Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-20166

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-18 May, 2023 | 00:00
Updated At-28 Oct, 2024 | 16:29
Rejected At-
Credits

Cisco Identity Services Engine Path Traversal Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:18 May, 2023 | 00:00
Updated At:28 Oct, 2024 | 16:29
Rejected At:
▼CVE Numbering Authority (CNA)
Cisco Identity Services Engine Path Traversal Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Identity Services Engine Software
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
CWECWE-24CWE-24
Type: CWE
CWE ID: CWE-24
Description: CWE-24
Metrics
VersionBase scoreBase severityVector
3.16.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Version: 3.1
Base score: 6.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-traversal-ZTUgMYhu
vendor-advisory
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-traversal-ZTUgMYhu
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-traversal-ZTUgMYhu
vendor-advisory
x_transferred
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-traversal-ZTUgMYhu
Resource:
vendor-advisory
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ykramarz@cisco.com
Published At:18 May, 2023 | 03:15
Updated At:07 Nov, 2023 | 04:06

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Secondary3.16.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Type: Primary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
CPE Matches
Cisco Systems, Inc.
cisco
>>identity_services_engine>>3.2
cpe:2.3:a:cisco:identity_services_engine:3.2:-:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>identity_services_engine>>3.2
cpe:2.3:a:cisco:identity_services_engine:3.2:patch1:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-22Primarynvd@nist.gov
CWE-24Secondaryykramarz@cisco.com
CWE ID: CWE-22
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-24
Type: Secondary
Source: ykramarz@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-traversal-ZTUgMYhuykramarz@cisco.com
Vendor Advisory
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-traversal-ZTUgMYhu
Source: ykramarz@cisco.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

354Records found
CVE-2023-20167
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.19% / 41.41%
||
7 Day CHG~0.00%
Published-18 May, 2023 | 00:00
Updated-28 Oct, 2024 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Path Traversal Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-24
Path Traversal: '../filedir'
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-20277
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-3.4||LOW
EPSS-0.02% / 2.93%
||
7 Day CHG~0.00%
Published-04 Jun, 2025 | 16:18
Updated-22 Jul, 2025 | 13:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Unified Contact Center Express Path Traversal Vulnerability

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, local attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to improper limitation of a pathname to a restricted directory (path traversal). An attacker could exploit this vulnerability by sending a crafted web request to an affected device, followed by a specific command through an SSH session. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of an affected device as a low-privilege user. A successful exploit could also allow the attacker to undertake further actions to elevate their privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unified_contact_center_expressCisco Unified Contact Center Express
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-20727
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.42% / 61.27%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 14:20
Updated-16 Sep, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOx Application Hosting Environment Vulnerabilities

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeiosic3000_industrial_compute_gatewaycgr1000_compute_moduleir510_operating_systemCisco IOS
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-20677
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.16% / 37.44%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 14:16
Updated-06 Nov, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOx Application Hosting Environment Vulnerabilities

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-820188008101-32hcatalyst_3850catalyst_3650catalyst_9200asr_90101100-6g_integrated_services_routercatalyst_ie3400catalyst_ie9300catalyst_9500h1160_integrated_services_router8202catalyst_9600asr_1002-hxasr_9902ioscatalyst_cg418-easr_9006catalyst_8200catalyst_ie3200catalyst_9800-801109_integrated_services_routercatalyst_9400catalyst_8300111x_integrated_services_routerasr_9000v-v21120_integrated_services_routercatalyst_8500asr_1006-xcatalyst_9800-l1100-4g_integrated_services_router1111x_integrated_services_router8201-32fhasr_900asr_9903catalyst_9800-40catalyst_9800catalyst_8500lcatalyst_9500cloud_services_router_1000v8101-32fhasr_9001catalyst_ess93004221_integrated_services_routerasr_9910asr_9906esr6300asr_9904asr_9912asr_9922catalyst_9300catalyst_9800-clasr_1001-xcatalyst_cg522-eesr33001101_integrated_services_routercatalyst_ie33008102-64h1131_integrated_services_routerasr_1009-xasr_9901Cisco IOS
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-326
Inadequate Encryption Strength
CVE-2022-20776
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.20% / 41.95%
||
7 Day CHG+0.01%
Published-26 Oct, 2022 | 14:01
Updated-25 Oct, 2024 | 16:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-roomostelepresence_collaboration_endpointCisco RoomOS Software
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2019-1952
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.65%
||
7 Day CHG~0.00%
Published-08 Aug, 2019 | 07:25
Updated-20 Nov, 2024 | 17:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Enterprise NFV Infrastructure Software Path Traversal Vulnerability

