.4 prior to 19.4R3-S12 Junos OS versions 20.2 prior to 20.2R3-S8 Junos OS versions 20.4 prior to...
Dell SmartFabric Storage Software Access Control Error Vulnerability
Dell SmartFabric Storage Software is a stand-alone storage software solution from Dell USA. Dell SmartFabric Storage Software suffers from an Access Control Error vulnerability that stems from an incorrect access control vulnerability contained in the CLI. An attacker could exploit this...
CVE-2023-41679
An improper access control vulnerability CWE-284 in FortiManager management interface 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions may allow a remote and authenticated attacker with at least "device management" permission on his profile and...
CVE-2023-41679
An improper access control vulnerability CWE-284 in FortiManager management interface 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions may allow a remote and authenticated attacker with at least "device management" permission on his profile and...
Command injection
An improper neutralization of special elements used in an os command 'OS Command Injection' vulnerability CWE-78 in FortiManager & FortiAnalyzer version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.8, version 6.4.0 through 6.4.12 and version 6.2.0 through 6.2.11 may allow a local...
Command injection
An improper neutralization of special elements used in an os command 'os command injection' in FortiManager 7.4.0 and 7.2.0 through 7.2.3 may allow attacker to execute unauthorized code or commands via FortiManager cli...
CVE-2023-41679
An improper access control vulnerability CWE-284 in FortiManager management interface 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions may allow a remote and authenticated attacker with at least "device management" permission on his profile and...
CVE-2023-41679
An improper access control vulnerability CWE-284 in FortiManager management interface 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions may allow a remote and authenticated attacker with at least "device management" permission on his profile and...
CVE-2023-42788
An improper neutralization of special elements used in an os command 'OS Command Injection' vulnerability CWE-78 in FortiManager & FortiAnalyzer version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.8, version 6.4.0 through 6.4.12 and version 6.2.0 through 6.2.11 may allow a local...
CVE-2023-42788
An improper neutralization of special elements used in an os command 'OS Command Injection' vulnerability CWE-78 in FortiManager & FortiAnalyzer version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.8, version 6.4.0 through 6.4.12 and version 6.2.0 through 6.2.11 may allow a local...