Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-20178

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-28 Jun, 2023 | 00:00
Updated At-02 Aug, 2024 | 09:05
Rejected At-
Credits

A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established. This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:28 Jun, 2023 | 00:00
Updated At:02 Aug, 2024 | 09:05
Rejected At:
â–¼CVE Numbering Authority (CNA)

A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established. This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Secure Client
Versions
Affected
  • 4.9.00086
  • 4.9.01095
  • 4.9.02028
  • 4.9.03047
  • 4.9.03049
  • 4.9.04043
  • 4.9.04053
  • 4.9.05042
  • 4.9.06037
  • 4.10.00093
  • 4.10.01075
  • 4.10.02086
  • 4.10.03104
  • 4.10.04065
  • 4.10.04071
  • 4.10.05085
  • 4.10.05095
  • 4.10.05111
  • 4.10.06079
  • 4.10.06090
  • 5.0.00238
  • 5.0.00529
  • 5.0.00556
  • 5.0.01242
Problem Types
TypeCWE IDDescription
cweCWE-276Incorrect Default Permissions
Type: cwe
CWE ID: CWE-276
Description: Incorrect Default Permissions
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability that is described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw
x_transferred
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw
Resource:
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ykramarz@cisco.com
Published At:28 Jun, 2023 | 15:15
Updated At:25 Jan, 2024 | 17:15

A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established. This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Cisco Systems, Inc.
cisco
>>anyconnect_secure_mobility_client>>Versions before 4.10.07061(exclusive)
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:windows:*:*
Cisco Systems, Inc.
cisco
>>secure_client>>Versions before 5.0.02075(exclusive)
cpe:2.3:a:cisco:secure_client:*:*:*:*:*:windows:*:*
Weaknesses
CWE IDTypeSource
CWE-276Primarynvd@nist.gov
CWE-276Secondaryykramarz@cisco.com
CWE ID: CWE-276
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-276
Type: Secondary
Source: ykramarz@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kwykramarz@cisco.com
Vendor Advisory
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw
Source: ykramarz@cisco.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

514Records found
CVE-2022-20732
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 30.49%
||
7 Day CHG~0.00%
Published-21 Apr, 2022 | 18:55
Updated-06 Nov, 2024 | 16:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Virtualized Infrastructure Manager Privilege Escalation Vulnerability

A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager (VIM) could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain configuration files. An attacker with low-privileged credentials could exploit this vulnerability by accessing an affected device and reading the affected configuration files. A successful exploit could allow the attacker to obtain internal database credentials, which the attacker could use to view and modify the contents of the database. The attacker could use this access to the database to elevate privileges on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-virtualized_infrastructure_managerCisco Virtualized Infrastructure Manager
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2026-20245
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.19%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 22:33
Updated-10 Jun, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2026-06-23||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Cisco Catalyst SD-WAN Controller Authenticated Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by uploading a crafted file to the affected system. A successful exploit could allow the attacker to perform command injection attacks on an affected system and elevate their privileges as the root user.  To exploit this vulnerability, the attacker must have netadmin privileges on the affected system. This would require valid credentials or exploitation of or . Cisco is not aware of successful exploitation by other methods. Cisco has observed limited cases where the exploitation of this bug resulted in a configuration change pushed to edge devices. Cisco recommends that customers upgrade to the fixed software that is documented in the that was published on May 14, 2026, and verify the configuration of the edge devices.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Catalyst SD-WAN ManagerCatalyst SD-WAN Manager
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CVE-2025-20122
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.58%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 17:18
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privileges of the root user on the underlying operating system. This vulnerability is due to insufficient input validation. An authenticated attacker with read-only privileges on the SD-WAN Manager system could exploit this vulnerability by sending a crafted request to the CLI of the SD-WAN Manager. A successful exploit could allow the attacker to gain root privileges on the underlying operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_sd-wan_managerCisco Catalyst SD-WAN Manager
CWE ID-CWE-300
Channel Accessible by Non-Endpoint
CVE-2021-1237
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 17.21%
||
7 Day CHG~0.00%
Published-13 Jan, 2021 | 21:17
Updated-12 Nov, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco AnyConnect Secure Mobility Client for Windows DLL Injection Vulnerability

