Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-20655

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-15 Nov, 2024 | 15:56
Updated At-15 Nov, 2024 | 21:00
Rejected At-
Credits

A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of this process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privilege level of ConfD, which is commonly root.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:15 Nov, 2024 | 15:56
Updated At:15 Nov, 2024 | 21:00
Rejected At:
â–¼CVE Numbering Authority (CNA)

A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of this process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privilege level of ConfD, which is commonly root.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco IOS XR Software
Versions
Affected
  • N/A
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Virtual Topology System (VTS)
Versions
Affected
  • N/A
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Network Services Orchestrator
Versions
Affected
  • N/A
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Enterprise NFV Infrastructure Software
Versions
Affected
  • N/A
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Catalyst SD-WAN
Versions
Affected
  • N/A
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Catalyst SD-WAN Manager
Versions
Affected
  • N/A
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco IOS XE Catalyst SD-WAN
Versions
Affected
  • N/A
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco SD-WAN vEdge Router
Versions
Affected
  • N/A
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Ultra Gateway Platform
Versions
Affected
  • N/A
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Carrier Packet Transport
Versions
Affected
  • 3.5
  • 3.1
  • 3.2
  • 2.5
  • 2.0
  • 9.2.2
  • 1.4.0
  • 1.0
  • 1.1
  • 1.2
  • 2.1.0
  • 2.3.0
  • 2.3.3
  • 2.3.5
  • 2.3.4
  • 2.0.1
  • 2.0.0
  • 2.0.3
  • 2.0.4
  • 2.0.5
  • 2.4.0
  • 2.2.2
  • 2.2.3
  • 10.8.0
  • 7.0.3
  • 7.0.1
  • 1.0.2
  • 1.1.1
  • 1.1.2
  • 4.1
  • 4.0
  • 12.1.0
  • 9.8.1
  • 9.8.0
  • 4.1.82
  • 4.1.4
  • 4.6.1
  • 4.0.4
  • 4.0.3
  • 6.2.4
  • 3.0.5
  • 3.0.6
  • 3.0.7
  • 3.0.3
  • 3.0.0
  • 9.5.0
  • 9.5.3
  • 9.5.1
  • 9.5.2
  • 9.7.0
  • 9.521
  • 4.5.0
  • 4.7.0
  • 3.2.0
  • 3.2.1
  • 3.1.0
Problem Types
TypeCWE IDDescription
cweCWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Type: cwe
CWE ID: CWE-78
Description: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cli-cmdinj-4MttWZPB
N/A
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-confdcli-cmdinj-wybQDSSh
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cli-cmdinj-4MttWZPB
Resource: N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-confdcli-cmdinj-wybQDSSh
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
Cisco Systems, Inc.cisco
Product
ios_xr_software
CPEs
  • cpe:2.3:o:cisco:ios_xr_software:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 7.0.2 (custom)
  • From 7.1.0 before 7.1.1 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
virtual_topology_system
CPEs
  • cpe:2.3:a:cisco:virtual_topology_system:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 2.6.5 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
network_services_orchestrator
CPEs
  • cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 4.3.9.1 (custom)
  • From 4.4.0.0 before 4.4.5.6 (custom)
  • From 4.5.0 before 4.5.7 (custom)
  • From 4.6.0 before 4.6.1.7 (custom)
  • From 4.7.0 before 4.7.1 (custom)
  • From 5.1.0 before 5.1.0.1 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
enterprise_nfv_infrastructure_software
CPEs
  • cpe:2.3:a:cisco:enterprise_nfv_infrastructure_software:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 3.12.1 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
catalyst_sd-wan_manager
CPEs
  • cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 18.4.4 (custom)
  • From 19.2.0 before 19.2.1 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
ios_xe_catalyst_sd-wan
CPEs
  • cpe:2.3:o:cisco:ios_xe_catalyst_sd-wan:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 16.10.2 (custom)
  • From 16.12.0 before 16.12.1b (custom)
  • From 17.2.0 before 17.2.1r (custom)
Vendor
Cisco Systems, Inc.cisco
Product
sd-wan_vedge_router
CPEs
  • cpe:2.3:a:cisco:sd-wan_vedge_router:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 18.4.4 (custom)
  • From 19.2.0 before 19.2.1 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
carrier_packet_transport
CPEs
  • cpe:2.3:a:cisco:carrier_packet_transport:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before * (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@cisco.com
Published At:15 Nov, 2024 | 16:15
Updated At:15 Apr, 2026 | 00:35

A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of this process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privilege level of ConfD, which is commonly root.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-78Secondarypsirt@cisco.com
CWE ID: CWE-78
Type: Secondary
Source: psirt@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cli-cmdinj-4MttWZPBpsirt@cisco.com
N/A
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-confdcli-cmdinj-wybQDSShpsirt@cisco.com
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cli-cmdinj-4MttWZPB
Source: psirt@cisco.com
Resource: N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-confdcli-cmdinj-wybQDSSh
Source: psirt@cisco.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

356Records found
CVE-2023-20175
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.10% / 26.61%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 17:13
Updated-16 Dec, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Read-only-level privileges or higher on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-20040
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.05% / 13.98%
||
7 Day CHG~0.00%
Published-11 Mar, 2026 | 16:31
Updated-12 Mar, 2026 | 21:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software CLI Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root and execute arbitrary commands on the underlying operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco IOS XR Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-20138
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.04% / 13.25%
||
7 Day CHG~0.00%
Published-12 Mar, 2025 | 16:12
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software CLI Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root and execute arbitrary commands.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-20398
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.24% / 46.61%
||
7 Day CHG~0.00%
Published-11 Sep, 2024 | 16:38
Updated-03 Oct, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Local Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Softwareios_xr_software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-20295
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.45% / 63.74%
||
7 Day CHG~0.00%
Published-24 Apr, 2024 | 19:41
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have read-only or higher privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Unified Computing System (Standalone)Cisco Unified Computing System E-Series Software (UCSE)unified_computing_system
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20038
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.04% / 13.10%
||
7 Day CHG~0.00%
Published-19 Jan, 2023 | 01:34
Updated-28 Oct, 2024 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local attacker to access a static secret key used to store both local data and credentials for accessing remote systems. This vulnerability is due to a static key value stored in the application used to encrypt application data and remote credentials. An attacker could exploit this vulnerability by gaining local access to the server Cisco Industrial Network Director is installed on. A successful exploit could allow the attacker to decrypt data allowing the attacker to access remote systems monitored by Cisco Industrial Network Director.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-industrial_network_directorCisco Industrial Network Director
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-3234
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.05% / 14.04%
||
7 Day CHG~0.00%
Published-03 Jun, 2020 | 17:55
Updated-15 Nov, 2024 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Static Credentials Vulnerability

A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated but low-privileged, local attacker to log in to the Virtual Device Server (VDS) of an affected device by using a set of default credentials. The vulnerability is due to the presence of weak, hard-coded credentials. An attacker could exploit this vulnerability by authenticating to the targeted device and then connecting to VDS through the device’s virtual console by using the static credentials. A successful exploit could allow the attacker to access the Linux shell of VDS as the root user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios11201240829809Cisco IOS 12.2(60)EZ16
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-3115
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.14% / 34.10%
||
7 Day CHG~0.00%
Published-26 Jan, 2020 | 04:31
Updated-15 Nov, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Solution Local Privilege Escalation Vulnerability

