Lucene search
K

75 matches found

NVD
NVD
added 2020/11/06 7:15 p.m.24 views

CVE-2020-3284

A vulnerability in the enhanced Preboot eXecution Environment PXE boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the...

9.8CVSS8.7AI score0.02767EPSS
Exploits0References1
Prion
Prion
added 2020/11/06 7:15 p.m.27 views

Design/Logic Flaw

A vulnerability in the enhanced Preboot eXecution Environment PXE boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the...

9.3CVSS9.5AI score0.02767EPSS
Exploits0References1Affected Software44
Cvelist
Cvelist
added 2020/11/06 6:16 p.m.28 views

CVE-2020-3284 Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability

A vulnerability in the enhanced Preboot eXecution Environment PXE boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the...

8.1CVSS9.6AI score0.02767EPSS
Exploits0References1
NVD
NVD
added 2020/09/24 6:15 p.m.29 views

CVE-2020-3524

A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...

6.9CVSS0.00285EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/09/24 5:51 p.m.26 views

CVE-2020-3524 Cisco IOS XE ROM Monitor Software Vulnerability

A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...

6.4CVSS6.5AI score0.00285EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/09/23 12:26 a.m.10 views

CVE-2019-1736 Multiple Cisco UCS-Based Products UEFI Secure Boot Bypass Vulnerability

A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface UEFI Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to improp...

6.2CVSS6.6AI score0.00247EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/06/05 12:0 a.m.114 views

Cisco IOS XE Software Digital Signature Verification Bypass (cisco-sa-iosxe-digsig-bypass-FYQ3bmVq)

According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability due to an improper check on the area of code that manages the verification of the digital signatures of system image files during the initial boot process. An attacker could exploit this vulnerability by...

7.2CVSS7.2AI score0.00268EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/06/07 12:0 a.m.29 views

Cisco Nexus 3000 Series and 9000 Series Switches in NX-OS Mode CLI Command Software Image Signature Verification Vulnerability

According to its self-reported version, Cisco NX-OS Software isa ffected by a vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco Nexus 3000 Series and 9000 Series Switches could allow an authenticated, local attacker with administrator-level credential...

6.7CVSS6.5AI score0.00263EPSS
Exploits0References4
NVD
NVD
added 2019/06/04 7:29 p.m.28 views

CVE-2019-5300

There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the...

6.7CVSS6.4AI score0.00186EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/06/04 6:30 p.m.27 views

CVE-2019-5300

There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the...

6.4AI score0.00186EPSS
Exploits0References1
OSV
OSV
added 2019/05/15 11:29 p.m.6 views

CVE-2019-1812

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...

6.7CVSS6.7AI score0.00334EPSS
Exploits0References2
Prion
Prion
added 2019/05/15 11:29 p.m.20 views

Design/Logic Flaw

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...

7.2CVSS6.5AI score0.00334EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/05/15 11:29 p.m.26 views

Design/Logic Flaw

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...

7.2CVSS6.5AI score0.00265EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/05/15 10:20 p.m.36 views

CVE-2019-1811 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...

6.7CVSS6.5AI score0.00265EPSS
Exploits0References2
CVE
CVE
added 2019/05/15 10:20 p.m.70 views

CVE-2019-1811

Cisco NX-OS has a local, authenticated vulnerability in the Image Signature Verification feature that can allow an administrator to install an unsigned software image due to signatures not being properly verified during CLI command execution. Affected product: Cisco NX-OS Software; the issue stem...

7.2CVSS6.5AI score0.00265EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2019/05/15 10:20 p.m.9 views

CVE-2019-1812 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...

6.7CVSS6.8AI score0.00334EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/05/15 10:15 p.m.25 views

CVE-2019-1810 Cisco Nexus 3000 Series and 9000 Series Switches in NX-OS Mode CLI Command Software Image Signature Verification Vulnerability

A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco Nexus 3000 Series and 9000 Series Switches could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The...

6.7CVSS6.5AI score0.00263EPSS
Exploits0References2
Cisco
Cisco
added 2019/05/15 4:0 p.m.63 views

Cisco Nexus 3000 Series and 9000 Series Switches in NX-OS Mode CLI Command Software Image Signature Verification Vulnerability

A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco Nexus 3000 Series and 9000 Series Switches could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The...

6.7CVSS2.4AI score0.00263EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/04/30 12:0 a.m.5 views

The vulnerability of the Software Image Management component of the system identification management service in Cisco Digital Network Architecture Center allows a attacker to gain access to internal services.

The vulnerability of the Software Image Management component of the Cisco Digital Network Architecture Center DNA Center’s identity management service is related to insufficient verification of data entered by users. Exploiting this vulnerability can allow a malicious actor, operating remotely, t...

8.5CVSS7.1AI score0.02644EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2019/04/18 2:29 a.m.16 views

CVE-2019-1841

A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...

8.1CVSS7AI score0.02644EPSS
Exploits0References2
Rows per page
Query Builder