12 matches found
CVE-2020-3204
A vulnerability in the Tool Command Language Tcl interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system OS with root privileges. The vulnerability is due...
CVE-2020-3201
A vulnerability in the Tool Command Language Tcl interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service DoS condition on an affected system. The vulnerability is due to insufficient inp...
CVE-2020-3204 Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability
A vulnerability in the Tool Command Language Tcl interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system OS with root privileges. The vulnerability is due...
Cisco IOS XE Software for Cisco 4000 Series Integrated Services Routers Privileged EXEC Mode Root Shell Access (cisco-sa-20180328-privesc3)
According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the CLI parser due to improperly sanitizing command arguments to prevent access to internal data structures on a device. An authenticated, local attacker with privileged EXEC mode privilege level 15...
Cisco IOS XE Software Privileged EXEC Mode Root Shell Access (cisco-sa-20180926-privesc)
According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the CLI parser due to the affected software improperly sanitizing command arguments to prevent modifications to the underlying Linux file system on a device. An authenticated, local attacker who has...
CVE-2018-0477
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes command arguments, faili...
CVE-2018-0481
The CVE-2018-0481 issue is a vulnerability in the Cisco IOS XE Software CLI parser that allows a locally authenticated attacker with privileged EXEC access to inject and run arbitrary commands as root on the device’s Linux shell. Root cause: improper sanitization of CLI command arguments, allowin...
CVE-2018-0481 Cisco IOS XE Software Command Injection Vulnerabilities
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes command arguments, faili...
CVE-2018-15368 Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...
CVE-2018-15368 Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...
Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...
Cisco IOS XE Software for Cisco 4000 Series Integrated Services Routers Privileged EXEC Mode Root Shell Access Vulnerability
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...