Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.19 views

Cisco NX-OS Software DHCP Options Command Injection (CVE-2015-0658)

The DHCP implementation in the PowerOn Auto Provisioning POAP feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589. This...

7.9CVSS5.9AI score0.01138EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/05/12 12:0 a.m.32 views

Cisco NX-OS Software DHCP Options Command Injection Vulnerability (Cisco-SA-20150327-CVE-2015-0658)

A vulnerability in DHCP code used with PowerOn Auto Provisioning POAP of Cisco NX-OS could allow an unauthenticated, adjacent attacker to inject arbitrary commands into the Cisco NX-OS device. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced...

7.9CVSS7.1AI score0.01138EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/04/27 12:0 a.m.55 views

Cisco NX-OS DHCP POAP Command Injection Vulnerability

The remote Cisco device is running a version of NX-OS software that is affected by a command injection vulnerability due to the PowerOn Auto Provisioning POAP feature not properly validating the DHCP options returned by POAP. An attacker on an adjacent network, using crafted DHCP packets, can...

7.9CVSS6.1AI score0.01138EPSS
Exploits0References2
CVE
CVE
added 2015/03/28 1:0 a.m.53 views

CVE-2015-0658

Cisco NX-OS POAP DHCP Options Command Injection (CVE-2015-0658). The POAP DHCP initialization validation is insufficient, allowing an adjacent attacker to send crafted DHCP packets and execute arbitrary commands as root on the affected device. Impact is remote code execution with root privileges ...

7.9CVSS7.6AI score0.01138EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder