15 matches found
EUVD-2013-3371
Malware in sbrugna...
EUVD-2023-24288
Malicious code in bioql PyPI...
Cisco IOS Software Group Encrypted Transport VPN Out of Bounds Write (cisco-sa-getvpn-rce-g8qR68sx)
According to its self-reported version, Cisco IOS is affected by a vulnerability. - A vulnerability in the Cisco Group Encrypted Transport VPN GET VPN feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a...
Cisco IOS XE Software Group Encrypted Transport VPN Out of Bounds Write (cisco-sa-getvpn-rce-g8qR68sx)
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the Cisco Group Encrypted Transport VPN GET VPN feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control o...
Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts
Cisco is warning of attempted exploitation of a security flaw in its IOS Software and IOS XE Software that could permit an authenticated remote attacker to achieve remote code execution on affected systems. The medium-severity vulnerability is tracked as CVE-2023-20109, and has a CVSS score of 6....
CVE-2023-20109
A vulnerability in the Cisco Group Encrypted Transport VPN GET VPN feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause...
CVE-2023-20109
A vulnerability in the Cisco Group Encrypted Transport VPN GET VPN feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause...
CVE-2023-20109
CVE-2023-20109 affects Cisco IOS and IOS XE GET VPN. Root cause: insufficient validation of GDOI/G-IKEv2 attributes in GET VPN, enabling an authenticated admin on a group member or key server to execute arbitrary code or crash the device. Impact (as stated): full device control or reboot/DoS. Rem...
CVE-2023-20109
A vulnerability in the Cisco Group Encrypted Transport VPN GET VPN feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause...
Cisco IOS and IOS XE Software Cisco Group Encrypted Transport VPN Software Out-of-Bounds Write Vulnerability
A vulnerability in the Cisco Group Encrypted Transport VPN GET VPN feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause...
CVE-2023-20109
A vulnerability in the Cisco Group Encrypted Transport VPN GET VPN feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause...
Cisco IOS GET VPN Encryption Policy Bypass Vulnerability
A vulnerability in the Cisco Group Encrypted Transport VPN GET VPN feature of Cisco IOS could allow traffic to bypass the configured encryption policy. The vulnerability is due to the default, implicit policies set in place to permit Group Domain of Interpretation GDOI traffic to flow unencrypted...
Default configuration
The default configuration of the Group Encrypted Transport VPN GET VPN feature on Cisco IOS uses an improper mechanism for enabling Group Domain of Interpretation GDOI traffic flow, which allows remote attackers to bypass the encryption policy via certain uses of UDP port 848, aka Bug ID CSCui076...
CVE-2013-3436
The default configuration of the Group Encrypted Transport VPN GET VPN feature on Cisco IOS uses an improper mechanism for enabling Group Domain of Interpretation GDOI traffic flow, which allows remote attackers to bypass the encryption policy via certain uses of UDP port 848, aka Bug ID CSCui076...
Cisco Security Advisory: Cisco IOS Software IPsec Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Software IPsec Vulnerability Advisory ID: cisco-sa-20100324-ipsec Revision 1.0 For Public Release 2010 March 24 1600 UTC GMT +--------------------------------------------------------------------- Summary ======= A...