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to overwrite or read arbitrary files. The attacker would need valid administrator privilege-level credentials. This vulnerability is due to improper input validation of CLI command arguments. An attacker could exploit this vulnerability by using directory traversal techniques when executing a vulnerable command. A successful exploit could allow the attacker to overwrite or read arbitrary files on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-enterprise_network_function_virtualization_infrastructureCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-20
Improper Input Validation
CVE-2019-12666
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.36%
||
7 Day CHG~0.00%
Published-25 Sep, 2019 | 20:16
Updated-20 Nov, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Path Traversal Vulnerability

A vulnerability in the Guest Shell of Cisco IOS XE Software could allow an authenticated, local attacker to perform directory traversal on the base Linux operating system of Cisco IOS XE Software. The vulnerability is due to incomplete validation of certain commands. An attacker could exploit this vulnerability by first accessing the Guest Shell and then entering specific commands. A successful exploit could allow the attacker to execute arbitrary code on the base Linux operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software 16.4.1
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2020-3236
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 13.38%
||
7 Day CHG~0.00%
Published-18 Jun, 2020 | 02:21
Updated-15 Nov, 2024 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Enterprise NFV Infrastructure Software Path Traversal Vulnerability

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to gain root shell access to the underlying operating system and overwrite or read arbitrary files. The attacker would need valid administrative credentials. This vulnerability is due to improper input validation of CLI command arguments. An attacker could exploit this vulnerability by using path traversal techniques when executing a vulnerable command. A successful exploit could allow the attacker to gain root shell access to the underlying operating system and overwrite or read arbitrary files on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-enterprise_network_function_virtualization_infrastructureCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-20260
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.02% / 3.72%
||
7 Day CHG~0.00%
Published-17 Jan, 2024 | 16:57
Updated-13 Nov, 2024 | 19:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An attacker could exploit this vulnerability by issuing a command on the CLI with malicious options. A successful exploit could allow the attacker to gain the escalated privileges of the root user on the underlying operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-prime_infrastructureevolved_programmable_network_managerCisco Prime InfrastructureCisco Evolved Programmable Network Manager (EPNM)
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2023-20153
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.06% / 18.88%
||
7 Day CHG~0.00%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Command Injection Vulnerabilities

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid Administrator privileges on the affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20193
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.03% / 6.00%
||
7 Day CHG~0.00%
Published-07 Sep, 2023 | 19:29
Updated-23 Oct, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ESR console. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges to root and read, write, or delete arbitrary files from the underlying operating system of the affected device. Note: The ESR is not enabled by default and must be licensed. To verify the status of the ESR in the Admin GUI, choose Administration > Settings > Protocols > IPSec.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-20121
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.07% / 22.16%
||
7 Day CHG~0.00%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection Vulnerabilities

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineprime_infrastructureevolved_programmable_network_managerCisco Identity Services Engine Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20023
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.06% / 18.88%
||
7 Day CHG~0.00%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Privilege Escalation Vulnerabilities

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid Administrator privileges on the affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20043
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 16.82%
||
7 Day CHG~0.00%
Published-19 Jan, 2023 | 01:36
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by calling the script with sudo. A successful exploit could allow the attacker to take complete control of the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-cx_cloud_agentCisco CX Cloud Agent
CWE ID-CWE-708
Incorrect Ownership Assignment
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-20015
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.03% / 7.70%
||
7 Day CHG~0.00%
Published-23 Feb, 2023 | 00:00
Updated-28 Oct, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS Fabric Interconnects Command Injection Vulnerability

