16 results (0.007 seconds)

CVSS: 7.2EPSS: 7%CPEs: 127EXPL: 1

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges. Una vulnerabilidad en la función de interfaz de usuario web del software Cisco IOS XE podría permitir que un atacante remoto autenticado inyecte comandos con privilegios de root. • https://github.com/smokeintheshell/CVE-2023-20273 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z/cvrf/cisco-sa-iosxe-webui-privesc-j22SaA4z_cvrf.xml https://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-theory-crafting https://www.horizon3.ai/cisco-ios-xe- • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 8.6EPSS: 0%CPEs: 182EXPL: 0

A vulnerability in Cisco IOS XE Software for Cisco Catalyst 3650 and Catalyst 3850 Series Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper resource management when processing traffic that is received on the management interface. An attacker could exploit this vulnerability by sending a high rate of traffic to the management interface. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Una vulnerabilidad en el software Cisco IOS XE para los Switches Cisco Catalyst 3650 y Catalyst 3850 Series podría permitir que un atacante remoto no autenticado provoque que un dispositivo afectado se recargue inesperadamente, lo que resultaría en una condición de denegación de servicio (DoS). Esta vulnerabilidad se debe a una gestión inadecuada de los recursos al procesar el tráfico que se recibe en la interfaz de gestión. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cat3k-dos-ZZA4Gb3r • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 6.8EPSS: 0%CPEs: 621EXPL: 0

A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of DHCPv6 messages. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: To successfully exploit this vulnerability, the attacker would need to either control the DHCPv6 server or be in a man-in-the-middle position. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdios-dhcpv6-cli-Zf3zTv • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 4.6EPSS: 0%CPEs: 240EXPL: 0

A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot variable permissions in ROMMON. An attacker could exploit this vulnerability by rebooting the switch into ROMMON and entering specific commands through the console. A successful exploit could allow the attacker to read any file or reset the enable password. Una vulnerabilidad en la función de des habilitación de la recuperación de contraseñas del software Cisco IOS XE ROM Monitor (ROMMON) para Cisco Catalyst Switches podría permitir a un atacante local no autenticado recuperar la configuración o restablecer la contraseña de habilitación. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-info-disc-nrORXjO • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •

CVSS: 8.6EPSS: 0%CPEs: 193EXPL: 0

A vulnerability in the egress MPLS packet processing function of Cisco IOS XE Software for Cisco Catalyst 3650, Catalyst 3850, and Catalyst 9000 Family Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation of IPv4 traffic. An attacker could exploit this vulnerability by sending a malformed packet out of an affected MPLS-enabled interface. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Una vulnerabilidad en la función de procesamiento de paquetes MPLS de salida del software Cisco IOS XE para los conmutadores de la familia Cisco Catalyst 3650, Catalyst 3850 y Catalyst 9000 podría permitir a un atacante remoto no autenticado causar una recarga inesperada del dispositivo afectado, resultando en una situación de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mpls-dos-Ab4OUL3 • CWE-130: Improper Handling of Length Parameter Inconsistency •