A vulnerability in the Network Access Manager and Web Security Agent components of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL injection attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by inserting a configuration file in a specific path in the system which, in turn, causes a malicious DLL file to be loaded when the application starts. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-anyconnect_secure_mobility_clientCisco AnyConnect Secure Mobility Client
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-1280
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.80%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 19:56
Updated-12 Nov, 2024 | 20:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Advanced Malware Protection for Endpoints and Immunet for Windows DLL Hijacking Vulnerability

A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection (AMP) for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need valid credentials on the Windows system. This vulnerability is due to incorrect handling of directory search paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file on the targeted system. This file will execute when the vulnerable application launches. A successful exploit could allow the attacker to execute arbitrary code on the targeted system with SYSTEM privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-immunetadvanced_malware_protection_for_endpointsCisco AMP for Endpoints
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-3455
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.57%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:36
Updated-13 Nov, 2024 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco FXOS Software for Firepower 4100/9300 Series Appliances Secure Boot Bypass Vulnerability

A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into a specific file that is then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device which would be executed at each boot and maintain persistence across reboots.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_4150firepower_9300_sm-24firepower_9300_sm-36firepower_4110firepower_extensible_operating_systemfirepower_9300_sm-48firepower_4125firepower_4112firepower_4140firepower_9300_sm-44_x_3firepower_9300_sm-40firepower_4145firepower_4120firepower_9300_sm-56firepower_9300_sm-56_x_3firepower_4115firepower_9300_sm-44Cisco Firepower Extensible Operating System (FXOS)
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2023-20216
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 2.55%
||
7 Day CHG~0.00%
Published-03 Aug, 2023 | 21:18
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local attacker to elevate privileges to root on an affected system. This vulnerability is due to incorrect implementation of user role permissions. An attacker could exploit this vulnerability by authenticating to the application as a user with the BWORKS or BWSUPERADMIN role and issuing crafted commands on an affected system. A successful exploit could allow the attacker to execute commands beyond the sphere of their intended access level, including initiating installs or running operating system commands with elevated permissions. There are workarounds that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-broadworks_profile_serverbroadworks_network_serverbroadworks_database_serverbroadworks_network_database_serverbroadworks_network_function_managerbroadworks_media_serverbroadworks_execution_serverbroadworks_application_delivery_platformbroadworks_application_serverbroadworks_service_control_function_serverbroadworks_troubleshooting_serverbroadworks_xtended_services_platformCisco BroadWorks
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-20029
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 12.40%
||
7 Day CHG~0.00%
Published-23 Mar, 2023 | 00:00
Updated-25 Oct, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Privilege Escalation Vulnerability

A vulnerability in the Meraki onboarding feature of Cisco IOS XE Software could allow an authenticated, local attacker to gain root level privileges on an affected device. This vulnerability is due to insufficient memory protection in the Meraki onboarding feature of an affected device. An attacker could exploit this vulnerability by modifying the Meraki registration parameters. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_9300-24u-ecatalyst_9300-48t-ecatalyst_9200catalyst_9300l-48t-4g-ecatalyst_9300l-48p-4g-acatalyst_9300l-48p-4g-ecatalyst_9300-48un-acatalyst_9300xcatalyst_9300l-24t-4g-acatalyst_9300l-48t-4g-acatalyst_9300l-24t-4x-acatalyst_9300l_stackcatalyst_9300l-24t-4x-ecatalyst_9300-48un-ecatalyst_9300-24p-ecatalyst_9200lcatalyst_9200cxcatalyst_9300-48p-acatalyst_9300-24s-acatalyst_9300-48t-acatalyst_9300-48uxm-ecatalyst_9300l-24p-4g-ecatalyst_9300l-48t-4x-ecatalyst_9300l-48t-4x-acatalyst_9300l-48p-4x-ecatalyst_9300l-24p-4g-acatalyst_9300-48uxm-acatalyst_9300l-24p-4x-ecatalyst_9300l-48p-4x-acatalyst_9300-24s-ecatalyst_9300-48u-ecatalyst_9300-24ux-acatalyst_9300lmcatalyst_9300-24p-acatalyst_9300-48u-acatalyst_9300-48s-acatalyst_9300-24t-ecatalyst_9300l-24t-4g-eios_xecatalyst_9300l-24p-4x-acatalyst_9300-24t-acatalyst_9300-48s-ecatalyst_9300catalyst_9300-24u-acatalyst_9300lcatalyst_9300-48p-ecatalyst_9300-24ux-eCisco IOS XE Software
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-20122
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.25% / 48.72%
||
7 Day CHG~0.00%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection Vulnerabilities