A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute unauthorized commands within the CLI. An attacker with Administrator privileges could also execute arbitrary commands on the underlying operating system of Cisco UCS 6400 and 6500 Series Fabric Interconnects with root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ucs_6454_firmwareucs_6300firepower_4150ucs_6332-16upucs_6300_firmwareucs_64108firepower_4110ucs_6248upfirepower_4125ucs_6296up_firmwareucs_64108_firmwareucs_central_softwarefirepower_9300_sm-44_x_3firepower_9300_sm-40ucs_6324ucs_6248up_firmwareucs_6332_firmwarefirepower_4120firepower_4145firepower_9300_sm-56firepower_9300_sm-56_x_3ucs_6536ucs_6332firepower_9300_sm-44firepower_4100ucs_6296upfirepower_9300_sm-24ucs_6536_firmwarefirepower_9300_sm-36ucs_6200firepower_extensible_operating_systemfirepower_9300_sm-48ucs_6324_firmwarefirepower_4112firepower_4140ucs_6454ucs_6332-16up_firmwareucs_6200_firmwarefirepower_4115Cisco Unified Computing System (Managed)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20122
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.06% / 19.50%
||
7 Day CHG~0.00%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection Vulnerabilities

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20170
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.03% / 7.76%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 17:12
Updated-23 Oct, 2024 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20152
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.06% / 18.88%
||
7 Day CHG~0.00%
Published-05 Apr, 2023 | 00:00
Updated-06 Nov, 2024 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Command Injection Vulnerabilities

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid Administrator privileges on the affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20097
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.05% / 15.02%
||
7 Day CHG~0.00%
Published-23 Mar, 2023 | 00:00
Updated-25 Oct, 2024 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Access Point Software Command Injection Vulnerability

A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-aironet_1562icatalyst_iw6300catalyst_9124aironet_1560catalyst_iw6300_dcwcatalyst_iw6300_acaironet_3800ecatalyst_9105axwaironet_1810wesw6300catalyst_9120axeaironet_1815tcatalyst_9130axecatalyst_9130_apaironet_1800catalyst_iw6300_dcaironet_1562eaironet_2800iaironet_1542iaironet_3800pcatalyst_9117catalyst_9120axpwireless_lan_controller_softwareaironet_1815catalyst_9115aironet_1540catalyst_9100catalyst_9115axiaironet_1815icatalyst_9105axaironet_1815waironet_4800catalyst_9117axiaironet_2800catalyst_9120_apaironet_1542dcatalyst_9130catalyst_9130axiaironet_3800catalyst_9115axaironet_access_point_softwareaironet_1800icatalyst_9120aironet_1562dcatalyst_9120axcatalyst_9124axdcatalyst_9105axicatalyst_9120axicatalyst_9117axaironet_3800iios_xecatalyst_9115axecatalyst_9130axcatalyst_9124axicatalyst_9117_apaironet_1815maironet_2800ecatalyst_9124axaironet_1810catalyst_9105catalyst_9115_apCisco Aironet Access Point Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-20210
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.02% / 3.69%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 13:53
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted command to the affected system. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, an attacker must have valid BroadWorks administrative privileges on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-broadworks_webrtc_serverbroadworks_network_server_firmwarebroadworks_network_database_serverbroadworks_database_troubleshooting_server_firmwarebroadworks_messaging_server_firmwarebroadworks_service_control_function_server_firmwarebroadworks_application_serverbroadworks_execution_serverbroadworks_application_delivery_platform_firmwarebroadworks_profile_serverbroadworks_network_serverbroadworks_media_server_firmwarebroadworks_webrtc_server_firmwarebroadworks_database_troubleshooting_serverbroadworks_xtended_services_platformbroadworks_network_function_manager_firmwarebroadworks_execution_server_firmwarebroadworks_video_server_firmwarebroadworks_video_serverbroadworks_network_database_server_firmwarebroadworks_profile_server_firmwarebroadworks_xtended_services_platform_firmwarebroadworks_sharing_server_firmwarebroadworks_service_control_function_serverbroadworks_sharing_serverbroadworks_database_serverbroadworks_network_function_managerbroadworks_database_server_firmwarebroadworks_messaging_serverbroadworks_application_server_firmwarebroadworks_media_serverbroadworks_application_delivery_platformCisco BroadWorks
CWE ID-CWE-250
Execution with Unnecessary Privileges
CVE-2025-20295
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-Not Assigned
Published-27 Aug, 2025 | 16:23
Updated-27 Aug, 2025 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco UCS Manager Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to read or create a file or overwrite any file on the file system of the underlying operating system of an affected device, including system files.   This vulnerability is due to insufficient input validation of command arguments supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to read or create a file or overwrite any file on the file system of the underlying operating system of the affected device, including system files. To exploit this vulnerability, the attacker must have valid administrative credentials on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Unified Computing System (Managed)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20075
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.05% / 14.73%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 15:25
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands. These vulnerability is due to improper input validation in the CLI. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-email_security_applianceCisco Secure Email
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20022
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.06% / 18.88%
||
7 Day CHG~0.00%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Privilege Escalation Vulnerabilities