A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges to root-level privileges on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted file to the affected system. An exploit could allow the attacker to elevate privileges to root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_100mvedge-5000vedge-100bvedge-2000sd-wan_firmwarevedge-100vedge-1000vedge_100wmCisco SD-WAN Solution
CWE ID-CWE-264
Not Available
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-20046
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.03% / 8.28%
||
7 Day CHG~0.00%
Published-11 Mar, 2026 | 16:31
Updated-12 Mar, 2026 | 21:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software CLI Privilege Escalation Vulnerability

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due to incorrect mapping of a command to task groups within the source code. An attacker with a low-privileged account could exploit this vulnerability by using the CLI command to bypass the task group–based checks. A successful exploit could allow the attacker to elevate privileges and perform actions on an affected device without authorization checks.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco IOS XR Software
CVE-2024-20284
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 28.10%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 16:37
Updated-17 Oct, 2024 | 15:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Python Parser Escape Vulnerability

A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.  Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-n9k-c9232cn9k-c92348gc-xnexus_34200yc-smnexus_93108tc-ex_switchnexus_93180lc-exnexus_3132q-xnexus_3172tqnx-osnexus_3200nexus_3636c-rnexus_9396tx_switchn9k-sup-bnexus_93128txnexus_9336pq_aci_spinenexus_9372tx_switchnexus_9336pq_aci_spine_switchn9k-c9372pxnexus_9336pq_acin9k-x9732c-fxnexus_92160yc_switchn9k-c9504-fm-rnexus_9432pqn9k-c92304qcnexus_9364d-gx2anexus_3016qnexus_3132q-vnexus_9332cnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3524-xn9k-c93216tc-fx2nexus_31108tc-vnexus_9372px-e_switchnexus_9636pqnexus_9348gc-fxpnexus_3172nexus_9808nexus_9272qnexus_9500_supervisor_b\+nexus_9500_4-slotn9k-sc-anexus_93120tx_switchnexus_93180yc-fxnexus_3432d-sn9k-sup-b\+n9k-c93108tc-fxn9k-c93360yc-fx2nexus_3232nexus_3000n9k-x9736c-fxnexus_3524nexus_9000_in_standalonen9k-x9736c-exnexus_3548-x\/xlnexus_9332d-gx2bnexus_3016nexus_9364c-h1nexus_9804n9k-c9372txnexus_92304qcn9k-c9396pxnexus_93108tc-fx-24nexus_93240tc-fx2nexus_9000_in_standalone_nx-os_modenexus_9500_supervisor_bnexus_9500_8-slotn9k-c9316d-gxnexus_3100nexus_3048nexus_9348gc-fx3phnexus_3500_platformnexus_9372tx-enexus_93360yc-fx2nexus_3524-xln9k-c93180yc-fxnexus_9396txn9k-c9348gc-fxpnexus_3232c_nexus_92300yc_switchnexus_3064n9k-c93128txnexus_9716d-gxnexus_3500n9k-x9788tc-fxn9k-c93600cd-gxnexus_9336c-fx2-en9k-c93240yc-fx2n9k-x9564txnexus_9396pxn9k-c93108tc-exn9k-c9372tx-en9k-x9464pxnexus_9221cn9k-c9336c-fx2nexus_3132q-x\/3132q-xlnexus_9372txnexus_9348d-gx2an9k-x9432c-snexus_3064-tnexus_93600cd-gxnexus_3408-snexus_9536pqnexus_9372px-enexus_9336pqnexus_3600nexus_9372tx-e_switchn9k-x9636c-rnexus_3400n9k-c9364c-gxnexus_9332pqnexus_93108tc-exnexus_9508nexus_3100-vn9k-c9236cnexus_92304qc_switchnexus_93120txn9k-x9400-8dnexus_9316d-gxnexus_3524-x\/xln9k-c9332d-gx2bnexus_9504_switchnexus_9408nexus_3100-zn9k-sup-an9k-c9332pqn9k-x9464tx2n9k-c93180yc-exn9k-c9348d-gx2an9k-x96136yc-rnexus_31128pqn9k-x9636q-rnexus_3548-xlnexus_93180yc-fx3snexus_3164qnexus_9364cnexus_93400ld-h1nexus_9800nexus_3132c-znexus_3172pq\/pq-xln9k-x97284yc-fxn9k-c9364d-gx2an9k-c9272qn9k-x9732c-exnexus_93180yc-fx-24nexus_3464cn9k-c9396txnexus_93216tc-fx2nexus_9232enexus_36180yc-rn9k-c9504nexus_93180tc-exnexus_3264qnexus_34180ycnexus_9000vnexus_9300nexus_31108pc-vn9k-x9400-22ln9k-x9636c-rxnexus_9500_supervisor_a\+nexus_3064-32tn9k-c93120txn9k-c93180yc2-fxnexus_93180yc-fx3nexus_9508_switchnexus_93180yc-ex-24n9k-c9516n9k-c9508nexus_3100vnexus_3548nexus_9736pqnexus_9396px_switchnexus_3132qn9k-c9372px-en9k-x9400-16wn9k-x97160yc-exnexus_9000_in_aci_modenexus_9372pxnexus_9364c-gxn9k-c9332cnexus_92160yc-xnexus_93180lc-ex_switchnexus_9372px_switchnexus_3000_seriesnexus_93108tc-ex-24nexus_9332pq_switchn9k-c92300ycnexus_9500_16-slotnexus_3064xnexus_9000nexus_31108pv-vnexus_9236c_switchnexus_9500nexus_93108tc-fx3pnexus_9504nexus_93108tc-fxnexus_3064tn9k-c9508-fm-rnexus_9500_supervisor_anexus_9800_34-port_100g_and_14-port_400g_line_cardnexus_92300ycnexus_3172pqnexus_3064-xnexus_9272q_switchnexus_3232cnexus_9200ycnexus_9200nexus_93180yc-ex_switchnexus_93108tc-fx3nexus_9348gc-fx3nexus_9800_36-port_400g_line_cardn9k-c9364cnexus_93128tx_switchnexus_3264c-enexus_93240yc-fx2n9k-c92160yc-xnexus_3548-xnexus_3132q-xlnexus_3172tq-xlnexus_93180yc-exnexus_9516_switchnexus_9332d-h2rnexus_93128nexus_93108tc-fx3hn9k-c93180lc-exnexus_9236cn9k-sup-a\+n9k-x9564pxnexus_93180yc-fx3hnexus_9516nexus_3172pq-xlnexus_9500rCisco NX-OS Software
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2024-20285
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 28.10%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 16:37
Updated-22 Oct, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Python Parser Escape Vulnerability

