7993 matches found
Input validation
A vulnerability in a CLI command related to the virtualization manager VMAN in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of...
Input validation
A vulnerability in a CLI command related to the virtualization manager VMAN in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The...
CVE-2019-12717 Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability
A vulnerability in a CLI command related to the virtualization manager VMAN in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of...
CVE-2019-12717
CVE-2019-12717 affects Cisco NX-OS Software via a VMAN CLI command injection vulnerability. The root cause is insufficient validation of arguments passed to a specific VMAN CLI command, allowing an authenticated, local attacker (with administrator credentials) to run arbitrary commands on the und...
CVE-2019-12660 Cisco IOS XE Software ASIC Register Write Vulnerability
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to write values to the underlying memory of an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the CLI. An...
CVE-2019-12660 Cisco IOS XE Software ASIC Register Write Vulnerability
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to write values to the underlying memory of an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the CLI. An...
CVE-2019-12660
CVE-2019-12660 describes a vulnerability in the CLI of Cisco IOS XE Software where an authenticated, local attacker can write to the device’s memory due to improper input validation and command authorization. The attack could enable modification of the device configuration, leading to an insecure...
CVE-2019-12709 Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability
A vulnerability in a CLI command related to the virtualization manager VMAN in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The...
CVE-2019-12709
CVE-2019-12709 describes a privilege-escalation vulnerability in Cisco IOS XR Software for Cisco ASR 9000 Series (VMAN CLI). An authenticated, local attacker can exploit insufficient validation of VMAN CLI arguments to execute arbitrary commands on the underlying Linux OS with root privileges, po...
CVE-2019-12709 Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability
A vulnerability in a CLI command related to the virtualization manager VMAN in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The...
CVE-2019-12671
CVE-2019-12671 is Cisco IOS XE CLI consent-token bypass that allows an authenticated, local attacker to gain shell access and execute commands on the underlying OS by bypassing consent token enforcement. Affected software is Cisco IOS XE; root cause is insufficient enforcement of the consent toke...
CVE-2019-12661
CVE-2019-12661 : Cisco IOS XE Software’s Virtualization Manager (VMAN) CLI command is vulnerable to injection due to insufficient validation of arguments passed to a specific VMAN CLI command. An authenticated, local attacker with administrator privileges can exploit this to execute arbitrary com...
CVE-2019-12661 Cisco IOS XE Software Virtualization Manager CLI Command Injection Vulnerability
A vulnerability in a Virtualization Manager VMAN related CLI command of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of...
CVE-2019-12661 Cisco IOS XE Software Virtualization Manager CLI Command Injection Vulnerability
A vulnerability in a Virtualization Manager VMAN related CLI command of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of...
CVE-2019-12671 Cisco IOS XE Software Consent Token Bypass Vulnerability
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system OS. The vulnerability is due to insufficient enforcement of the consent token in authorizing shell...
Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability
A vulnerability in a CLI command related to the virtualization manager VMAN in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The...
Cisco IOS XE Software ASIC Register Write Vulnerability
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to write values to the underlying memory of an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the CLI. An...
Cisco IOS XE Software Virtualization Manager CLI Command Injection Vulnerability
A vulnerability in a Virtualization Manager VMAN related CLI command of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of...
status-board-cli (>=1.1.0 <=2.0.51) potentially affected by CVE-2019-15478 via status-board (>=1.1.12 <=1.1.80)
status-board NPM version =1.1.12, =1.1.0, =2.0.51 Source cves: CVE-2019-15478 Source advisory: OSV:GHSA-6M4R-CGM3-6Q7Q...
status-board-cli (>=1.1.0 <=2.0.51) potentially affected by CVE-2019-15479 via status-board (>=1.1.12 <=1.1.80)
status-board NPM version =1.1.12, =1.1.0, =2.0.51 Source cves: CVE-2019-15479 Source advisory: OSV:GHSA-8864-RHMW-5M6F...