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid Administrator privileges on the affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20090
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 15.04%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 15:19
Updated-30 Jul, 2025 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco TelePresence Collaboration Endpoint and RoomOS Software Privilege Escalation Vulnerability

A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to improper access control on certain CLI commands. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to elevate privileges to root. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-telepresence_collaboration_endpointroomosCisco TelePresence Endpoint Software (TC/CE)Cisco RoomOS Softwaretelepresence_collaboration_endpoint
CWE ID-CWE-27
Path Traversal: 'dir/../../filename'
CVE-2023-20236
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.56%
||
7 Day CHG~0.00%
Published-13 Sep, 2023 | 16:39
Updated-23 Oct, 2024 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-8201ncs_4216ncs_5001ncs_5002asr_9010ncs_400982028208ncs_1001asr_9902ncs_551682188212ncs_4206asr_9006ncs_4016ncs_540ncs_57b1-5dse-sysncs_57c3-mods-sysios_xrncs_55008831ncs_4201ncs_5508asr_9903ncs_5501ncs_57c1-48q6-sysasr_9000ncs_560880488128818ncs_5011asr_9001ncs_5504asr_9000vasr_9910asr_99068808asr_9904asr_9920asr_9912asr_9922ncs_57c3-mod-sysncs_1004ncs_560-4ncs_560-7ncs_1002ncs_4202ncs_5502asr_9901ncs_57b1-6d24-sysCisco IOS XR Softwareios_xr_software
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2023-20021
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.06% / 18.88%
||
7 Day CHG~0.00%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Privilege Escalation Vulnerabilities

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid Administrator privileges on the affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-20399
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.37% / 57.81%
||
7 Day CHG~0.00%
Published-01 Jul, 2024 | 16:11
Updated-28 Jul, 2025 | 19:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-07-23||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Cisco NX-OS Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root. Note: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. The following Cisco devices already allow administrative users to access the underlying operating system through the bash-shell feature, so, for these devices, this vulnerability does not grant any additional privileges: Nexus 3000 Series Switches Nexus 7000 Series Switches that are running Cisco NX-OS Software releases 8.1(1) and later Nexus 9000 Series Switches in standalone NX-OS mode

