CVE-2023-20049 – Cisco IOS XR Software for ASR 9000 Series Routers Bidirectional Forwarding Detection Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-20049
A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed BFD packets that are received on line cards where the BFD hardware offload feature is enabled. An attacker could exploit this vulnerability by sending a crafted IPv4 BFD packet to an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset, resulting in loss of traffic over that line card while the line card reloads. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbT • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-805: Buffer Access with Incorrect Length Value •
CVE-2023-20076 – Cisco IOx Application Hosting Environment Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2023-20076
A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-233: Improper Handling of Parameters •
CVE-2022-20864 – Cisco IOS XE ROM Monitor Software for Catalyst Switches Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-20864
A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot variable permissions in ROMMON. An attacker could exploit this vulnerability by rebooting the switch into ROMMON and entering specific commands through the console. A successful exploit could allow the attacker to read any file or reset the enable password. Una vulnerabilidad en la función de des habilitación de la recuperación de contraseñas del software Cisco IOS XE ROM Monitor (ROMMON) para Cisco Catalyst Switches podría permitir a un atacante local no autenticado recuperar la configuración o restablecer la contraseña de habilitación. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-info-disc-nrORXjO • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVE-2022-20837 – Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20837
A vulnerability in the DNS application layer gateway (ALG) functionality that is used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to a logic error that occurs when an affected device inspects certain TCP DNS packets. An attacker could exploit this vulnerability by sending crafted DNS packets through the affected device that is performing NAT for DNS packets. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition on the affected device. Note: This vulnerability can be exploited only by sending IPv4 TCP packets through an affected device. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-alg-dos-KU9Z8kFX • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2022-20920 – Cisco IOS and IOS XE Software SSH Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20920
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit this vulnerability by continuously connecting to an affected device and sending specific SSH requests. A successful exploit could allow the attacker to cause the affected device to reload. Una vulnerabilidad en la implementación de SSH del software Cisco IOS y del software Cisco IOS XE podría permitir que un atacante remoto autenticado causara la recarga de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssh-excpt-dos-FzOBQTnk • CWE-755: Improper Handling of Exceptional Conditions •