CVE-2023-20153

Cisco Identity Services Engine (ISE) contains multiple command injection vulnerabilities in specific ISE CLI commands due to insufficient validation of user-supplied input. An authenticated local attacker with Administrator privileges can exploit crafted CLI commands to elevate privileges to root...

CVE-2023-20022

CVE-2023-20022 relates to multiple privilege-escalation vulnerabilities in Cisco Identity Services Engine (ISE) related to command injection via abused CLI commands. The issues arise from insufficient validation of user-supplied input and require an authenticated, local attacker with Administrato...

CVE-2023-20023

Cisco Identity Services Engine (ISE) CLI command vulnerability: multiple input validation issues allow an authenticated local attacker with Administrator privileges to inject commands and potentially gain root privileges. Affected product: ISE; root cause: insufficient validation of user-supplied...

CVE-2023-20152

Cisco Identity Services Engine (ISE) exposes multiple CLI command injection vulnerabilities. An authenticated local attacker with Administrator privileges can submit crafted CLI input due to insufficient validation, potentially elevating to root and compromising the underlying OS. The issue is do...

CVE-2023-20021

CVE-2023-20021 concerns multiple privilege-escalation vulnerabilities in Cisco Identity Services Engine (ISE) related to CLI command handling. The issues arise from insufficient validation of user-supplied CLI input, enabling an authenticated local attacker with Administrator privileges to perfor...

Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2023-152)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-152 advisory. ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file CVE-2023-1161 Tenable has extracted the...

SUSE SLES12 Security Update : runc (SUSE-SU-2023:1726-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1726-1 advisory. - runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.11.34 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.34 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a...

CVE-2023-28642

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc...

Design/Logic Flaw

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

CVE-2023-25809

CVE-2023-25809 affects runc (rootless and certain host configurations) where rootless runc can make /sys/fs/cgroup writable under two conditions: 1) inside a user namespace without unsharing cgroup namespace (e.g., docker/podman/nerdctl run --cgroupns=host), or 2) outside the user namespace with ...

CVE-2023-28642

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc...

CVE-2023-28642

Summary (concrete details): The CVE-2023-28642 issue affects the container runtime components, notably the runC tool. The root cause is an AppArmor bypass when a container’s /proc is symlinked under a specific mount configuration, enabling an attacker with local access to bypass confinement. The ...

CVE-2023-28642 AppArmor bypass with symlinked /proc in runc

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc...

Security Bulletin: CLI access security issue on IBM SAN Volume Controller and Storwize Family (CVE-2014-0880)

Summary Security Bulletin: CLI access security issue on IBM SAN Volume Controller and Storwize Family CVE-2014-0880 Vulnerability Details Security Bulletin --- Summary --- CLI security issue Vulnerability Details --- CVEID: CVE-2014-0880 DESCRIPTION: An unauthorized user with network access to a...

Security Bulletin: Vulnerability in Apache Tomcat affects SAN Volume Controller, Storwize family and FlashSystem V9000 products (CVE-2016-3092)

Summary A vulnerability in the Apache Tomcat component affects the product's management GUI. The CLI interface is unaffected. Vulnerability Details CVEID: CVE-2016-3092 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. ...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect SAN Volume Controller, Storwize family and FlashSystem V9000 products

Summary Vulnerabilities in the OpenSSL component affect the management GUI of SAN Volume Controller, Storwize family and FlashSystem V9000 products. The CLI interface is unaffected. The CVEs are CVE-2016-2177 CVE-2016-2178 CVE-2016-2183 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306. Vulnerability...

Security Bulletin: Vulnerabilities in SSL and TLS protocols affects SAN Volume Controller and Storwize Family (CVE-2011-3389)

Summary Security Bulletin: Vulnerabilities in SSL and TLS protocols affects SAN Volume Controller and Storwize Family CVE-2011-3389 Vulnerability Details Security Bulletin --- Summary --- SSL and TLS vulnerabilities were disclosed in September 2011. This vulnerability has been referred to as the...

CVE-2023-25809

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

The vulnerability of the command-line interface (CLI) of the Cisco NX-OS operating system for Cisco switches allows a attacker to execute arbitrary commands.

The vulnerability of the command-line interface CLI of the Cisco NX-OS operating system for Cisco switches exists because measures are not taken to eliminate the special elements used in the operating system’s commands. Exploiting this vulnerability allows an attacker to execute arbitrary command...