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_3064-xmds_9100nexus_3264c-emds_9396tnexus_9500_8-slotnexus_9364d-gx2anexus_3232nexus_31108tc-vnexus_9432pqnexus_9516nexus_3172tq-xlnexus_7009mds_9513nexus_93128nexus_9200ycnexus_31108pc-vnexus_3064xnexus_93108tc-exnexus_92304qcnexus_9408nexus_9348gc-fx3nexus_7702nexus_9364c-gxnexus_93108tc-fxnexus_9236cnexus_7700_18-slotnexus_9000vnexus_3600nexus_9000_in_standalone_nx-os_modenexus_3064nexus_3500nexus_9336pq_acinexus_3048nexus_9000_in_standalonenexus_5596upnexus_3132q-xnexus_93180yc-exmds_9222inexus_5596tnexus_5500nexus_9500mds_9216nexus_93240yc-fx2nexus_31108pv-vnexus_9332d-gx2bnexus_3548nexus_3264qnexus_9500_supervisor_a\+nexus_3408-snexus_3432d-snexus_93180yc-ex-24nexus_9336c-fx2nexus_5000mds_9700nexus_93180yc-fx-24mds_9134nexus_9372pxnexus_7018nexus_9348d-gx2anexus_3100nexus_92300ycmds_9148tnexus_3132q-x\/3132q-xlnexus_7004nexus_7710mds_9500nexus_93240tc-fx2nexus_9332pqnexus_5600nexus_93180yc-fx3mds_9216anexus_34180ycnexus_5648qmds_9706mds_9710nexus_3524-xlnexus_5672up-16gnexus_3064-tnexus_3132q-vnexus_9316d-gxnexus_7000_supervisor_1nexus_36180yc-rnexus_9372px-emds_9148snexus_93108tc-ex-24nexus_3172tq-32tnexus_7700_2-slotnexus_9396txnx-osnexus_9500_supervisor_anexus_9200nexus_3000nexus_9500_supervisor_b\+nexus_5548upnexus_3064tnexus_93108tc-fx3pnexus_3232c_nexus_5548pnexus_93108tc-fx-24nexus_3200mds_9509nexus_93120txnexus_9808nexus_3400nexus_9300nexus_3636c-rnexus_93360yc-fx2nexus_9500_supervisor_bnexus_7706mds_9200mds_9132tnexus_3172nexus_3132q-xlmds_9506nexus_9636pqnexus_7000_18-slotmds_9140nexus_5624qnexus_3172pq\/pq-xlnexus_93600cd-gxnexus_7000_supervisor_2enexus_93180yc-fxnexus_9372tx-enexus_7000_10-slotnexus_31128pqnexus_3172pq-xlnexus_93180tc-exnexus_5696qnexus_93180lc-exnexus_93180yc-fx3hnexus_9504nexus_3100-znexus_3172pqnexus_9800nexus_93128txmds_9216inexus_9500_16-slotnexus_9508nexus_3548-xmds_9000nexus_7000_supervisor_2nexus_5020nexus_3548-xlnexus_7700_supervisor_3enexus_9500rnexus_3524-x\/xlnexus_7000nexus_9332cnexus_9716d-gxnexus_93108tc-fx3hnexus_3016nexus_9348gc-fxpnexus_7000_4-slotnexus_3164qmds_9396snexus_56128pnexus_9336pqnexus_9232enexus_7700_supervisor_2enexus_92160yc-xmds_9250inexus_3548-x\/xlnexus_9396pxnexus_9272qnexus_3132qnexus_5672upnexus_7010nexus_3064-32tnexus_3232cnexus_9536pqnexus_9000_in_aci_modenexus_9336pq_aci_spinenexus_3100-vnexus_3100vmds_9718nexus_3524-xnexus_9736pqnexus_7700_6-slotmds_9148nexus_3172tqnexus_9500_4-slotnexus_9372txnexus_7718nexus_3016qnexus_7700_10-slotnexus_9221cnexus_7000_9-slotnexus_7700nexus_3132c-znexus_93216tc-fx2nexus_3524nexus_9336c-fx2-enexus_9364cnexus_9000nexus_92348gc-xnexus_5010nexus_3464cnexus_34200yc-smnexus_9804nexus_93180yc-fx3snexus_9332d-h2rCisco NX-OS Softwarenx-osNX-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-20461
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.09% / 26.65%
||
7 Day CHG~0.00%
Published-16 Oct, 2024 | 16:16
Updated-22 Oct, 2024 | 18:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection Vulnerability