A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.  Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-n9k-c9232cn9k-c92348gc-xnexus_34200yc-smnexus_93108tc-ex_switchnexus_93180lc-exnexus_3132q-xnexus_3172tqnx-osnexus_3200nexus_3636c-rnexus_9396tx_switchn9k-sup-bnexus_93128txnexus_9336pq_aci_spinenexus_9372tx_switchnexus_9336pq_aci_spine_switchn9k-c9372pxnexus_9336pq_acin9k-x9732c-fxnexus_92160yc_switchn9k-c9504-fm-rnexus_9432pqn9k-c92304qcnexus_9364d-gx2anexus_3016qnexus_3132q-vnexus_9332cnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3524-xn9k-c93216tc-fx2nexus_31108tc-vnexus_9372px-e_switchnexus_9636pqnexus_9348gc-fxpnexus_3172nexus_9808nexus_9272qnexus_9500_supervisor_b\+nexus_9500_4-slotn9k-sc-anexus_93120tx_switchnexus_93180yc-fxnexus_3432d-sn9k-sup-b\+n9k-c93108tc-fxn9k-c93360yc-fx2nexus_3232nexus_3000n9k-x9736c-fxnexus_3524nexus_9000_in_standalonen9k-x9736c-exnexus_3548-x\/xlnexus_9332d-gx2bnexus_3016nexus_9364c-h1nexus_9804n9k-c9372txnexus_92304qcn9k-c9396pxnexus_93108tc-fx-24nexus_93240tc-fx2nexus_9000_in_standalone_nx-os_modenexus_9500_supervisor_bnexus_9500_8-slotn9k-c9316d-gxnexus_3100nexus_3048nexus_9348gc-fx3phnexus_3500_platformnexus_9372tx-enexus_93360yc-fx2nexus_3524-xln9k-c93180yc-fxnexus_9396txn9k-c9348gc-fxpnexus_3232c_nexus_92300yc_switchnexus_3064n9k-c93128txnexus_9716d-gxnexus_3500n9k-x9788tc-fxn9k-c93600cd-gxnexus_9336c-fx2-en9k-c93240yc-fx2n9k-x9564txnexus_9396pxn9k-c93108tc-exn9k-c9372tx-en9k-x9464pxnexus_9221cn9k-c9336c-fx2nexus_3132q-x\/3132q-xlnexus_9372txnexus_9348d-gx2an9k-x9432c-snexus_3064-tnexus_93600cd-gxnexus_3408-snexus_9536pqnexus_9372px-enexus_9336pqnexus_3600nexus_9372tx-e_switchn9k-x9636c-rnexus_3400n9k-c9364c-gxnexus_9332pqnexus_93108tc-exnexus_9508nexus_3100-vn9k-c9236cnexus_92304qc_switchnexus_93120txn9k-x9400-8dnexus_9316d-gxnexus_3524-x\/xln9k-c9332d-gx2bnexus_9504_switchnexus_9408nexus_3100-zn9k-sup-an9k-c9332pqn9k-x9464tx2n9k-c93180yc-exn9k-c9348d-gx2an9k-x96136yc-rnexus_31128pqn9k-x9636q-rnexus_3548-xlnexus_93180yc-fx3snexus_3164qnexus_9364cnexus_93400ld-h1nexus_9800nexus_3132c-znexus_3172pq\/pq-xln9k-x97284yc-fxn9k-c9364d-gx2an9k-c9272qn9k-x9732c-exnexus_93180yc-fx-24nexus_3464cn9k-c9396txnexus_93216tc-fx2nexus_9232enexus_36180yc-rn9k-c9504nexus_93180tc-exnexus_3264qnexus_34180ycnexus_9000vnexus_9300nexus_31108pc-vn9k-x9400-22ln9k-x9636c-rxnexus_9500_supervisor_a\+nexus_3064-32tn9k-c93120txn9k-c93180yc2-fxnexus_93180yc-fx3nexus_9508_switchnexus_93180yc-ex-24n9k-c9516n9k-c9508nexus_3100vnexus_3548nexus_9736pqnexus_9396px_switchnexus_3132qn9k-c9372px-en9k-x9400-16wn9k-x97160yc-exnexus_9000_in_aci_modenexus_9372pxnexus_9364c-gxn9k-c9332cnexus_92160yc-xnexus_93180lc-ex_switchnexus_9372px_switchnexus_3000_seriesnexus_93108tc-ex-24nexus_9332pq_switchn9k-c92300ycnexus_9500_16-slotnexus_3064xnexus_9000nexus_31108pv-vnexus_9236c_switchnexus_9500nexus_93108tc-fx3pnexus_9504nexus_93108tc-fxnexus_3064tn9k-c9508-fm-rnexus_9500_supervisor_anexus_9800_34-port_100g_and_14-port_400g_line_cardnexus_92300ycnexus_3172pqnexus_3064-xnexus_9272q_switchnexus_3232cnexus_9200ycnexus_9200nexus_93180yc-ex_switchnexus_93108tc-fx3nexus_9348gc-fx3nexus_9800_36-port_400g_line_cardn9k-c9364cnexus_93128tx_switchnexus_3264c-enexus_93240yc-fx2n9k-c92160yc-xnexus_3548-xnexus_3132q-xlnexus_3172tq-xlnexus_93180yc-exnexus_9516_switchnexus_9332d-h2rnexus_93128nexus_93108tc-fx3hn9k-c93180lc-exnexus_9236cn9k-sup-a\+n9k-x9564pxnexus_93180yc-fx3hnexus_9516nexus_3172pq-xlnexus_9500rCisco NX-OS Software
CWE ID-CWE-653
Improper Isolation or Compartmentalization
CVE-2024-20286
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 28.10%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 16:37
Updated-22 Oct, 2024 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Python Parser Escape Vulnerability

