Page 16 of 143 results (0.005 seconds)

CVSS: 7.2EPSS: 0%CPEs: 63EXPL: 1

Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges. • https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU • CWE-20: Improper Input Validation CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •

CVSS: 8.5EPSS: 0%CPEs: 5EXPL: 1

A vulnerability in Cisco IOx application hosting environment of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands into the underlying operating system as the root user. This vulnerability is due to incomplete validation of fields in the application packages loaded onto IOx. An attacker could exploit this vulnerability by creating a crafted application .tar file and loading it onto the device. A successful exploit could allow the attacker to perform command injection into the underlying operating system as the root user. Una vulnerabilidad en el entorno de alojamiento de aplicaciones Cisco IOx del Software Cisco IOS XE, podría permitir a un atacante remoto autenticado inyectar comandos en el sistema operativo subyacente como usuario root. • https://github.com/orangecertcc/security-research/security/advisories/GHSA-h332-fj6p-2232 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-cmdinj-RkSURGHG • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.2EPSS: 0%CPEs: 74EXPL: 0

A vulnerability in one of the diagnostic test CLI commands of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker would need to have valid user credentials at privilege level 15. This vulnerability exists because the affected software permits modification of the run-time memory of an affected device under specific circumstances. An attacker could exploit this vulnerability by authenticating to the affected device and issuing a specific diagnostic test command at the CLI. A successful exploit could trigger a logic error in the code that was designed to restrict run-time memory modifications. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-OFP-6Nezgn7b • CWE-123: Write-what-where Condition •

CVSS: 7.2EPSS: 0%CPEs: 134EXPL: 0

A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit this vulnerability by bypassing the consent token mechanism with the residual scripts on the affected device. A successful exploit could allow the attacker to escalate from privilege level 15 to root privilege. Una vulnerabilidad en el depurador dragonite del Software Cisco IOS XE, podría permitir a un atacante local autenticado escalar del nivel de privilegio 15 al privilegio de root. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-FSM-Yj8qJbJc • CWE-489: Active Debug Code •

CVSS: 7.8EPSS: 0%CPEs: 214EXPL: 0

A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol (CIP) and then remotely configure the device as an administrative user. This vulnerability exists because incorrect permissions are associated with the show cip security CLI command. An attacker could exploit this vulnerability by issuing the command to retrieve the password for CIP on an affected device. A successful exploit could allow the attacker to reconfigure the device. Una vulnerabilidad en los permisos de comando de la CLI del Software Cisco IOS y Cisco IOS XE, podría permitir a un atacante local autenticado recuperar la contraseña para el Protocolo industrial común (CIP) y luego configurar remotamente el dispositivo como un usuario administrativo. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-SAP-OPLbze68 • CWE-522: Insufficiently Protected Credentials •