A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit this vulnerability by sending malicious characters to the CLI. A successful exploit could allow the attacker to read and write to the underlying operating system as the root user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ata_192_firmwareata_191_firmwareata_192ata_191Cisco Analog Telephone Adaptor (ATA) Softwareata_190_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-20485
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.04% / 12.35%
||
7 Day CHG~0.00%
Published-23 Oct, 2024 | 17:52
Updated-01 Nov, 2024 | 19:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability is due to improper validation of a specific file when it is read from system flash memory. An attacker could exploit this vulnerability by restoring a crafted backup file to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device after the next reload of the device, which could alter system behavior. Because the injected code could persist across device reboots, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defense_softwareadaptive_security_appliance_softwareCisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) Softwarefirepower_threat_defense_softwareadaptive_security_appliance_software
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-20456
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.61%
||
7 Day CHG-0.00%
Published-10 Jul, 2024 | 16:06
Updated-04 Aug, 2025 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Cisco Secure Boot functionality and load unverified software on an affected device. To exploit this successfully, the attacker must have root-system privileges on the affected device. This vulnerability is due to an error in the software build process. An attacker could exploit this vulnerability by manipulating the system’s configuration options to bypass some of the integrity checks that are performed during the booting process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass of the requirement to run Cisco signed images or alter the security properties of the running system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-8201-32fh-oncs_540x-4z14g2q-ancs_540x-8z16g-sys-ancs_1010ncs_540-24q8l2dd-sysncs_540x-4z14g2q-d8122-64ehf-oncs_540-acc-sys8212-48fh-m8711-32fh-m8111-32eh-o8101-32fh-oncs_540-24q2c2dd-sysncs_540x-16z8q2c-d8808ncs_540-12z20g-sys-aios_xrncs_540-24z8q2c-sys870082028122-64eh-oncs_540-12z20g-sys-d8202-32fh-mncs_57b1-5dse-sys8608ncs_1014ncs_540-fh-csr-sysncs_540-28z4c-sys-ancs_540x-6z18g-sys-a8102-64h-oncs_57d2-18dd-sysncs_540x-16z4g8q2c-a8101-32h-oncs_540x-acc-sys88128404ncs_540-28z4c-sys-d8011-4g24y4h-i8101-32fhncs_540-6z14s-sys-dncs_540-6z18g-sys-dncs_57c1-48q6-sys8818ncs_540x-12z16g-sys-a8201-24h8fh8102-64h8501-sys-mtncs_540x-6z18g-sys-dncs_540-fh-agg88048201ncs_540-6z18g-sys-ancs_540x-16z4g8q2c-d8712-mod-m8102-28fh-dpu-o8201-32fhncs_540x-12z16g-sys-dncs_57b1-6d24-sysncs_540x-8z16g-sys-dCisco IOS XR Softwareios_xr_software
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-20469
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.20% / 42.48%
||
7 Day CHG~0.00%
Published-04 Sep, 2024 | 16:28
Updated-20 Sep, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Command Injection Vulnerability

A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid Administrator privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Softwareidentity_services_engine_software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-20492
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.20% / 42.46%
||
7 Day CHG~0.00%
Published-02 Oct, 2024 | 16:55
Updated-08 Oct, 2024 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Expressway Series Privilege Escalation Vulnerability

A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have Administrator-level credentials with read-write privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a series of crafted CLI commands. A successful exploit could allow the attacker to escape the restricted shell and gain root privileges on the underlying operating system of the affected device. Note: Cisco Expressway Series refers to Cisco Expressway Control (Expressway-C) devices and Cisco Expressway Edge (Expressway-E) devices.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-telepresence_video_communication_serverCisco TelePresence Video Communication Server (VCS) Expresswaytelepresence_video_communication_server
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-20306
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.02% / 3.17%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 16:58
Updated-30 Jul, 2025 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Unified Threat Defense (UTD) configuration CLI of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying host operating system. To exploit this vulnerability, an attacker must have level 15 privileges on the affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting a crafted CLI command to an affected device. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Softwareios_xe
CWE ID-CWE-233
Improper Handling of Parameters
CVE-2024-20413
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 7.78%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 16:27
Updated-30 Aug, 2024 | 03:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Bash Privilege Escalation Vulnerability

A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to elevate privileges to network-admin on an affected device. This vulnerability is due to insufficient security restrictions when executing application arguments from the Bash shell. An attacker with privileges to access the Bash shell could exploit this vulnerability by executing crafted commands on the underlying operating system. A successful exploit could allow the attacker to create new users with the privileges of network-admin.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco NX-OS Softwarenx-os
CWE ID-CWE-862
Missing Authorization
CVE-2024-20282
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.05% / 15.75%
||
7 Day CHG+0.01%
Published-03 Apr, 2024 | 16:20
Updated-07 May, 2025 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this vulnerability by using this token to access resources within the device infrastructure. A successful exploit could allow an attacker to gain root access to the filesystem or hosted containers on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_dashboardCisco Nexus Dashboardnexus_dashboard
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2024-20358
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.03% / 7.99%
||
7 Day CHG~0.00%
Published-24 Apr, 2024 | 19:38
Updated-20 Aug, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability exists because the contents of a backup file are improperly sanitized at restore time. An attacker could exploit this vulnerability by restoring a crafted backup file to an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system as root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defense_softwareadaptive_security_appliance_softwareCisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) Softwareadaptive_security_appliance
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-20411
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.07%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 16:27
Updated-30 Aug, 2024 | 03:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Bash Arbitrary Code Execution Vulnerability