A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.  Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-n9k-c9232cn9k-c92348gc-xnexus_34200yc-smnexus_93108tc-ex_switchnexus_93180lc-exnexus_3132q-xnexus_3172tqnx-osnexus_3200nexus_3636c-rnexus_9396tx_switchn9k-sup-bnexus_93128txnexus_9336pq_aci_spinenexus_9372tx_switchnexus_9336pq_aci_spine_switchn9k-c9372pxnexus_9336pq_acin9k-x9732c-fxnexus_92160yc_switchn9k-c9504-fm-rnexus_9432pqn9k-c92304qcnexus_9364d-gx2anexus_3016qnexus_3132q-vnexus_9332cnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3524-xn9k-c93216tc-fx2nexus_31108tc-vnexus_9372px-e_switchnexus_9636pqnexus_9348gc-fxpnexus_3172nexus_9808nexus_9272qnexus_9500_supervisor_b\+nexus_9500_4-slotn9k-sc-anexus_93120tx_switchnexus_93180yc-fxnexus_3432d-sn9k-sup-b\+n9k-c93108tc-fxn9k-c93360yc-fx2nexus_3232nexus_3000n9k-x9736c-fxnexus_3524nexus_9000_in_standalonen9k-x9736c-exnexus_3548-x\/xlnexus_9332d-gx2bnexus_3016nexus_9364c-h1nexus_9804n9k-c9372txnexus_92304qcn9k-c9396pxnexus_93108tc-fx-24nexus_93240tc-fx2nexus_9000_in_standalone_nx-os_modenexus_9500_supervisor_bnexus_9500_8-slotn9k-c9316d-gxnexus_3100nexus_3048nexus_9348gc-fx3phnexus_3500_platformnexus_9372tx-enexus_93360yc-fx2nexus_3524-xln9k-c93180yc-fxnexus_9396txn9k-c9348gc-fxpnexus_3232c_nexus_92300yc_switchnexus_3064n9k-c93128txnexus_9716d-gxnexus_3500n9k-x9788tc-fxn9k-c93600cd-gxnexus_9336c-fx2-en9k-c93240yc-fx2n9k-x9564txnexus_9396pxn9k-c93108tc-exn9k-c9372tx-en9k-x9464pxnexus_9221cn9k-c9336c-fx2nexus_3132q-x\/3132q-xlnexus_9372txnexus_9348d-gx2an9k-x9432c-snexus_3064-tnexus_93600cd-gxnexus_3408-snexus_9536pqnexus_9372px-enexus_9336pqnexus_3600nexus_9372tx-e_switchn9k-x9636c-rnexus_3400n9k-c9364c-gxnexus_9332pqnexus_93108tc-exnexus_9508nexus_3100-vn9k-c9236cnexus_92304qc_switchnexus_93120txn9k-x9400-8dnexus_9316d-gxnexus_3524-x\/xln9k-c9332d-gx2bnexus_9504_switchnexus_9408nexus_3100-zn9k-sup-an9k-c9332pqn9k-x9464tx2n9k-c93180yc-exn9k-c9348d-gx2an9k-x96136yc-rnexus_31128pqn9k-x9636q-rnexus_3548-xlnexus_93180yc-fx3snexus_3164qnexus_9364cnexus_93400ld-h1nexus_9800nexus_3132c-znexus_3172pq\/pq-xln9k-x97284yc-fxn9k-c9364d-gx2an9k-c9272qn9k-x9732c-exnexus_93180yc-fx-24nexus_3464cn9k-c9396txnexus_93216tc-fx2nexus_9232enexus_36180yc-rn9k-c9504nexus_93180tc-exnexus_3264qnexus_34180ycnexus_9000vnexus_9300nexus_31108pc-vn9k-x9400-22ln9k-x9636c-rxnexus_9500_supervisor_a\+nexus_3064-32tn9k-c93120txn9k-c93180yc2-fxnexus_93180yc-fx3nexus_9508_switchnexus_93180yc-ex-24n9k-c9516n9k-c9508nexus_3100vnexus_3548nexus_9736pqnexus_9396px_switchnexus_3132qn9k-c9372px-en9k-x9400-16wn9k-x97160yc-exnexus_9000_in_aci_modenexus_9372pxnexus_9364c-gxn9k-c9332cnexus_92160yc-xnexus_93180lc-ex_switchnexus_9372px_switchnexus_3000_seriesnexus_93108tc-ex-24nexus_9332pq_switchn9k-c92300ycnexus_9500_16-slotnexus_3064xnexus_9000nexus_31108pv-vnexus_9236c_switchnexus_9500nexus_93108tc-fx3pnexus_9504nexus_93108tc-fxnexus_3064tn9k-c9508-fm-rnexus_9500_supervisor_anexus_9800_34-port_100g_and_14-port_400g_line_cardnexus_92300ycnexus_3172pqnexus_3064-xnexus_9272q_switchnexus_3232cnexus_9200ycnexus_9200nexus_93180yc-ex_switchnexus_93108tc-fx3nexus_9348gc-fx3nexus_9800_36-port_400g_line_cardn9k-c9364cnexus_93128tx_switchnexus_3264c-enexus_93240yc-fx2n9k-c92160yc-xnexus_3548-xnexus_3132q-xlnexus_3172tq-xlnexus_93180yc-exnexus_9516_switchnexus_9332d-h2rnexus_93128nexus_93108tc-fx3hn9k-c93180lc-exnexus_9236cn9k-sup-a\+n9k-x9564pxnexus_93180yc-fx3hnexus_9516nexus_3172pq-xlnexus_9500rCisco NX-OS Software
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2024-20435
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.10% / 28.06%
||
7 Day CHG~0.00%
Published-17 Jul, 2024 | 16:27
Updated-08 Aug, 2025 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of Cisco AsyncOS for Secure Web Appliance could allow an authenticated, local attacker to execute arbitrary commands and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the CLI. An attacker could exploit this vulnerability by authenticating to the system and executing a crafted command on the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. To successfully exploit this vulnerability, an attacker would need at least guest credentials.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_web_appliance_virtual_s1000vsecure_web_appliance_virtual_s600vsecure_web_appliance_virtual_s300vasyncossecure_web_appliance_s196secure_web_appliance_s396secure_web_appliance_s696secure_web_appliance_virtual_s100vCisco Secure Web Appliancesecure_web_appliance
CWE ID-CWE-250
Execution with Unnecessary Privileges
CVE-2019-12675
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.2||HIGH
EPSS-0.03% / 9.25%
||
7 Day CHG~0.00%
Published-02 Oct, 2019 | 19:06
Updated-20 Nov, 2024 | 17:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_4145_firmwarefirepower_9300firepower_4150firepower_4110firepower_9300_firmwarefirepower_4125firepower_4125_firmwarefirepower_4140firepower_4115_firmwarefirepower_4150_firmwarefirepower_4120_firmwarefirepower_4145firepower_4120firepower_4140_firmwarefirepower_4110_firmwarefirepower_4115firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-216
DEPRECATED: Containment Errors (Container Errors)
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CVE-2018-0274
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.91% / 75.79%
||
7 Day CHG~0.00%
Published-07 Jun, 2018 | 12:00
Updated-29 Nov, 2024 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting malicious arguments into vulnerable commands. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected system. This vulnerability affects the following releases of Cisco Network Services Orchestrator (NSO): 4.1 through 4.1.6.0, 4.2 through 4.2.4.0, 4.3 through 4.3.3.0, 4.4 through 4.4.2.0. Cisco Bug IDs: CSCvf99982.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-network_services_orchestratorCisco Network Services Orchestrator unknown
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0324
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.20% / 42.12%
||
7 Day CHG~0.00%
Published-17 May, 2018 | 03:00
Updated-29 Nov, 2024 | 15:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters in the CLI parser. An attacker could exploit this vulnerability by invoking a vulnerable CLI command with crafted malicious parameters. An exploit could allow the attacker to execute arbitrary commands with a non-root user account on the underlying Linux operating system of the affected device. Cisco Bug IDs: CSCvi09723.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-network_functions_virtualization_infrastructureCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0453
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.2||HIGH
EPSS-0.13% / 32.54%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability

