Iox Security Vulnerabilities and Issues — Iox CVE List

Lucene search

CiscoIox

9 matches found

CVE•added 2023/02/12 4:15 a.m.•410 views

CVE-2023-20076

A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an ap...

8.8CVSS8.1AI score0.00545EPSS

CVE•added 2017/03/22 7:59 p.m.•47 views

CVE-2017-3851

A Directory Traversal vulnerability in the web framework code of the Cisco application-hosting framework (CAF) component of the Cisco IOx application environment could allow an unauthenticated, remote attacker to read any file from the CAF in the virtual instance running on the affected device. The...

7.5CVSS7.5AI score0.0762EPSS

CVE•added 2017/03/22 7:59 p.m.•46 views

CVE-2017-3853

A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an affected device. The v...

10CVSS9.9AI score0.01368EPSS

CVE•added 2017/01/26 7:59 a.m.•43 views

CVE-2017-3805

A vulnerability in the web-based management interface of Cisco IOS and Cisco IOx Software could allow an unauthenticated, remote attacker to view confidential information that is displayed without authenticating to the device. Affected Products: This vulnerability affects Cisco IOS Software and Cis...

5.3CVSS5.2AI score0.00328EPSS

CVE•added 2020/06/03 6:15 p.m.•42 views

CVE-2020-3237

A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction e...

6.3CVSS6.2AI score0.00046EPSS

CVE•added 2020/06/03 6:15 p.m.•38 views

CVE-2020-3238

A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient input valid...

8.1CVSS8.1AI score0.00407EPSS

CVE•added 2020/06/03 6:15 p.m.•37 views

CVE-2020-3233

A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based Local Manager interface of an affected device. The attacker must have v...

6.4CVSS5.5AI score0.00167EPSS

CVE•added 2017/03/22 7:59 p.m.•35 views

CVE-2017-3852

A vulnerability in the Cisco application-hosting framework (CAF) component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device. The vulnerability is due to insufficient input...

8.1CVSS8AI score0.00789EPSS

CVE•added 2016/12/14 12:59 a.m.•34 views

CVE-2016-9199

A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. Affected Products: This vulnerability affects specific releases of the Cisco IOx subsystem of Cisco IOS and IOS XE Software. More...

6.8CVSS6.3AI score0.00902EPSS