2 matches found
Cisco IOS XE Software Consent Token Bypass (cisco-sa-iosxe-ctbypass-7QHAfHkK)
According to its self-reported version, Cisco IOS XE Software is affected by a consent token bypass vulnerability. An authenticated, local attacker can exploit this via gaining shell access on an affected device and executing commands on the underlying operating system OS with root privileges...
CVE-2020-3404
Cisco IOS XE Software is affected by a consent token bypass in the persistent Telnet/SSH CLI, allowing an authenticated, local attacker to gain root shell access and execute OS commands. The root cause is insufficient enforcement of consent tokens when authorizing shell access. Affected details i...