Lucene search
K
CiscoFirepower Extensible Operating System*

12 matches found

CVE
CVE
added 2022/02/23 5:40 p.m.153 views

CVE-2022-20625

CVE-2022-20625 affects Cisco FXOS and Cisco NX-OS Software via the Cisco Discovery Protocol service. The root cause is improper handling of Cisco Discovery Protocol messages, allowing an unauthenticated, adjacent attacker to restart the CDP service and cause a DoS, with rare cases potentially reb...

6.1CVSS5AI score0.03398EPSS
CVE
CVE
added 2020/02/26 4:51 p.m.107 views

CVE-2020-3166

CVE-2020-3166 : Cisco FXOS Software contains a CLI input validation flaw in the FXOS CLI command path that allows an authenticated, local attacker to read or write arbitrary files on the OS. The issue is triggered by crafted arguments to a specific CLI command, enabling partial to high impact on ...

6.7CVSS5.1AI score0.00285EPSS
CVE
CVE
added 2020/02/26 4:50 p.m.101 views

CVE-2020-3172

CVE-2020-3172 affects Cisco FXOS Software and Cisco NX-OS Software via the Cisco Discovery Protocol. Insufficient validation of CDP packet headers allows an unauthenticated, Layer-2 adjacent attacker to send a crafted CDP packet, causing a buffer overflow that could let the attacker execute arbit...

8.8CVSS9.4AI score0.02044EPSS
CVE
CVE
added 2020/02/26 4:51 p.m.81 views

CVE-2020-3167

CVE-2020-3167 covers a CLI command injection vulnerability in Cisco FXOS Software and Cisco UCS Manager Software. The issue stems from insufficient input validation in CLI commands, allowing an authenticated, local attacker to inject crafted arguments and execute arbitrary OS commands with the pr...

7.8CVSS7.8AI score0.00484EPSS
CVE
CVE
added 2019/03/07 8:0 p.m.78 views

CVE-2019-1598

CVE-2019-1598 describes multiple LDAP parsing vulnerabilities in Cisco FXOS/NX-OS that allow an unauthenticated attacker to trigger a device reload and DoS by sending a BER-formatted LDAP packet from a configured LDAP source. Affected products/families and pre-patch versions (Cisco FXOS: <2.0....

8.6CVSS8.1AI score0.02518EPSS
CVE
CVE
added 2019/05/16 5:0 p.m.75 views

CVE-2019-1780

CVE-2019-1780 is a Cisco FXOS/NX-OS command-injection vulnerability in the CLI caused by insufficient validation of arguments passed to certain CLI commands. An authenticated local attacker with administrator credentials can exploit this to execute arbitrary commands on the underlying operating s...

7.2CVSS5.7AI score0.00446EPSS
CVE
CVE
added 2019/11/05 7:15 p.m.72 views

CVE-2019-1734

CVE-2019-1734 affects Cisco FXOS and NX-OS Software. Root cause: incomplete RBAC verification in a CLI diagnostic command, allowing an authenticated, local attacker to arbitrarily read sensitive files with valid credentials. Impact: information disclosure; no exploitation details provided beyond ...

5.5CVSS5.4AI score0.00309EPSS
CVE
CVE
added 2019/05/15 8:15 p.m.71 views

CVE-2019-1795

Cisco FXOS Software and Cisco NX-OS Software are affected by CVE-2019-1795, a command-injection vulnerability in the CLI. The flaw stems from insufficient validation of arguments passed to a specific CLI command, allowing an authenticated, local attacker with valid administrator credentials to ru...

7.2CVSS6.7AI score0.00463EPSS
CVE
CVE
added 2019/03/07 7:0 p.m.70 views

CVE-2019-1597

CVE-2019-1597 describes multiple LDAP parsing flaws in Cisco FXOS/NX-OS that permit an unauthenticated, remote attacker to force a device reload and DoS by sending a BER-crafted LDAP packet from a configured LDAP server IP. Affected product families and versions include: Firepower 4100 series: &l...

8.6CVSS8.1AI score0.02518EPSS
CVE
CVE
added 2020/10/21 6:36 p.m.70 views

CVE-2020-3455

The CVE-2020-3455 entry applies to Cisco FXOS Software for Firepower 4100/9300 Series Appliances. Affected component is the secure boot process; root cause is insufficient protections that allow a local, authenticated attacker to bypass secure boot by injecting code into a file referenced during ...

7.8CVSS6.8AI score0.00344EPSS
CVE
CVE
added 2019/05/15 7:40 p.m.68 views

CVE-2019-1779

Cisco FXOS and NX-OS Software contain a command-injection vulnerability in the CLI due to insufficient validation of arguments for certain commands. An authenticated, local attacker with valid credentials could exploit this to execute arbitrary OS commands with elevated privileges on the affected...

7.2CVSS5.7AI score0.00446EPSS
CVE
CVE
added 2020/10/21 6:35 p.m.48 views

CVE-2020-3459

CVE-2020-3459 affects Cisco FXOS Software for Firepower 4100/9300 series. The issue stems from insufficient input validation in the CLI, allowing an authenticated, local attacker to submit crafted input that commands are executed with root privileges on the underlying OS. Impact is command inject...

7.8CVSS6.9AI score0.00376EPSS