22 matches found
CVE-2022-20944 Cisco IOS XE Software for Catalyst 9200 Series Switches Arbitrary Code Execution Vulnerability
A vulnerability in the software image verification functionality of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to an improper check in the code function tha...
Cisco IOS XE Software Privilege Escalation (cisco-sa-XE-FSM-Yj8qJbJc)
According to its self-reported version, Cisco IOS-XE Software is affected by a software privilege escalation vulnerability. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit this vulnerability by bypassi...
Cisco IOS Software Privilege Escalation (cisco-sa-XE-FSM-Yj8qJbJc)
According to its self-reported version, Cisco IOS Software is affected by a software privilege escalation vulnerability. A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The...
CVE-2021-1391
A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker...
Privilege escalation
A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker...
CVE-2021-1391 Cisco IOS and IOS XE Software Privilege Escalation Vulnerability
A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker...
CVE-2021-1391 Cisco IOS and IOS XE Software Privilege Escalation Vulnerability
A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker...
Cisco IOS and IOS XE Software Privilege Escalation Vulnerability
A vulnerability in the dragonite debugger of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The vulnerability is due to the presence of development testing and verification scripts that remained on t...
Cisco IOS XE Software Consent Token Bypass (cisco-sa-iosxe-ctbypass-7QHAfHkK)
According to its self-reported version, Cisco IOS XE Software is affected by a consent token bypass vulnerability. An authenticated, local attacker can exploit this via gaining shell access on an affected device and executing commands on the underlying operating system OS with root privileges...
Cisco IOS XE Consent Token Bypass Vulnerability (CNVD-2020-57581)
Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A consent token bypass vulnerability exists in the persistent Telnet/Secure Shell SSH CLI of Cisco IOS XE. The vulnerability stems from insufficient enforcement of consent tokens ...
CVE-2020-3404
A vulnerability in the persistent Telnet/Secure Shell SSH CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system OS with root privileges. The vulnerability is due to insufficient...
CVE-2020-3404 Cisco IOS XE Software Consent Token Bypass Vulnerability
A vulnerability in the persistent Telnet/Secure Shell SSH CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system OS with root privileges. The vulnerability is due to insufficient...
CVE-2020-3404 Cisco IOS XE Software Consent Token Bypass Vulnerability
A vulnerability in the persistent Telnet/Secure Shell SSH CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system OS with root privileges. The vulnerability is due to insufficient...
Cisco IOS XE Software Consent Token Bypass Vulnerability
A vulnerability in the persistent Telnet/Secure Shell SSH CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system OS with root privileges. The vulnerability is due to insufficient...
PT-2020-4426 · Cisco · Cisco Ios Xe
Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: The issue is related to errors in access control for the Telnet/Secure Shell SSH command-line interface of Cisco IOS XE Software. This could allow an authenticated, local...
Cisco IOS XE Software Consent Token Bypass Vulnerability (cisco-sa-20190925-iosxe-ctbypass)
According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability it the CLI. The source of the vulnerability is insufficient enforcement of the consent token in authorizing shell access. By authenticating to the CLI and requesting shell access, an attacker could use th...
Cisco IOS XE Consent Token Bypass Vulnerability
Cisco IOS XE is a set of operating systems developed by Cisco for its network devices. A consent token bypass vulnerability exists in the CLI of Cisco IOS XE. The vulnerability stems from insufficient enforcement of consent tokens in authorized Shell access. An attacker could exploit this...
CVE-2019-12671
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system OS. The vulnerability is due to insufficient enforcement of the consent token in authorizing shell...
CVE-2019-12671 Cisco IOS XE Software Consent Token Bypass Vulnerability
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system OS. The vulnerability is due to insufficient enforcement of the consent token in authorizing shell...
CVE-2019-12671 Cisco IOS XE Software Consent Token Bypass Vulnerability
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system OS. The vulnerability is due to insufficient enforcement of the consent token in authorizing shell...