Design/Logic Flaw

A vulnerability in the file system on the pluggable USB 3.0 Solid State Drive SSD for Cisco IOS XE Software could allow an authenticated, physical attacker to remove the USB 3.0 SSD and modify sensitive areas of the file system, including the namespace container protections. The vulnerability...

CVE-2020-3396

The CVE-2020-3396 issue affects Cisco IOS XE Software IOx Guest Shell running on pluggable USB 3.0 SSDs. The root cause is that USB SSD control data is not stored on the device’s internal boot flash, enabling a physical attacker to remove the USB drive, alter or delete files, then reinsert it to ...

CVE-2020-25039

Removed by vendor...

Cisco IOS XE Software IOx Guest Shell Namespace Protection Vulnerability (cisco-sa-20190925-iox-gs)

According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the filesystem which allows an authenticated, local attacker within the IOx Guest Shell to modify the namespace container protections on an affected device. The vulnerability is due to insufficient fil...

CVE-2019-12670

A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker within the IOx Guest Shell to modify the namespace container protections on an affected device. The vulnerability is due to insufficient file permissions. An attacker could exploit this...

UBUNTU-CVE-2015-1318

The crash reporting feature in Apport 2.13 through 2.17.x before 2.17.1 allows local users to gain privileges via a crafted usr/share/apport/apport file in a namespace container...