A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to execute arbitrary code as root on an affected device. This vulnerability is due to insufficient security restrictions when executing commands from the Bash shell. An attacker with privileges to access the Bash shell could exploit this vulnerability by executing a specific crafted command on the underlying operating system. A successful exploit could allow the attacker to execute arbitrary code with the privileges of root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco NX-OS Softwarenx-os
CWE ID-CWE-267
Privilege Defined With Unsafe Actions
CVE-2024-20370
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.03% / 8.34%
||
7 Day CHG~0.00%
Published-23 Oct, 2024 | 17:29
Updated-26 Oct, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco FXOS CLI feature on specific hardware platforms for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to elevate their administrative privileges to root. The attacker would need valid administrative credentials on the device to exploit this vulnerability. This vulnerability exists because certain system configurations and executable files have insecure storage and permissions. An attacker could exploit this vulnerability by authenticating on the device and then performing a series of steps that includes downloading malicious system files and accessing the Cisco FXOS CLI to configure the attack. A successful exploit could allow the attacker to obtain root access on the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) Softwarefirepower_threat_defense_softwareadaptive_security_appliance_software
CWE ID-CWE-264
Not Available
CVE-2024-20359
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.15% / 36.54%
||
7 Day CHG-0.04%
Published-24 Apr, 2024 | 18:16
Updated-30 Jul, 2025 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-05-01||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability is due to improper validation of a file when it is read from system flash memory. An attacker could exploit this vulnerability by copying a crafted file to the disk0: file system of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device after the next reload of the device, which could alter system behavior. Because the injected code could persist across device reboots, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseadaptive_security_appliance_softwareCisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) Softwarefirepower_threat_defense_softwareasaAdaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2021-34708
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.02% / 4.11%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 05:00
Updated-07 Nov, 2024 | 22:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software for Cisco 8000 and Network Convergence System 540 Series Routers Image Verification Vulnerabilities

Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-82018101-32h8201-32fhn540-24z8q2c-m8800_4-slotn540-28z4c-sys-an540x-16z4g8q2c-dn540-acc-sysn540-28z4c-sys-d8800_18-slotn540x-acc-sys8202n540-12z20g-sys-dn540x-12z16g-sys-dn540x-12z16g-sys-a8101-32fh8102-64h8800_8-slotn540-12z20g-sys-an540-24z8q2c-sys8800_12-slotios_xrn540x-16z4g8q2c-aCisco IOS XR Software
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2021-34722
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 26.16%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 05:01
Updated-07 Nov, 2024 | 22:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-82018101-32hncs_5001ncs_5002asr_9010ncs_540_fronthaul8202ncs_1001asr_9902ncs_5501-sencs_5516ncs_6000asr_9006ncs_540asr_9000v-v2ios_xrncs_5502-se8201-32fhncs_5508asr_9903ncs_5501ios_xrv880488128818ncs_5011ios_xrv_9000asr_90018101-32fhncs_6008asr_9910asr_99068808asr_9904asr_9912asr_9922ncs_560-4ncs_1004ncs_560-7ncs_10028102-64hncs_5502ncs_520asr_9901Cisco IOS XR Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34756
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 29.43%
||
7 Day CHG~0.00%
Published-27 Oct, 2021 | 18:55
Updated-07 Nov, 2024 | 21:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_management_center_virtual_appliancefirepower_threat_defensesourcefire_defense_centerCisco Firepower Threat Defense Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34725
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 34.14%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-07 Nov, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_routerasr_1001-x_r1160_integrated_services_routerasr_1002-hxasr_1000_series_route_processor_\(rp2\)asr_1000_series_route_processor_\(rp3\)1100_integrated_services_router1109-2p_integrated_services_routerasr_1001-hx_r4331_integrated_services_router4461_integrated_services_routerasr_1002-hx_rasr_1002-x_rasr_1000-xasr_1009-xasr_1000-esp100asr_1002ios_xe_sd-wan4000_integrated_services_router1000_integrated_services_router1109_integrated_services_routerasr_1004111x_integrated_services_router1120_integrated_services_routerasr_1006-x1111x_integrated_services_routerasr_10134321_integrated_services_routerasr_10231101-4p_integrated_services_router4431_integrated_services_routerasr_10011100-4p_integrated_services_routerasr_1000csr_1000v1100-4g\/6g_integrated_services_router4221_integrated_services_router1111x-8p_integrated_services_routerasr_1000_seriesasr_10061100-8p_integrated_services_router1109-4p_integrated_services_routerasr_1001-x1101_integrated_services_routerasr_1001-hx4451_integrated_services_routerasr_1002-x4351_integrated_services_router422_integrated_services_routerCisco IOS XE SD-WAN Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3417
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.08% / 24.04%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:01
Updated-13 Nov, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Arbitrary Code Execution Vulnerability

