75 matches found
CVE-2020-3284
A vulnerability in the enhanced Preboot eXecution Environment PXE boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the...
Design/Logic Flaw
A vulnerability in the enhanced Preboot eXecution Environment PXE boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the...
CVE-2020-3284 Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability
A vulnerability in the enhanced Preboot eXecution Environment PXE boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the...
CVE-2020-3524
A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...
CVE-2020-3524 Cisco IOS XE ROM Monitor Software Vulnerability
A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...
CVE-2019-1736 Multiple Cisco UCS-Based Products UEFI Secure Boot Bypass Vulnerability
A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface UEFI Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to improp...
Cisco IOS XE Software Digital Signature Verification Bypass (cisco-sa-iosxe-digsig-bypass-FYQ3bmVq)
According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability due to an improper check on the area of code that manages the verification of the digital signatures of system image files during the initial boot process. An attacker could exploit this vulnerability by...
Cisco Nexus 3000 Series and 9000 Series Switches in NX-OS Mode CLI Command Software Image Signature Verification Vulnerability
According to its self-reported version, Cisco NX-OS Software isa ffected by a vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco Nexus 3000 Series and 9000 Series Switches could allow an authenticated, local attacker with administrator-level credential...
CVE-2019-5300
There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the...
CVE-2019-5300
There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the...
CVE-2019-1812
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...
Design/Logic Flaw
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...
Design/Logic Flaw
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...
CVE-2019-1811 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...
CVE-2019-1811
Cisco NX-OS has a local, authenticated vulnerability in the Image Signature Verification feature that can allow an administrator to install an unsigned software image due to signatures not being properly verified during CLI command execution. Affected product: Cisco NX-OS Software; the issue stem...
CVE-2019-1812 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...
CVE-2019-1810 Cisco Nexus 3000 Series and 9000 Series Switches in NX-OS Mode CLI Command Software Image Signature Verification Vulnerability
A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco Nexus 3000 Series and 9000 Series Switches could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The...
Cisco Nexus 3000 Series and 9000 Series Switches in NX-OS Mode CLI Command Software Image Signature Verification Vulnerability
A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco Nexus 3000 Series and 9000 Series Switches could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The...
The vulnerability of the Software Image Management component of the system identification management service in Cisco Digital Network Architecture Center allows a attacker to gain access to internal services.
The vulnerability of the Software Image Management component of the Cisco Digital Network Architecture Center DNA Center’s identity management service is related to insufficient verification of data entered by users. Exploiting this vulnerability can allow a malicious actor, operating remotely, t...
CVE-2019-1841
A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...