3 matches found
CVE-2020-3396
The CVE-2020-3396 issue affects Cisco IOS XE Software IOx Guest Shell running on pluggable USB 3.0 SSDs. The root cause is that USB SSD control data is not stored on the device’s internal boot flash, enabling a physical attacker to remove the USB drive, alter or delete files, then reinsert it to ...
Cisco IOS XE Software IOx Guest Shell Namespace Protection Vulnerability (cisco-sa-20190925-iox-gs)
According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the filesystem which allows an authenticated, local attacker within the IOx Guest Shell to modify the namespace container protections on an affected device. The vulnerability is due to insufficient fil...
CVE-2019-12670
A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker within the IOx Guest Shell to modify the namespace container protections on an affected device. The vulnerability is due to insufficient file permissions. An attacker could exploit this...