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20224
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.20%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 21:43
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient input validation of user-supplied CLI arguments. An attacker could exploit this vulnerability by authenticating to an affected device and using crafted commands at the prompt. A successful exploit could allow the attacker to execute arbitrary commands as root. The attacker must have valid credentials on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-thousandeyes_enterprise_agentCisco ThousandEyes Recorder Application
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2023-20035
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 17.10%
||
7 Day CHG~0.00%
Published-23 Mar, 2023 | 00:00
Updated-28 Oct, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_routercatalyst_8540csrcatalyst_8510csrcatalyst_8000v_edge1160_integrated_services_routerasr_1002-hxcatalyst_8510msr1100_integrated_services_router1109-2p_integrated_services_router4331_integrated_services_router4461_integrated_services_routercatalyst_8200ios_xe_sd-wancatalyst_8300-2n2s-6t1109_integrated_services_routercatalyst_8300catalyst_85001120_integrated_services_routercatalyst_8500-4qcasr_1006-x4321_integrated_services_routercatalyst_8540msr1131_integrated_services_routercatalyst_8300-1n1s-4t2xcatalyst_8500l1101-4p_integrated_services_router4431_integrated_services_routercatalyst_8300-1n1s-6t1100-4p_integrated_services_routercsr_1000v1100-4g\/6g_integrated_services_router4221_integrated_services_routercatalyst_8300-2n2s-4t2x1100-8p_integrated_services_router1109-4p_integrated_services_routerasr_1001-x1101_integrated_services_router4451_integrated_services_router4351_integrated_services_routerasr_1009-xCisco IOS XE Software
CWE ID-CWE-146
Improper Neutralization of Expression/Command Delimiters
CVE-2023-20065
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.55%
||
7 Day CHG~0.00%
Published-23 Mar, 2023 | 00:00
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_920-10sz-pdcatalyst_3850asr_907catalyst_9500hcatalyst_3850-16xs-scatalyst_3850-48pw-sasr_1000-esp200-xcatalyst_9300l-24t-4x-acatalyst_9300-48un-e4331_integrated_services_routercg522-easr_90064461_integrated_services_routercatalyst_9300-48p-acatalyst_9300-24s-aasr_901s-3sg-f-dasr_1000-esp100-xcatalyst_9300l-48t-4x-aasr_920-12sz-imcatalyst_8300catalyst_8500-4qccatalyst_3850-48u-lcatalyst_9800-80_wireless_controlleress-3300-ncp-acatalyst_8300-1n1s-6t8101-32fhcatalyst_9300l-24t-4g-easr_920-12cz-a_rcatalyst_3850-48xscatalyst_9800-clcatalyst_9300-48p-e1131_integrated_services_routercatalyst_9300-48t-ecatalyst_9600xcatalyst_3850-24xu-eess-3300-24t-con-e9800-40catalyst_9600catalyst_3850-48u-scatalyst_3850-16xs-ecatalyst_8510msrcatalyst_9200lcatalyst_3850-24xucatalyst_9300-48uxm-e1109_integrated_services_routercatalyst_9400catalyst_3850-48t-l1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_9600_supervisor_engine-1ess-3300-24t-con-acatalyst_9800-40catalyst_9300l-48p-4x-acatalyst_9800catalyst_9300-48u-aasr_902u1100-4p_integrated_services_routerasr_903asr_9920asr_9906catalyst_ie3200_rugged_switchcatalyst_3850-48t-ecg418-e1101_integrated_services_routerasr_920-24tz-m_r8101-32hasr_920-24sz-m_ress