CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2018/06/21 11:29 a.m.•11 views

Buffer overflow

A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could...

7.2CVSS8AI score0.00431EPSS

Exploits0References1Affected Software2

Prion•added 2018/06/21 11:29 a.m.•17 views

Design/Logic Flaw

A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol SNMP MIB for Cisco NX-OS in standalone NX-OS mode on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affecte...

6.8CVSS7.6AI score0.02048EPSS

Prion•added 2018/06/21 11:29 a.m.•19 views

Input validation

A vulnerability in the role-based access-checking mechanisms of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected device. The vulnerability exists because the affected software lacks proper input and validation checks for certain file...

7.2CVSS7.8AI score0.00314EPSS

Exploits0References1Affected Software1

NVD•added 2018/06/21 11:29 a.m.•17 views

CVE-2018-0306

A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by...

7.8CVSS7.9AI score0.00564EPSS

NVD•added 2018/06/21 11:29 a.m.•22 views

CVE-2018-0309

7.7CVSS7.7AI score0.02048EPSS

NVD•added 2018/06/21 11:29 a.m.•22 views

CVE-2018-0302

7.8CVSS7.9AI score0.00431EPSS

Cvelist•added 2018/06/21 11:0 a.m.•21 views

CVE-2018-0309

7.7AI score0.02048EPSS

CVE•added 2018/06/21 11:0 a.m.•61 views

CVE-2018-0306

CVE-2018-0306 describes an input-validation flaw in the CLI parser of Cisco NX-OS Software that enables an authenticated, local attacker to perform command-injection and execute arbitrary root-level commands. Affected products include MDS 9000 switches, Nexus series (1000V, 1100, 2000, 3000, 3500...

7.8CVSS7.8AI score0.00564EPSS

Cvelist•added 2018/06/21 11:0 a.m.•25 views

CVE-2018-0302

7.9AI score0.00431EPSS

CNVD•added 2018/06/21 12:0 a.m.•3 views

Ubiquiti Networks EdgeSwitch Code Execution Vulnerability

The Ubiquiti EdgeSwitch is a Gigabit network switch device from Ubiquiti Networks, Inc. A security vulnerability exists in Ubiquiti EdgeSwitch 1.7.3 and earlier versions, which stems from the program's lack of protection for the admin CLI. The vulnerability can be exploited by an attacker to...

9CVSS7.2AI score0.0167EPSS

NVD•added 2018/06/20 9:29 p.m.•18 views

CVE-2018-0293

A vulnerability in role-based access control RBAC for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device. The vulnerability is d...

9CVSS8.9AI score0.0483EPSS

Exploits0References3

Vulnrichment•added 2018/06/20 9:0 p.m.•8 views

CVE-2018-0307

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting...

7.4AI score0.00564EPSS

Cvelist•added 2018/06/20 9:0 p.m.•20 views

CVE-2018-0293

8.9AI score0.0483EPSS

Exploits0References3

Vulnrichment•added 2018/06/20 9:0 p.m.•6 views

CVE-2018-0293

7.3AI score0.0483EPSS

Exploits0References3

CVE•added 2018/06/20 9:0 p.m.•53 views

CVE-2018-0293

CVE-2018-0293 affects Cisco NX-OS Software RBAC: a privilege-assignment flaw in CLI commands grants nonadministrative users the ability to run restricted commands on multiple Nexus/NX-OS platforms (MDS 9000, Nexus 2000/3000/3500/3600/5500/5600/6000/7000/7700 series, NX-OS standalone NX-OS mode, N...

9CVSS8.8AI score0.0483EPSS

Exploits0References3Affected Software1

CVE•added 2018/06/20 9:0 p.m.•71 views

CVE-2018-0307

CVE-2018-0307 is Cisco NX-OS CLI Arbitrary Command Injection due to insufficient input validation of CLI command arguments. An authenticated, local attacker could exploit this vulnerability to execute arbitrary commands with root privileges, potentially accessing files across VDC contexts. Affect...

7.8CVSS7.8AI score0.00564EPSS

Cvelist•added 2018/06/20 9:0 p.m.•19 views

CVE-2018-0307

7.8AI score0.00564EPSS

Cisco•added 2018/06/20 4:0 p.m.•103 views

Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance Path Traversal Vulnerability

A vulnerability in the process of uploading new application images to the Cisco Firepower 4100 Series Next-Generation Firewall NGFW and Firepower 9300 Security Appliance could allow an authenticated, remote attacker using path traversal techniques to create or overwrite arbitrary files on an...

7.2CVSS1.4AI score0.07395EPSS

Cisco•added 2018/06/20 4:0 p.m.•62 views

Cisco NX-OS Software Role-Based Access Control Elevated Privileges Vulnerability

8.8CVSS2.7AI score0.0483EPSS