Cisco NX-OS Directory Traversal Vulnerability

A vulnerability in the Command Line Interface CLI of the Cisco NX-OS Software could allow an authenticated, local attacker to delete arbitrary files on the device. The vulnerability is due to improper filtering of user input. An attacker could exploit this vulnerability by leveraging the filesys...

CVE-2012-4112

The Baseboard Management Controller BMC in Cisco Unified Computing System UCS allows local users to gain privileges and execute arbitrary commands via crafted command parameters within the command-line interface, aka Bug ID CSCtr43330...

CVE-2012-4112

CVE-2012-4112 affects the Cisco UCS Baseboard Management Controller (BMC). A vulnerability in the BMC’s command-line interface (CLI) allows a locally authenticated attacker to inject arbitrary commands with elevated privileges due to improper filtering of user-supplied parameters. Exploitation re...

Cisco Unified Computing System Fabric Interconnect Arbitrary File Read Vulnerability

A vulnerability in the fabric interconnect of the Cisco Unified Computing System could allow an authenticated, local attacker to view arbitrary files on the underlying filesystem. The vulnerability is due to improper filtering of user-supplied parameters. An attacker could exploit this...

Cisco Unified Computing System Fabric Interconnect Privilege Escalation Vulnerability

A vulnerability in the fabric interconnect of the Cisco Unified Computing System could allow an authenticated, local attacker to execute scripts with elevated privileges. The vulnerability occurs because all scripts are executed at the same privilege level. An attacker could exploit this...

Cisco NX-OS Local Write Redirection Vulnerability

A vulnerability in the command-line interface CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to create files in any location that they have access. The vulnerability is due to improper input filtering of file name input. An attacker could exploit this vulnerabilit...

CVE-2012-6598

The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33080...

CVE-2012-6591

The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 31116...

Command injection

Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to cause a denial of service management-server crash by using the command-line interface for a crafted command, aka Ref ID 35254...

Design/Logic Flaw

The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 34896...

CVE-2012-6598

The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33080...

CVE-2012-6600

The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 34502...

CVE-2012-6605

The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 34896...

CVE-2012-6604

CVE-2012-6604 : Affected are Palo Alto Networks PAN-OS versions prior to 3.1.11 and 4.0.x prior to 4.0.9. The device-management CLI has a vulnerability that allows remote authenticated users to execute arbitrary code via unspecified vectors, potentially leading to full device compromise (root acc...

CVE-2012-6602

CVE-2012-6602 affects Palo Alto Networks PAN-OS before 3.1.10 and 4.x before 4.0.4. The device-management CLI allows remote authenticated users to inject arbitrary shell commands, enabling arbitrary command execution via the CLI. Root cause: command injection in the management interface. Impact a...

CVE-2012-6599

The CVE-2012-6599 entry concerns Palo Alto Networks PAN-OS command injection in the device-management CLI. Affected products are PAN-OS 4.0.x before 4.0.8 and 4.1.x before 4.1.1, where an authenticated user can execute arbitrary shell commands via unspecified vectors. The vulnerability arises in ...

CVE-2012-6594

The CVE-2012-6594 issue affects Palo Alto Networks PAN-OS: PAN-OS versions prior to 3.1.11, 4.0.x prior to 4.0.8, and 4.1.x prior to 4.1.1 are vulnerable. The device-management CLI allows an authenticated, remote administrator to inject arbitrary shell commands via unspecified vectors. This can l...

CVE-2012-6591

Summary: CVE-2012-6591 affects Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5. The device-management CLI is vulnerable to command injection. Impact: remotely (via authenticated admin) execute arbitrary commands with potentially complete device compromise. Affected versions: PAN-OS...

CVE-2012-6605

CVE-2012-6605 affects Palo Alto Networks PAN-OS prior to 3.1.11 and 4.0.x prior to 4.0.9. The device-management CLI allows remote authenticated users to execute arbitrary code via unspecified vectors, potentially compromising the device (root). Affected versions require upgrading to PAN-OS 3.1.11...

CVE-2012-6598

Affected product : Palo Alto Networks PAN-OS 4.0.x (prior to 4.0.8). Vulnerability : device-management CLI allows authenticated remote users to execute arbitrary shell commands via unspecified vectors. Root cause / impact : command injection via the management interface could lead to arbitrary co...