286 matches found
CVE-2017-12341
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation during the...
CVE-2017-12336
A vulnerability in the TCL scripting subsystem of Cisco NX-OS System Software could allow an authenticated, local attacker to escape the interactive TCL shell and gain unauthorized access to the underlying operating system of the device. The vulnerability exists due to insufficient input validati...
CVE-2017-12335
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...
CVE-2017-12334
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation of command...
CVE-2017-12338
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. The vulnerability is due to insufficient input validation for a specific CLI command. An attacker could exploit this vulnerability by issuing a crafted...
CVE-2017-12331
A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. The vulnerability is due to insufficient NX-OS signature verification for software patches. An authenticated, local attacker could exploit th...
CVE-2017-12334
Cisco NX-OS System Software CLI Command Injection vulnerability (CVE-2017-12334) affects multiple Cisco NX-OS platforms (e.g., Multilayer Director Switches, Nexus 2000/3000/3500/5000/5500/5600/6000/7000/7700/9000 series and UCS Manager). Root cause: insufficient input validation of CLI command ar...
CVE-2017-12332
CVE-2017-12332 affects Cisco NX-OS System Software on multiple Cisco Nexus series switches and UCS Manager. The issue stems from insufficient restrictions in the patch installation process, allowing an authenticated, local attacker with valid administrator credentials to install a crafted patch i...
CVE-2017-12332
A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installin...
CVE-2017-12243
A vulnerability in the Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to obtain root shell privileges on the device, aka Command Injection. The...
Cisco Integrated Management Controller Remote Code Execution Vulnerability
According to its self-reported version, the Cisco Unified Computing System Management Software is affected by one or more vulnerabilities. Please see the included Cisco BIDs and the Cisco Security Advisory for more information. TRUSTED...
Cisco Integrated Management Controller Cross-Site Scripting Vulnerability
According to its self-reported version, the Cisco Unified Computing System Management Software is affected by one or more vulnerabilities. Please see the included Cisco BIDs and the Cisco Security Advisory for more information. TRUSTED...
CLI Command Injection Vulnerability in Multiple Cisco Products
Cisco Unified Computing System UCS Manager provides unified and embedded management of all software and hardware components in Cisco UCS. the Cisco Firepower 4100 Series is a next-generation firewall. the Cisco Firepower 9300 is a scalable carrier-grade platform. A command injection vulnerability...
Local Command Execution Vulnerability in Multiple Cisco Products
Cisco Unified Computing System Manager is a set of embedded device management software.Cisco Firepower 9300 Security Appliance are Cisco security appliances.Cisco Firepower 9000 is an operating system running on the 9000 series firewall appliances from Cisco. Cisco Firepower 9000 is a Cisco...
CVE-2017-6600
A vulnerability in the CLI of the Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb61351...
CVE-2017-6601
A vulnerability in the CLI of the Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb61384...
CVE-2017-6602
A vulnerability in the CLI of Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb66189...
Command injection
A vulnerability in the CLI of Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb66189...
CVE-2017-6598
A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary commands, aka Privilege...
CVE-2017-6598
A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary commands, aka Privilege...