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit this vulnerability by installing code to a specific directory in the underlying operating system (OS) and setting a specific ROMMON variable. A successful exploit could allow the attacker to execute persistent code on the underlying OS. To exploit this vulnerability, the attacker would need access to the root shell on the device or have physical access to the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34752
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.67%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 16:14
Updated-18 Nov, 2024 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Command Injection Vulnerabilities

A vulnerability in the CLI of Cisco FTD Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands with root privileges on the underlying operating system of an affected device.  This vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected commands. A successful exploit could allow the attacker to execute commands with root privileges on the underlying operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Firepower Threat Defense Softwarefirepower_threat_defense_software
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3152
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.73%
||
7 Day CHG~0.00%
Published-26 Aug, 2020 | 16:16
Updated-13 Nov, 2024 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Connected Mobile Experiences Privilege Escalation Vulnerability

A vulnerability in Cisco Connected Mobile Experiences (CMX) could allow an authenticated, local attacker with administrative credentials to execute arbitrary commands with root privileges. The vulnerability is due to improper user permissions that are configured by default on an affected system. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, an attacker would need to have valid administrative credentials.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-connected_mobile_experiencesCisco Connected Mobile Experiences
CWE ID-CWE-275
Not Available
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-34729
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 35.56%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-07 Nov, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input in the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system. An attacker would need valid user credentials to exploit this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeios_xe_sd-wanCisco IOS XE SD-WAN Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34724
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.12% / 32.42%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-07 Nov, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_routerasr_1001-x_r1160_integrated_services_routerasr_1002-hxasr_1000_series_route_processor_\(rp2\)asr_1000_series_route_processor_\(rp3\)1100_integrated_services_router1109-2p_integrated_services_routerasr_1001-hx_r4331_integrated_services_router4461_integrated_services_routerasr_1002-hx_rasr_1002-x_rasr_1000-xasr_1009-xasr_1000-esp100asr_1002ios_xe_sd-wan4000_integrated_services_router1000_integrated_services_router1109_integrated_services_routerasr_1004111x_integrated_services_router1120_integrated_services_routerasr_1006-x1111x_integrated_services_routerasr_10134321_integrated_services_routerasr_10231101-4p_integrated_services_router4431_integrated_services_routerasr_10011100-4p_integrated_services_routerasr_1000csr_1000v1100-4g\/6g_integrated_services_router4221_integrated_services_router1111x-8p_integrated_services_routerasr_1000_seriesasr_10061100-8p_integrated_services_router1109-4p_integrated_services_routerasr_1001-x1101_integrated_services_routerasr_1001-hx4451_integrated_services_routerasr_1002-x4351_integrated_services_router422_integrated_services_routerCisco IOS XE SD-WAN Software
CWE ID-CWE-284
Improper Access Control
CVE-2021-34726
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 35.56%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-07 Nov, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sd-wanCisco SD-WAN Solution
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34721
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 26.16%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 05:01
Updated-07 Nov, 2024 | 22:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-82018101-32hncs_5001ncs_5002asr_9010ncs_540_fronthaul8202ncs_1001asr_9902ncs_5501-sencs_5516ncs_6000asr_9006ncs_540asr_9000v-v2ios_xrncs_5502-se8201-32fhncs_5508asr_9903ncs_5501ios_xrv880488128818ncs_5011ios_xrv_9000asr_90018101-32fhncs_6008asr_9910asr_99068808asr_9904asr_9912asr_9922ncs_560-4ncs_1004ncs_560-7ncs_10028102-64hncs_5502ncs_520asr_9901Cisco IOS XR Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 7
  • 8
  • Next
Details not found