A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. To send the commands, the attacker must have root privileges for at least one affected sensor or the Cisco FMC. The vulnerability exists because the affected software performs insufficient checks for certain CLI commands, if the commands are executed via a Sourcefire tunnel connection. An attacker could exploit this vulnerability by authenticating with root privileges to a Firepower sensor or Cisco FMC, and then sending specific CLI commands to the Cisco FMC or through the Cisco FMC to another Firepower sensor via the Sourcefire tunnel connection. A successful exploit could allow the attacker to modify device configurations or delete files on the device that is running Cisco FMC Software or on any Firepower device that is managed by Cisco FMC.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco FireSIGHT System Software
CWE ID-CWE-264
Not Available
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0221
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.36% / 57.95%
||
7 Day CHG~0.00%
Published-08 Mar, 2018 | 07:00
Updated-02 Dec, 2024 | 20:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in specific CLI commands for the Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection to the underlying operating system or cause a hang or disconnect of the user session. The attacker needs valid administrator credentials for the device. The vulnerability is due to incomplete input validation of user input for certain CLI ISE configuration commands. An attacker could exploit this vulnerability by authenticating as an administrative user, issuing a specific CLI command, and entering crafted, malicious user input for the command parameters. An exploit could allow the attacker to perform command injection to the lower-level Linux operating system. It is also possible the attacker could cause the ISE user interface for this management session to hang or disconnect. Cisco Bug IDs: CSCvg95479.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0293
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-1.88% / 83.16%
||
7 Day CHG~0.00%
Published-20 Jun, 2018 | 21:00
Updated-29 Nov, 2024 | 15:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device. The vulnerability is due to incorrect RBAC privilege assignment for certain CLI commands. An attacker could exploit this vulnerability by authenticating to a device as a nonadministrative user and executing specific commands from the CLI. An exploit could allow the attacker to run commands that should be restricted to administrative users. These commands could modify the configuration or boot image on the device. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd77904.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-nexus_56128pnexus_9332pqnexus_3132q-xnexus_93108tc-exnexus_3172tqnx-osnexus_9508nexus_3100-vnexus_3636c-rnexus_93120txnexus_n9k-x9636c-rnexus_93128txnexus_3548-xlnexus_31128pqnexus_6001pnexus_3164qnexus_5020nexus_3172tq-32tnexus_3132c-znexus_3524-xnexus_5548pnexus_5648qnexus_9272qnexus_5672upnexus_3264qnexus_34180ycnexus_3064-32tnexus_5596upnexus_3548nexus_3132qnexus_3016nexus_9372pxnexus_5696qnexus_92304qcnexus_92160yc-xnexus_n9k-x9636q-rnexus_n9k-c9508-fm-rmds_9100nexus_9504nexus_3048nexus_3524-xlnexus_9396txnexus_7000nexus_3172pqnexus_3064-xnexus_3232cnexus_5548upnexus_9396pxnexus_5010nexus_5000nexus_5596tnexus_3264c-enexus_9372txnexus_5624qnexus_3548-xnexus_3132q-xlnexus_3064-tnexus_93180yc-exnexus_6001tnexus_172tq-xlnexus_c36180yc-rnexus_9236cnexus_9516nexus_3172pq-xlnexus_7700Cisco NX-OS unknown
CWE ID-CWE-264
Not Available
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0217
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.18% / 40.18%
||
7 Day CHG~0.00%
Published-08 Mar, 2018 | 07:00
Updated-02 Dec, 2024 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to perform a command injection attack on an affected system. The vulnerability is due to insufficient validation of commands that are supplied to certain configurations in the CLI of the affected operating system. An attacker could exploit this vulnerability by injecting crafted arguments into a vulnerable CLI command for an affected system. A successful exploit could allow the attacker to insert and execute arbitrary commands in the CLI of the affected system. To exploit this vulnerability, the attacker would need to authenticate to an affected system by using valid administrator credentials. Cisco Bug IDs: CSCvg29441.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asr_5700_firmwareasr_5500_firmwareasr_5000asr_5500asr_5000_firmwareasr_5700Cisco StarOS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0176
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.17% / 37.97%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-02 Dec, 2024 | 20:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerabilities are due to the affected software improperly sanitizing command arguments to prevent access to internal data structures on a device. An attacker who has user EXEC mode (privilege level 1) access to an affected device could exploit these vulnerabilities on the device by executing CLI commands that contain crafted arguments. A successful exploit could allow the attacker to gain access to the underlying Linux shell of the affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCtw85441, CSCus42252, CSCuv95370.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xeCisco IOS XE
CWE ID-CWE-264
Not Available
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0307
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.22%
||
7 Day CHG~0.00%
Published-20 Jun, 2018 | 21:00
Updated-29 Nov, 2024 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker, authenticated as a privileged user, to execute arbitrary commands with root privileges. Note: On products that support multiple virtual device contexts (VDC), this vulnerability could allow an attacker to access files from any VDC. This vulnerability affects Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve51704, CSCve91749, CSCve91768.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-nexus_56128pnexus_9332pqnexus_3132q-xnexus_93108tc-exnexus_3172tqnx-osnexus_9508nexus_3100-vnexus_3636c-rnexus_93120txnexus_n9k-x9636c-rnexus_93128txnexus_3548-xlnexus_31128pqnexus_6001pnexus_3164qnexus_5020nexus_3172tq-32tnexus_3132c-znexus_3524-xnexus_5548pnexus_5648qnexus_9272qnexus_5672upnexus_3264qnexus_34180ycnexus_3064-32tnexus_5596upnexus_3548nexus_3132qnexus_3016nexus_9372pxnexus_5696qnexus_92304qcnexus_92160yc-xnexus_n9k-x9636q-rnexus_n9k-c9508-fm-rnexus_9504nexus_3048nexus_9500nexus_3524-xlnexus_9396txnexus_7000nexus_3172pqnexus_3064-xnexus_3232cnexus_5548upnexus_9396pxnexus_5010nexus_5000nexus_5596tnexus_3264c-enexus_9372txnexus_5624qnexus_3548-xnexus_3132q-xlnexus_3064-tnexus_93180yc-exnexus_6001tnexus_172tq-xlnexus_c36180yc-rnexus_9236cnexus_9516nexus_3172pq-xlnexus_7700Cisco NX-OS unknown
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0185
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.24% / 47.55%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-02 Dec, 2024 | 20:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. The vulnerabilities exist because the affected software does not sufficiently sanitize command arguments before passing commands to the Linux shell for execution. An attacker could exploit these vulnerabilities by submitting a malicious CLI command to the affected software. A successful exploit could allow the attacker to break from the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell on an affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCuz03145, CSCuz56419, CSCva31971, CSCvb09542.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xeCisco IOS XE
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0193
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.24% / 47.55%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-02 Dec, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. The vulnerabilities exist because the affected software does not sufficiently sanitize command arguments before passing commands to the Linux shell for execution. An attacker could exploit these vulnerabilities by submitting a malicious CLI command to the affected software. A successful exploit could allow the attacker to break from the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell on an affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCuz03145, CSCuz56419, CSCva31971, CSCvb09542.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xeCisco IOS XE
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0099
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-1.76% / 82.64%
||
7 Day CHG~0.00%
Published-18 Jan, 2018 | 06:00
Updated-02 Dec, 2024 | 21:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web management GUI of the Cisco D9800 Network Transport Receiver could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of GUI command arguments. An attacker could exploit this vulnerability by injecting crafted arguments into a vulnerable GUI command. An exploit could allow the attacker to execute commands on the underlying BusyBox operating system. These commands are run at the privilege level of the authenticated user. The attacker needs valid device credentials for this attack. Cisco Bug IDs: CSCvg74691.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-d9800_firmwared9800Cisco D9800 Network Transport Receiver
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0183
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.23%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-02 Dec, 2024 | 20:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperly sanitizing command arguments to prevent access to internal data structures on a device. An attacker who has privileged EXEC mode (privilege level 15) access to an affected device could exploit this vulnerability on the device by executing CLI commands that contain crafted arguments. A successful exploit could allow the attacker to gain access to the underlying Linux shell of the affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCuv91356.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xeCisco IOS XE
CWE ID-CWE-264
Not Available
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0424
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.83% / 74.61%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco RV110W, RV130W, and RV215W Routers Management Interface Command Injection Vulnerability

