211 matches found
CVE-2018-0477
The CVE-2018-0477 entry describes a local, command-injection vulnerability in the CLI parser of Cisco IOS XE Software. An authenticated attacker with Privilege Level 15 can exploit improper sanitization of CLI command arguments to access internal data structures and execute arbitrary root command...
CVE-2018-15368 Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...
CVE-2018-15368 Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...
CVE-2018-0481 Cisco IOS XE Software Command Injection Vulnerabilities
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes command arguments, faili...
Cisco IOS XE Software CLI Parser Command Injection Vulnerability (CNVD-2018-20299)
Cisco IOS XE Software is an operating system developed by Cisco for its network devices.CLI parser is one of the command line command parsers. A command injection vulnerability exists in the CLI parser in Cisco IOS XE Software, which arises from an affected application failing to properly filter...
Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...
Cisco IOS XE Software Command Injection Vulnerabilities
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerabilities exist because the affected software improperly sanitizes command...
Cisco Enterprise NFV Infrastructure Software Secure Copy Protocol Server Input Validation Vulnerability
Cisco Enterprise NFV Infrastructure Software NFVIS is a suite of NVF infrastructure software platforms from the U.S.-based Cisco. The platform enables full lifecycle management of virtualization services through a central coordinator and controller. secure copy protocol SCP server is one of the...
Cisco Warns of Three Critical Bugs in Digital Network Architecture Platform
Cisco Systems patched three bugs on Wednesday that are rated critical, tied to its Digital Network Architecture DNA Center platform. Cisco also warned of four additional vulnerabilities – each rated high. All of the vulnerabilities have available patches for mitigation. All three of the critical...
CVE-2018-0279
A vulnerability in the Secure Copy Protocol SCP server of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation of...
The vulnerability of the CLI analyzer in the Cisco IOS XE operating system allows a hacker to execute arbitrary commands.
The vulnerability of the Cisco IOS XE operating system’s CLI analyzer is related to deficiencies in access control. Exploiting this vulnerability allows a person with privileges at the EXEC mode level to gain access to the device’s Linux shell and execute arbitrary commands with root privileges...
Multiple vulnerabilities in the CLI analyzer of the Cisco IOS XE operating system, allowing attackers to execute arbitrary commands
The multiple vulnerabilities of the Cisco IOS XE operating system’s CLI analyzer are related to the failure to take measures to neutralize special elements used in the operating system’s commands. Exploiting these vulnerabilities can allow attackers to gain access to the device’s Linux shell and...
The vulnerability of the CLI analyzer in the Cisco IOS XE operating system allows a hacker to execute arbitrary commands.
The vulnerability of the Cisco IOS XE operating system’s CLI analyzer is related to deficiencies in access control. Exploiting this vulnerability allows a person with privileges at the EXEC mode level to gain access to the device’s Linux shell and execute arbitrary commands with root privileges...
Multiple vulnerabilities in the CLI analyzer of the Cisco IOS XE operating system, allowing attackers to execute arbitrary commands
The multiple vulnerabilities of the Cisco IOS XE operating system’s CLI analyzer are related to the failure to take measures to neutralize special elements used in the operating system’s commands. Exploiting these vulnerabilities can allow attackers to gain access to the device’s Linux shell and...
Cisco IOS XE Software CLI Parser OS Command Injection Vulnerability
Cisco IOS XE Software is an operating system developed by Cisco for its network devices.CLI parser is one of the command line command parsers. The CLI parser in Cisco IOS XE Software is vulnerable to an operating system command injection vulnerability that arises from a program that fails to...
Cisco IOS XE Software CLI Parser Command Injection Vulnerability (CNVD-2018-08180)
Cisco IOS XE Software is an operating system developed by Cisco for its network devices.CLI parser is one of the command line command parsers. A command injection vulnerability exists in the CLI parser in Cisco IOS XE Software, which arises from the program's failure to adequately filter command...
CVE-2018-0194
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
Design/Logic Flaw
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0194
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0194
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...