4 matches found
CVE-2022-20655
A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this...
Cisco SD-WAN Software Multiple Products CLI Command Injection (cisco-sa-cli-cmdinj-4MttWZPB)
According to its self-reported version, Cisco SD-WAN Software is affected by multiple vulnerabilities. Please see the included Cisco BIDs and Cisco Security Advisory for more information. C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Cisco Issues Patch for Critical RCE Vulnerability in RCM for StarOS Software
Cisco Systems has rolled out fixes for a critical security flaw affecting Redundancy Configuration Manager RCM for Cisco StarOS Software that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and take over vulnerable machines. Tracked as CVE-2022-20649 CVSS scor...
Cisco IOS XE SD-WAN Software Multiple Products CLI Command Injection (cisco-sa-cli-cmdinj-4MttWZPB)
According to its self-reported version, Cisco IOS XE SD-WAN Software is affected by multiple vulnerabilities. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...