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an authenticated, remote attacker to execute arbitrary commands. The vulnerability is due to improper validation of user-supplied input to scripts by the web-based management interface. An attacker could exploit this vulnerability by sending malicious requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the root user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-rv130w_firmwarerv215w_wireless-n_vpn_routerrv110w_firmwarerv130wrv110w_wireless-n_vpn_firewallrv215w_firmwareCisco RV130W Wireless-N Multifunction VPN Router Firmware
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0330
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.31% / 54.52%
||
7 Day CHG~0.00%
Published-20 Jun, 2018 | 21:00
Updated-29 Nov, 2024 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly validate certain parameters included within an NX-API request. An attacker that can successfully authenticate to the NX-API could submit a request designed to bypass NX-OS role assignment. A successful exploit could allow the attacker to execute commands with elevated privileges. This vulnerability affects the following if configured to use the NX-API feature: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCvc73177, CSCve40903, CSCve40911.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-nexus_56128pnexus_9332pqnexus_3132q-xnexus_93108tc-exnexus_3172tqnx-osnexus_9508nexus_3100-vnexus_3636c-rnexus_93120txnexus_n9k-x9636c-rnexus_93128txnexus_3548-xlnexus_31128pqnexus_6001pnexus_3164qnexus_5020nexus_3172tq-32tnexus_3132c-znexus_3524-xnexus_5548pnexus_5648qmds_9000nexus_9272qnexus_5672upnexus_3264qnexus_34180ycnexus_3064-32tnexus_5596upnexus_3548nexus_3132qnexus_3016nexus_9372pxnexus_5696qnexus_92304qcnexus_92160yc-xnexus_n9k-x9636q-rnexus_n9k-c9508-fm-rnexus_9504nexus_3048nexus_3524-xlnexus_9396txnexus_7000nexus_3172pqnexus_3064-xnexus_3232cnexus_5548upnexus_9396pxnexus_5010nexus_5000nexus_5596tnexus_3264c-enexus_9372txnexus_5624qnexus_3548-xnexus_3132q-xlnexus_3064-tnexus_93180yc-exnexus_6001tnexus_172tq-xlnexus_c36180yc-rnexus_9236cnexus_9516nexus_3172pq-xlnexus_7700Cisco NX-OS unknown
CWE ID-CWE-264
Not Available
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0427
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-2.02% / 83.79%
||
7 Day CHG~0.00%
Published-15 Aug, 2018 | 20:00
Updated-26 Nov, 2024 | 14:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CronJob scheduler API of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to incorrect input validation of user-supplied data. An attacker could exploit this vulnerability by sending a malicious packet. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. Cisco Bug IDs: CSCvi42263.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-application_policy_infrastructure_controller_enterprise_moduleDigital Network Architecture (DNA) Center
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0306
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.22%
||
7 Day CHG~0.00%
Published-21 Jun, 2018 | 11:00
Updated-29 Nov, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected device. Note: This vulnerability requires that any feature license is uploaded to the device. The vulnerability does not require that the license be used. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve51693, CSCve91634, CSCve91659, CSCve91663.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-nexus_56128pnexus_2232tm-e_10genexus_3132q-xnexus_3172tqnexus_9332pqnexus_2148tnexus_93108tc-exnx-osnexus_3636c-rnexus_9508nexus_3100-vnexus_93120txnexus_n9k-x9636c-rnexus_93128txmds_9506mds_9250inexus_3548-xlnexus_31128pqnexus_6001pnexus_3164qnexus_5020nexus_3172tq-32tnexus_2224tp_genexus_3524-xnexus_3132c-znexus_5548pnexus_5648qmds_9718nexus_9272qmds_9148smds_9513mds_9148tnexus_5672upmds_9132tnexus_3264qnexus_34180ycmds_9509mds_9706nexus_3064-32tnexus_5596upnexus_3548nexus_2248tp_genexus_3132qnexus_3016nexus_9372pxnexus_5696qnexus_92304qcnexus_92160yc-xnexus_n9k-x9636q-rnexus_n9k-c9508-fm-rmds_9148nexus_3048nexus_1110-xnexus_9504nexus_2232pp_10genexus_3524-xlnexus_9396txmds_9396tnexus_7000nexus_2248tp-emds_9396snexus_3172pqnexus_3064-xnexus_3232cnexus_5548upnexus_9396pxmds_9222inexus_5010nexus_5000nexus_2248pq_10genexus_1000vnexus_5596tnexus_3264c-enexus_1110-snexus_9372txnexus_5624qnexus_3548-xnexus_3132q-xlnexus_3064-tmds_9710nexus_2232tm_10genexus_93180yc-exnexus_6001tnexus_172tq-xlnexus_c36180yc-rnexus_9236cnexus_9516nexus_3172pq-xlnexus_7700Cisco NX-OS unknown
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0122
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.12% / 31.51%
||
7 Day CHG~0.00%
Published-08 Feb, 2018 | 07:00
Updated-02 Dec, 2024 | 21:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the affected operating system. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command for the affected operating system. A successful exploit could allow the attacker to overwrite or modify arbitrary files that are stored in the flash memory of an affected system. To exploit this vulnerability, the attacker would need to authenticate to an affected system by using valid administrator credentials. Cisco Bug IDs: CSCvf93335.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-starosasr_5000asr_5500asr_5700Cisco StarOS for Cisco ASR 5000 Series Aggregation Services Routers
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0214
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.27% / 50.66%
||
7 Day CHG~0.00%
Published-08 Mar, 2018 | 07:00
Updated-02 Dec, 2024 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in certain CLI commands of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to execute arbitrary commands on the host operating system with the privileges of the local user, aka Command Injection. These commands should have been restricted from this user. The vulnerability is due to insufficient input validation of CLI command user input. An attacker could exploit this vulnerability by authenticating to the targeted device and issuing a CLI command with crafted user input. A successful exploit could allow the attacker to execute arbitrary commands on the affected system that should be restricted. The attacker would need to have valid user credentials for the device. Cisco Bug IDs: CSCvf49844.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0182
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.24% / 47.55%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-02 Dec, 2024 | 20:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. The vulnerabilities exist because the affected software does not sufficiently sanitize command arguments before passing commands to the Linux shell for execution. An attacker could exploit these vulnerabilities by submitting a malicious CLI command to the affected software. A successful exploit could allow the attacker to break from the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell on an affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCuz03145, CSCuz56419, CSCva31971, CSCvb09542.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xeCisco IOS XE
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0169
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.17% / 37.97%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-02 Dec, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerabilities are due to the affected software improperly sanitizing command arguments to prevent access to internal data structures on a device. An attacker who has user EXEC mode (privilege level 1) access to an affected device could exploit these vulnerabilities on the device by executing CLI commands that contain crafted arguments. A successful exploit could allow the attacker to gain access to the underlying Linux shell of the affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCtw85441, CSCus42252, CSCuv95370.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosCisco IOS XE
CWE ID-CWE-264
Not Available
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20050
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.11% / 29.41%
||
7 Day CHG~0.00%
Published-23 Feb, 2023 | 00:00
Updated-25 Oct, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the currently logged-in user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_34200yc-smnexus_56128pnexus_3132q-xnexus_3172tqnx-osnexus_3200nexus_3636c-rnexus_3100-vnexus_6000nexus_3524-x\/xlnexus_6004mds_9140nexus_3100-zmds_9506mds_9250inexus_3548-xlnexus_3016qnexus_3132q-vnexus_31128pqnexus_6001pmds_9200nexus_3164qnexus_3172tq-32tnexus_3524-xnexus_3132c-znexus_31108tc-vnexus_3172pq\/pq-xlnexus_5548pnexus_5648qnexus_3172mds_9718mds_9000nexus_3464cmds_9700mds_9148smds_9513nexus_36180yc-rmds_9148tnexus_5500nexus_5672upmds_9132tnexus_1000_virtual_edgenexus_3264qnexus_3432d-snexus_7004nexus_34180ycnexus_9000vmds_9509nexus_31108pc-vmds_9706nexus_3064-32tnexus_5596upnexus_7009nexus_3524mds_9216nexus_3100vnexus_3548mds_9500nexus_3132qnexus_3548-x\/xlnexus_3016mds_9216anexus_7018nexus_5696qnexus_7710nexus_3064xnexus_3100nexus_9000mds_9100mds_9148nexus_3048nexus_31108pv-vnexus_6001nexus_3064tnexus_3524-xlmds_9396tnexus_3232c_nexus_7000nexus_7010mds_9396snexus_3064nexus_7706nexus_3172pqnexus_3064-xnexus_7718nexus_3500nexus_3232cnexus_5548upnexus_5600mds_9222inexus_1000vmds_9216inexus_5596tnexus_7702nexus_3264c-enexus_3132q-x\/3132q-xlnexus_5624qnexus_3548-xnexus_6004xnexus_3132q-xlnexus_3064-tmds_9710nexus_3172tq-xlnexus_6001tnexus_3408-snexus_3600mds_9134nexus_3172pq-xlnexus_7700nexus_5672up-16gnexus_3400Cisco NX-OS Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20013
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 24.67%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 21:01
Updated-21 Nov, 2024 | 21:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities. These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-intersight_private_virtual_applianceCisco Intersight Virtual Appliance
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-20193
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-07 Sep, 2023 | 19:29
Updated-23 Oct, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ESR console. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges to root and read, write, or delete arbitrary files from the underlying operating system of the affected device. Note: The ESR is not enabled by default and must be licensed. To verify the status of the ESR in the Admin GUI, choose Administration > Settings > Protocols > IPSec.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-20152
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.31% / 54.19%
||
7 Day CHG-0.10%
Published-05 Apr, 2023 | 00:00
Updated-06 Nov, 2024 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Command Injection Vulnerabilities

