CVSS: 8.8EPSS: 0%CPEs: 679EXPL: 0CVE-2020-3217 – Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-3217
03 Jun 2020 — A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient length restrictions when the onePK Topology Discovery Service parses Cisco Discovery Protocol messages. An attacker could exploit this vulnerability ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 224EXPL: 0CVE-2020-3215 – Cisco IOS XE Software Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-3215
03 Jun 2020 — A vulnerability in the Virtual Services Container of Cisco IOS XE Software could allow an authenticated, local attacker to gain root-level privileges on an affected device. The vulnerability is due to insufficient validation of a user-supplied open virtual appliance (OVA). An attacker could exploit this vulnerability by installing a malicious OVA on an affected device. Una vulnerabilidad en el Virtual Services Container de Cisco IOS XE Software, podría permitir a un atacante local autenticado conseguir priv... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-priv-esc1-OKMKFRhV • CWE-20: Improper Input Validation CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 314EXPL: 0CVE-2020-3209 – Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-3209
03 Jun 2020 — A vulnerability in software image verification in Cisco IOS XE Software could allow an unauthenticated, physical attacker to install and boot a malicious software image or execute unsigned binaries on an affected device. The vulnerability is due to an improper check on the area of code that manages the verification of the digital signatures of system image files during the initial boot process. An attacker could exploit this vulnerability by loading unsigned software on an affected device. A successful expl... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-digsig-bypass-FYQ3bmVq • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.2EPSS: 0%CPEs: 1283EXPL: 0CVE-2020-3204 – Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-3204
03 Jun 2020 — A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter. An attacker could exploit this vulnerability by loading malicious Tcl code on an affected device. A successful exploit could allow the att... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcl-ace-C9KuVKmm • CWE-20: Improper Input Validation •
CVSS: 6.0EPSS: 0%CPEs: 1917EXPL: 0CVE-2020-3201 – Cisco IOS and IOS XE Software Tcl Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3201
03 Jun 2020 — A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter. An attacker could exploit this vulnerability by executing crafted Tcl arguments on an affected device. An exploit could allow the attacker to cause the affect... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcl-dos-MAZQUnMF • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-4661
https://notcve.org/view.php?id=CVE-2011-4661
12 Feb 2020 — A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured. Se presenta una vulnerabilidad de pérdida de memoria en Cisco IOS versiones anteriores a 15.2(1)T, debido a una pérdida de memoria en el proceso de HTTP PROXY Server (también se conoce como CSCtu52820), cuando se configuró con Cisco ISR Web Security con Cisco ScanSafe y ... • https://www.cisco.com/c/en/us/td/docs/ios/15_2m_and_t/release/notes/15_2m_and_t/152-1TCAVS.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 8.6EPSS: 1%CPEs: 6EXPL: 0CVE-2019-12655 – Cisco IOS XE Software FTP Application Layer Gateway for NAT, NAT64, and ZBFW Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-12655
25 Sep 2019 — A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a buffer overflow that occurs when an affected device inspects certain FTP traffic. An attacker could exploit this vulnerability by performing a specific FTP transfer through the device. A... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ftp • CWE-20: Improper Input Validation CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.2EPSS: 0%CPEs: 211EXPL: 0CVE-2019-1649 – Cisco Secure Boot Hardware Tampering Vulnerability
https://notcve.org/view.php?id=CVE-2019-1649
13 May 2019 — A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot har... • http://www.securityfocus.com/bid/108350 • CWE-284: Improper Access Control CWE-667: Improper Locking •
CVSS: 4.3EPSS: 0%CPEs: 1762EXPL: 0CVE-2019-1761 – Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability
https://notcve.org/view.php?id=CVE-2019-1761
28 Mar 2019 — A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory initialization. An attacker could exploit this vulnerability by receiving HSRPv2 traffic from an adjacent HSRP member. A successful exploit could allow the attacker to receive potentially sensitive information from the adjacent device. Una vul... • http://www.securityfocus.com/bid/107620 • CWE-665: Improper Initialization •
CVSS: 5.9EPSS: 0%CPEs: 239EXPL: 0CVE-2019-1757 – Cisco IOS and IOS XE Software Smart Call Home Certificate Validation Vulnerability
https://notcve.org/view.php?id=CVE-2019-1757
28 Mar 2019 — A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidenti... • http://www.securityfocus.com/bid/107617 • CWE-295: Improper Certificate Validation •