CVE-2024-20399 – Cisco NX-OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2024-20399
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root. Note: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. Una vulnerabilidad en la CLI del software Cisco NX-OS podría permitir que un atacante local autenticado ejecute comandos arbitrarios como root en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de los argumentos que se pasan a comandos CLI de configuración específicos. • https://github.com/Blootus/CVE-2024-20399-Cisco-RCE https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP https://www.sygnia.co/threat-reports-and-advisories/china-nexus-threat-group-velvet-ant-exploits-cisco-0-day • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2021-34714 – Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-34714
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ • CWE-20: Improper Input Validation •
CVE-2019-1593 – Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-1593
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The vulnerability is due to the incorrect implementation of a Bash shell command that allows role-based access control (RBAC) to be bypassed. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Bash prompt. A successful exploit could allow the attacker to escalate their privilege level by executing commands that should be restricted to other roles. • http://www.securityfocus.com/bid/107324 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nx-os-bash-escal • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2019-1594 – Cisco NX-OS Software 802.1X Extensible Authentication Protocol over LAN Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1594
A vulnerability in the 802.1X implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation of Extensible Authentication Protocol over LAN (EAPOL) frames. An attacker could exploit this vulnerability by sending a crafted EAPOL frame to an interface on the targeted device. A successful exploit could allow the attacker to cause the Layer 2 (L2) forwarding process to restart multiple times, leading to a system-level restart of the device and a DoS condition. Note: This vulnerability affects only NX-OS devices configured with 802.1X functionality. • http://www.securityfocus.com/bid/107325 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nx-os-lan-auth • CWE-20: Improper Input Validation CWE-264: Permissions, Privileges, and Access Controls •