Lucene search
K

9 matches found

CVE
CVE
added 2021/12/10 12:0 a.m.6854 views

CVE-2021-44228

CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...

10CVSS10AI score0.99999EPSS
In wildWeb
CVE
CVE
added 2020/02/05 5:50 p.m.136 views

CVE-2020-3120

CVE-2020-3120 affects Cisco FXOS, IOS XR, and NX-OS CDP handling. A missing check when processing Cisco Discovery Protocol messages could let an unauthenticated, adjacent attacker cause a device reload and DoS by sending crafted CDP packets (Layer 2). Impact per sources is DoS via memory exhausti...

7.4CVSS6.5AI score0.02026EPSS
CVE
CVE
added 2018/06/21 11:0 a.m.73 views

CVE-2018-0331

The CVE-2018-0331 issue is a DoS in Cisco NX-OS FXOS/NX-OS/NCS/UCS Manager by failing to validate certain CDP fields in CDP messages. An unauthenticated, adjacent attacker can trigger a DoS that restarts affected devices. Affected products include Firepower 4100/NX-OS-based platforms, various Nex...

6.5CVSS6.4AI score0.0064EPSS
CVE
CVE
added 2023/02/23 12:0 a.m.71 views

CVE-2023-20016

CVE-2023-20016 affects Cisco UCS Manager Software and Cisco FXOS Software backups/export files. The root issue is a weakness in the backup encryption method using a static key, which could let an unauthenticated attacker with access to a backup decrypt sensitive data stored in full state and conf...

6.5CVSS6.3AI score0.0011EPSS
CVE
CVE
added 2020/02/26 4:50 p.m.70 views

CVE-2020-3171

The CVE-2020-3171 entry covers Cisco FXOS and Cisco UCS Manager Software Local Management CLI Command Injection caused by insufficient input validation in the local-mgmt CLI. An authenticated, local attacker can run arbitrary commands on the device’s underlying OS; on most platforms this occurs w...

7.8CVSS7.8AI score0.00484EPSS
CVE
CVE
added 2021/09/23 2:25 a.m.67 views

CVE-2021-34714

CVE-2021-34714 affects Cisco FXOS, IOS, IOS XE/XR, and NX-OS UDLD implementations. The root cause is improper input validation of UDLD packets, enabling an unauthenticated, adjacent attacker to trigger a device reload and DoS; on IOS XR the impact is limited to reloading the UDLD process. The vul...

7.4CVSS7.4AI score0.00376EPSS
CVE
CVE
added 2018/06/20 9:0 p.m.62 views

CVE-2018-0294

The CVE-2018-0294 issue is a local-authenticated vulnerability in Cisco FXOS/NX-OS write-erase handling. The affected software may fail to delete sensitive files when clearing device configuration and reloading, enabling an authenticated administrator to create an unauthorized admin account that ...

7.2CVSS6.6AI score0.00466EPSS
CVE
CVE
added 2017/10/19 8:0 a.m.60 views

CVE-2017-3883

CVE-2017-3883 affects Cisco FXOS and NX-OS System Software with AAA enabled. An unauthenticated remote attacker can brute-force login attempts, causing AAA processes to block keepalive messages; memory pressure can trigger AAA restart or device reload, leading to a denial of service. Affected pro...

8.6CVSS8.5AI score0.0445EPSS
CVE
CVE
added 2018/06/21 11:0 a.m.47 views

CVE-2018-0300

Cisco FXOS on the Firepower 4100 Series NGFW and Firepower 9300 Security Appliance is affected by a path traversal vulnerability in the application image upload flow. Insufficient validation during image upload allows an authenticated, remote attacker to create or overwrite arbitrary files on the...

9CVSS7.3AI score0.07395EPSS