CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25526
https://notcve.org/view.php?id=CVE-2023-25526
20 Sep 2023 — NVIDIA Cumulus Linux contains a vulnerability in neighmgrd and nlmanager where an attacker on an adjacent network may cause an uncaught exception by injecting a crafted packet. A successful exploit may lead to denial of service. NVIDIA Cumulus Linux contiene una vulnerabilidad en neighmgrd y nlmanager donde un atacante en una red adyacente puede causar una excepción no detectada al inyectar un paquete manipulado. Un exploit exitoso puede llevar a la Denegación de Servicio. • https://nvidia.custhelp.com/app/answers/detail/a_id/5480 • CWE-248: Uncaught Exception •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25525
https://notcve.org/view.php?id=CVE-2023-25525
20 Sep 2023 — NVIDIA Cumulus Linux contains a vulnerability in forwarding where a VxLAN-encapsulated IPv6 packet received on an SVI interface with DMAC/DIPv6 set to the link-local address of the SVI interface may be incorrectly forwarded. A successful exploit may lead to information disclosure. NVIDIA Cumulus Linux contiene una vulnerabilidad en el reenvío donde un paquete IPv6 encapsulado en VxLAN recibido en una interfaz SVI con DMAC/DIPv6 configurado en la dirección de enlace local de la interfaz SVI puede reenviarse ... • https://nvidia.custhelp.com/app/answers/detail/a_id/5480 • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-15865
https://notcve.org/view.php?id=CVE-2017-15865
08 Nov 2017 — bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492). bgpd en FRRouting (FRR) en versiones anteriores a la 2.0.2 y versiones 3.x anteriores a la 3.0.2, tal y como se usa en Cumulus Linux en versiones an... • http://www.securityfocus.com/bid/101794 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-5699 – Cumulus Linux 2.5.3 Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-5699
18 Aug 2015 — The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label. Switch Configuration Tools Backend (clcmd_server) en Cumulus Linux en versiones 2.5.3 y anteriores permite que usuarios locales ejecuten comandos arbitrarios mediante metacaracteres shell en una etiqueta de comando cl-rctl. • https://packetstorm.news/files/id/133244 • CWE-264: Permissions, Privileges, and Access Controls •