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid Administrator privileges on the affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20231
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.64% / 70.50%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 17:19
Updated-16 Dec, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to execute arbitrary Cisco IOS XE Software CLI commands with level 15 privileges. Note: This vulnerability is exploitable only if the attacker obtains the credentials for a Lobby Ambassador account. This account is not configured by default.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_9300l-48t-4g-ecatalyst_9300l-48p-4g-ecatalyst_9105axwcatalyst_9500hcatalyst_9300l-24t-4g-acatalyst_9300l-24t-4x-acatalyst_9130axecatalyst_9300l_stackcatalyst_9300l-24t-4x-ecatalyst_9300-48un-ecatalyst_9800-l-ccatalyst_9300-48p-acatalyst_9300-24s-acatalyst_9300l-24p-4g-ecatalyst_9120axpcatalyst_9124axicatalyst_9300l-48t-4x-acatalyst_9115axicatalyst_9105axcatalyst_9117axicatalyst_9800-lcatalyst_9300l-24p-4g-acatalyst_9115axcatalyst_9300-48uxm-acatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_9300lmcatalyst_9300-24p-acatalyst_9500catalyst_9117axcatalyst_9300-24t-ecatalyst_9300l-24t-4g-ecatalyst_9300-48s-ecatalyst_9300-24u-acatalyst_9800-clcatalyst_9300-48p-ecatalyst_9407rcatalyst_9300lcatalyst_9300-24u-ecatalyst_9300-48t-ecatalyst_9300l-48p-4g-acatalyst_9300xcatalyst_9300-48un-acatalyst_9120axecatalyst_9300l-48t-4g-acatalyst_9300-24p-ecatalyst_9300-48uxm-ecatalyst_9300-48t-acatalyst_9800-l-fcatalyst_9800-80catalyst_9300l-48t-4x-ecatalyst_9300l-48p-4x-ecatalyst_9400catalyst_9130axicatalyst_9800-40catalyst_9300l-48p-4x-acatalyst_9800catalyst_9300-24s-ecatalyst_9300-48u-ecatalyst_9300-48u-acatalyst_9120axcatalyst_9124axdcatalyst_9300-48s-acatalyst_9105axicatalyst_9120axiios_xecatalyst_9115axecatalyst_9130axcatalyst_9300l-24p-4x-acatalyst_9300-24t-acatalyst_9410rcatalyst_9300catalyst_9124axcatalyst_9300-24ux-eCisco IOS XE Softwareios_xe_software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2023-20023
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.31% / 54.19%
||
7 Day CHG~0.00%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Privilege Escalation Vulnerabilities

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid Administrator privileges on the affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20163
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.49% / 65.52%
||
7 Day CHG~0.00%
Published-18 May, 2023 | 00:00
Updated-28 Oct, 2024 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Command Injection Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20082
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.19% / 40.88%
||
7 Day CHG~0.00%
Published-23 Mar, 2023 | 00:00
Updated-28 Oct, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass Vulnerability

A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This vulnerability is due to errors that occur when retrieving the public release key that is used for image signature verification. An attacker could exploit this vulnerability by modifying specific variables in the Serial Peripheral Interface (SPI) flash memory of an affected device. A successful exploit could allow the attacker to execute persistent code on the underlying operating system. Note: In Cisco IOS XE Software releases 16.11.1 and later, the complexity of an attack using this vulnerability is high. However, an attacker with level-15 privileges could easily downgrade the Cisco IOS XE Software on a device to a release that would lower the attack complexity.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_9300-24u-ecatalyst_9300-48t-ecatalyst_9300l-48t-4g-ecatalyst_9300l-48p-4g-acatalyst_9300l-48p-4g-ecatalyst_9300-48un-acatalyst_9300xcatalyst_9300l-24t-4g-acatalyst_9300l-48t-4g-acatalyst_9300l-24t-4x-acatalyst_9300l_stackcatalyst_9300l-24t-4x-ecatalyst_9300-48un-ecatalyst_9300-24p-ecatalyst_9300-48p-acatalyst_9300-24s-acatalyst_9300-48t-acatalyst_9300-48uxm-ecatalyst_9300l-24p-4g-ecatalyst_9300l-48t-4x-ecatalyst_9300l-48t-4x-acatalyst_9300l-48p-4x-ecatalyst_9300l-24p-4g-acatalyst_9300-48uxm-acatalyst_9300l-24p-4x-ecatalyst_9300l-48p-4x-acatalyst_9300-24s-ecatalyst_9300-48u-ecatalyst_9300-24ux-acatalyst_9300lmcatalyst_9300-24p-acatalyst_9300-48u-acatalyst_9300-48s-acatalyst_9300-24t-ecatalyst_9300l-24t-4g-eios_xecatalyst_9300l-24p-4x-acatalyst_9300-24t-acatalyst_9300-48s-ecatalyst_9300catalyst_9300-24u-acatalyst_9300lcatalyst_9300-48p-ecatalyst_9300-24ux-eCisco IOS XE ROMMON Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20122
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.27% / 50.57%
||
7 Day CHG+0.05%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection Vulnerabilities

