Page 10 of 53 results (0.003 seconds)

CVSS: 9.3EPSS: 0%CPEs: 23EXPL: 0

A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when the device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. The attacker must have a man-in-the-middle position between Cisco vManage and an associated device that is running an affected version of Cisco IOS XE SD-WAN Software. An exploit could allow the attacker to conduct a controllable buffer overflow attack (and possibly execute arbitrary commands as the root user) or cause a device reload, resulting in a denial of service (DoS) condition. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-buffover-CqdRWLc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.3EPSS: 0%CPEs: 26EXPL: 0

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected device as a low-privileged user to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by injecting arbitrary commands to a file as a lower-privileged user. The commands are then executed on the device by the root user. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3 • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0

A vulnerability in the vDaemon process of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Una vulnerabilidad en el proceso vDaemon del Software Cisco IOS XE SD-WAN, podría permitir a un atacante remoto no autenticado causar la recarga de un dispositivo, lo que resultará en una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwdos-4zeEeC9w • CWE-20: Improper Input Validation •

CVSS: 7.2EPSS: 0%CPEs: 98EXPL: 0

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit this vulnerability by installing code to a specific directory in the underlying operating system (OS) and setting a specific ROMMON variable. A successful exploit could allow the attacker to execute persistent code on the underlying OS. To exploit this vulnerability, the attacker would need access to the root shell on the device or have physical access to the device. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xbace-OnCEbyS • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 5.8EPSS: 0%CPEs: 23EXPL: 0

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network. Múltiples productos de Cisco están afectados por una vulnerabilidad en el motor de detección Snort que podría permitir a un atacante remoto no autenticado omitir las políticas de archivos configuradas sobre un sistema afectado. • https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP https://www.debian.org/security/2023/dsa-5354 • CWE-668: Exposure of Resource to Wrong Sphere CWE-693: Protection Mechanism Failure •