7993 matches found
CVE-2019-1835 Cisco Aironet Series Access Points Directory Traversal Vulnerability
A vulnerability in the CLI of Cisco Aironet Access Points APs could allow an authenticated, local attacker to access sensitive information stored in an AP. The vulnerability is due to improper sanitization of user-supplied input in specific CLI commands. An attacker could exploit this vulnerabili...
CVE-2019-1835 Cisco Aironet Series Access Points Directory Traversal Vulnerability
A vulnerability in the CLI of Cisco Aironet Access Points APs could allow an authenticated, local attacker to access sensitive information stored in an AP. The vulnerability is due to improper sanitization of user-supplied input in specific CLI commands. An attacker could exploit this vulnerabili...
CVE-2019-1835
CVE-2019-1835 : The Cisco Aironet Series Access Points CLI directory traversal vulnerability is confirmed by multiple sources. An authenticated, local attacker who gains admin CLI access can issue crafted commands that bypass input sanitization to traverse directories and view system files on aff...
CVE-2019-1829 Cisco Aironet Series Access Points Command Injection Vulnerability
A vulnerability in the CLI of Cisco Aironet Series Access Points APs could allow an authenticated, local attacker to gain access to the underlying Linux operating system OS without the proper authentication. The attacker would need valid administrator device credentials. The vulnerability is due ...
CVE-2019-1829
CVE-2019-1829 is a vulnerability in the CLI of Cisco Aironet Series Access Points where an authenticated, local attacker with valid administrator credentials can abuse improper validation of input to certain CLI commands to gain access to the underlying Linux OS. Affected product: Cisco Aironet A...
CVE-2019-1805
CVE-2019-1805 describes an SSH access vulnerability in Cisco Wireless LAN Controller (WLC) software. The issue stems from improper input/validation checks in the SSH server, allowing an unauthenticated, adjacent attacker to gain access to a CLI instance on affected devices. Connected advisory doc...
CVE-2019-1725 Cisco UCS B-Series Blade Servers Local Management CLI Arbitrary File Creation or CLI Parameter Injection Vulnerability
A vulnerability in the local management CLI implementation for specific commands on the Cisco UCS B-Series Blade Servers could allow an authenticated, local attacker to overwrite an arbitrary file on disk. It is also possible the attacker could inject CLI command parameters that should not be...
CVE-2019-1725 Cisco UCS B-Series Blade Servers Local Management CLI Arbitrary File Creation or CLI Parameter Injection Vulnerability
A vulnerability in the local management CLI implementation for specific commands on the Cisco UCS B-Series Blade Servers could allow an authenticated, local attacker to overwrite an arbitrary file on disk. It is also possible the attacker could inject CLI command parameters that should not be...
CVE-2019-1725
CVE-2019-1725 affects Cisco UCS B-Series Blade Servers. A vulnerability in the local management CLI allows an authenticated, local attacker to overwrite arbitrary files on disk or inject CLI parameters for a subset of commands due to insufficient input validation. The issue is specific to certain...
Design/Logic Flaw
A vulnerability in the development shell devshell authentication for Cisco Aironet Series Access Points APs running the Cisco AP-COS operating system could allow an authenticated, local attacker to access the development shell without proper authentication, which allows for root access to the...
[SECURITY] Fedora 30 Update: group-service-1.1.0-5.fc30
Dbus Group management CLI tool...
Cisco UCS B-Series Blade Servers Local Management CLI Arbitrary File Creation or CLI Parameter Injection Vulnerability
A vulnerability in the local management CLI implementation for specific commands on the Cisco UCS B-Series Blade Servers could allow an authenticated, local attacker to overwrite an arbitrary file on disk. It is also possible the attacker could inject CLI command parameters that should not be...
Cisco Aironet Series Access Points Directory Traversal Vulnerability
A vulnerability in the CLI of Cisco Aironet Access Points APs could allow an authenticated, local attacker to access sensitive information stored in an AP. The vulnerability is due to improper sanitization of user-supplied input in specific CLI commands. An attacker could exploit this vulnerabili...
CVE-2019-1003049
Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based...
CVE-2019-1003049
Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based...
CVE-2019-1003049
CVE-2019-1003049 affects Jenkins core where an incomplete fix for security advisory SECURITY-901 left remoting-based CLI authentication caches valid in Jenkins versions prior to 2.172 (and LTS prior to 2.164.2). Affected products/versions: Jenkins and LTS builds older than 2.172 and 2.164.2 respe...
CVE-2019-1003049
Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based...
CVE-2019-1003049
Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based...
Design/Logic Flaw
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interface. This allows to execute shell commands under the root user...
CVE-2019-5425
In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, which allow them to escalate privileges to root...