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20273
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-92.38% / 99.73%
||
7 Day CHG~0.00%
Published-24 Oct, 2023 | 14:13
Updated-28 Oct, 2025 | 13:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-10-27||Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_3850-48f-ecatalyst_3850-48t-lcatalyst_3650-48fq-scatalyst_3650-48pd-scatalyst_3650-48ps-ecatalyst_3850-12x48ucatalyst_3650-12x48uz-ecatalyst_3850-48xs-f-scatalyst_3650-12x48uq-scatalyst_3850-24xu-ecatalyst_3850-48xs-f-ecatalyst_3850-nm-2-40gcatalyst_3650-8x24pd-scatalyst_3650-48fqm-scatalyst_3650-48ps-lcatalyst_3850-12xs-ecatalyst_3650-48fd-ecatalyst_3650-48ts-lcatalyst_3650-24ts-ecatalyst_3650-24pd-scatalyst_3650-24td-scatalyst_3650-12x48uz-lcatalyst_3650-48fqm-lcatalyst_3650-8x24uq-scatalyst_3650-48pd-ecatalyst_3650-24td-ecatalyst_3650-24pdcatalyst_3850-16xs-scatalyst_3850-24p-ecatalyst_3650catalyst_3650-48pd-lcatalyst_3850-24p-lcatalyst_3850-48t-scatalyst_3650-12x48uq-ecatalyst_3650-48td-lcatalyst_3850-48u-lcatalyst_3650-48tq-lcatalyst_3850-nm-8-10gcatalyst_3650-48fd-lcatalyst_3650-24ps-lcatalyst_3650-48fs-ecatalyst_3650-48tq-ecatalyst_3850-48f-scatalyst_3650-48pq-scatalyst_3850-48u-ecatalyst_3650-48td-ecatalyst_3650-12x48urcatalyst_3850-32xs-ecatalyst_3850-48p-scatalyst_3650-48td-scatalyst_3850-24pw-scatalyst_3850-24xucatalyst_3650-48fs-scatalyst_3650-12x48uq-lcatalyst_3850-48ucatalyst_3650-24pdm-scatalyst_3650-12x48ur-lcatalyst_3850-24xs-ecatalyst_3850-48xs-ecatalyst_3650-24td-lcatalyst_3650-24ps-ecatalyst_3850-24u-lcatalyst_3850-48u-scatalyst_3850-48xscatalyst_3850-32xs-scatalyst_3650-24pdm-lcatalyst_3850-24xu-scatalyst_3650-12x48fd-lcatalyst_3650-48fs-lcatalyst_3650-8x24uqcatalyst_3650-24pd-lcatalyst_3650-8x24uq-ecatalyst_3850-48p-lcatalyst_3650-48fq-lcatalyst_3650-48fq-ecatalyst_3650-12x48fd-scatalyst_3650-12x48uz-scatalyst_3650-24pd-ecatalyst_3650-24pdmcatalyst_3850-24t-lcatalyst_3850-48f-lcatalyst_3850-48pw-scatalyst_3850-48t-ecatalyst_3850-12s-scatalyst_3850-24xs-scatalyst_3850-24xscatalyst_3650-48tq-scatalyst_3650-24ps-scatalyst_3650-48fqcatalyst_3650-8x24pd-ecatalyst_3650-48pq-lcatalyst_3650-48ts-ecatalyst_3650-48fqmcatalyst_3850-24p-scatalyst_3850-24ucatalyst_3850-48p-ecatalyst_3650-12x48uqcatalyst_3850-48xs-scatalyst_3650-48ts-scatalyst_3850-12xs-scatalyst_3850-24t-ecatalyst_3850-24s-ecatalyst_3650-8x24pd-lcatalyst_3650-24pdm-ecatalyst_3650-24ts-lcatalyst_3650-48fqm-ecatalyst_3650-12x48fd-eios_xecatalyst_3850-24u-ecatalyst_3650-48pq-ecatalyst_3850-12s-ecatalyst_3650-24ts-scatalyst_3650-12x48uzcatalyst_3650-12x48ur-scatalyst_3650-48fd-scatalyst_3650-48ps-scatalyst_3850-16xs-ecatalyst_3850catalyst_3650-8x24uq-lcatalyst_3650-12x48ur-ecatalyst_3850-24u-scatalyst_3850-24t-scatalyst_3850-24s-scatalyst_3850-24xu-lCisco IOS XE SoftwareCisco IOS XE Web UI
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20164
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.49% / 65.52%
||
7 Day CHG~0.00%
Published-18 May, 2023 | 00:00
Updated-28 Oct, 2024 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Command Injection Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20015
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.15% / 35.22%
||
7 Day CHG~0.00%
Published-23 Feb, 2023 | 00:00
Updated-28 Oct, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS Fabric Interconnects Command Injection Vulnerability

A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute unauthorized commands within the CLI. An attacker with Administrator privileges could also execute arbitrary commands on the underlying operating system of Cisco UCS 6400 and 6500 Series Fabric Interconnects with root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ucs_6454_firmwareucs_6300firepower_4150ucs_6332-16upucs_6300_firmwareucs_64108firepower_4110ucs_6248upfirepower_4125ucs_6296up_firmwareucs_64108_firmwareucs_central_softwarefirepower_9300_sm-44_x_3firepower_9300_sm-40ucs_6324ucs_6248up_firmwareucs_6332_firmwarefirepower_4120firepower_4145firepower_9300_sm-56firepower_9300_sm-56_x_3ucs_6536ucs_6332firepower_9300_sm-44firepower_4100ucs_6296upfirepower_9300_sm-24ucs_6536_firmwarefirepower_9300_sm-36ucs_6200firepower_extensible_operating_systemfirepower_9300_sm-48ucs_6324_firmwarefirepower_4112firepower_4140ucs_6454ucs_6332-16up_firmwareucs_6200_firmwarefirepower_4115Cisco Unified Computing System (Managed)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20219
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-0.45% / 63.59%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 17:08
Updated-26 Nov, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The attacker would need valid device credentials but does not require administrator privileges to exploit this vulnerability. These vulnerabilities are due to insufficient validation of user-supplied input for certain configuration options. An attacker could exploit these vulnerabilities by using crafted input within the device configuration GUI. A successful exploit could allow the attacker to execute arbitrary commands on the device including the underlying operating system which could also affect the availability of the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_firewall_management_centerCisco Firepower Management Centerfirepower_management_center
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-20075
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.09% / 25.99%
||
7 Day CHG-0.09%
Published-16 Feb, 2023 | 15:25
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands. These vulnerability is due to improper input validation in the CLI. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-email_security_applianceCisco Secure Email
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20021
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.31% / 54.19%
||
7 Day CHG~0.00%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Privilege Escalation Vulnerabilities

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid Administrator privileges on the affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20153
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.31% / 54.19%
||
7 Day CHG-0.10%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Command Injection Vulnerabilities

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid Administrator privileges on the affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 7
  • 8
  • Next
Details not found