2 matches found
Cisco IOS XE Software Virtualization Manager CLI Command Injection Vulnerability (cisco-sa-20190925-vman-cmd-injection)
According to its self-reported version, Cisco IOS XE Software is affected by command injection vulnerability. A local, authenticated attacker can exploit this to execute arbitrary code as root on the underlying system. Please see the included Cisco BIDs and Cisco Security Advisory for more...
CVE-2019-12661
CVE-2019-12661 : Cisco IOS XE Software’s Virtualization Manager (VMAN) CLI command is vulnerable to injection due to insufficient validation of arguments passed to a specific VMAN CLI command. An authenticated, local attacker with administrator privileges can exploit this to execute arbitrary com...