-3300-24t-ncp-acatalyst_3850-12s-sasr_9010asr_920-4sz-d_rcatalyst_3850-24u-sasr_99021100_integrated_services_routerasr_901-4c-ft-dcatalyst_9300l-24t-4x-ecatalyst_9800-40_wireless_controllerasr_1002-hx_rasr_1006-xasr_920-12cz-acatalyst_9300l-24p-4g-aess-3300-24t-ncp-easr_901-12c-ft-dcatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_3850-32xs-scatalyst_9500asr_9001asr_901s-3sg-f-ah4221_integrated_services_routercatalyst_3850-48f-lcatalyst_3850-24xu-lcatalyst_ie3400_heavy_duty_switchcatalyst_3850-24s-scatalyst_9300-48s-easr_1002-xasr_920-12cz-d_r8800_18-slotcatalyst_9300lcatalyst_ie3400_rugged_switch4451-x_integrated_services_routercatalyst_3850-48p-scatalyst_ie9300catalyst_8510csrasr_1002-hx1109-2p_integrated_services_routercatalyst_9200cxasr_920-10sz-pd_rcatalyst_8200asr_1000-esp100catalyst_9300-48t-acatalyst_3850-12s-ecatalyst_8500asr_920u-12sz-im8831catalyst_3850-24t-easr_900asr_901-6cz-ft-a4321_integrated_services_routercatalyst_3850-24xs-scatalyst_8300-1n1s-4t2x8804catalyst_ie3300_rugged_switchasr_1000catalyst_3850-48p-lcatalyst_8300-2n2s-4t2xasr_920-12sz-im_r88081100-8p_integrated_services_routercatalyst_9410rcatalyst_3850-nm-8-10gasr_901-12c-f-dcatalyst_3850-12xs-easr_901s-2sg-f-ahcatalyst_8540csrcatalyst_3850-32xs-e1100-6g_integrated_services_routercatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_9300l-48p-4g-ecatalyst_9300l-48t-4g-easr_9148202catalyst_3850-24p-scatalyst_3850-24u9800-lcatalyst_9300l_stackasr_920-12cz-dcatalyst_9300l-24p-4g-easr_920-4sz-d111x_integrated_services_routercatalyst_9800-l8201-32fhasr_1013catalyst_8540msrasr_920-24sz-imcatalyst_3850-nm-2-40gcbr-8catalyst_9300lmcatalyst_9300-24t-easr_9000vcatalyst_3850-48t-scatalyst_9407rcatalyst_3850-24pw-scatalyst_3850-24t-scatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_9800_embedded_wireless_controllercatalyst_9200catalyst_9300l-48p-4g-a1160_integrated_services_routercatalyst_9300l-48t-4g-aasr_920-24sz-mintegrated_services_virtual_routerasr_920-4sz-acatalyst_ie3200catalyst_3850-48p-ecatalyst_9800-80catalyst_8300-2n2s-6tasr_920-4sz-a_rcatalyst_9300l-48p-4x-eess-3300-con-aasr_901-6cz-ft-dasr_901-6cz-f-dess-3300-ncp-easr_9000catalyst_8500lcatalyst_9300-24s-ecatalyst_9300-48u-e1101-4p_integrated_services_routercatalyst_9300-48s-acatalyst_3850-24p-easr_1006catalyst_3850-48xs-f-scatalyst_9300-24t-acatalyst_9300l-24p-4x-acatalyst_9300asr_920-24sz-im_rcatalyst_3850-24xu-s4451_integrated_services_routerasr_9901catalyst_3850-24xs-ecatalyst_9400_supervisor_engine-1ess-3300-con-ecatalyst_ie3400catalyst_3850-24u-lcatalyst_9300l-24t-4g-a9800-clcatalyst_3850-48f-sasr_901-4c-f-d8800_8-slotasr_1001-hx_rcatalyst_9800-l-ccatalyst_3850-48f-e4000_integrated_services_router1000_integrated_services_routercatalyst_9300-48uxm-aasr_102388128818catalyst_9300-24p-aasr_1001esr6300catalyst_3850-48xs-easr_9904catalyst_9300-24u-acatalyst_3850-48uasr_1001-hxcatalyst_ie33008102-64hasr_1009-x8201catalyst_9300-24u-easr_901-6cz-f-acatalyst_3850-12x48ucatalyst_9300xcatalyst_9300-48un-aasr_1001-x_rasr_901-6cz-fs-dcatalyst_9300-24p-easr_1002-x_rasr_901s-4sg-f-dcatalyst_3850-48xs-f-easr_1002catalyst_9800-l-fasr_902asr_1004catalyst_9300l-48t-4x-ecatalyst_3850-24p-l1120_integrated_services_routercatalyst_3850-24xsasr_99038800_4-slotess9300-10x-e4431_integrated_services_router9800-80asr_901-6cz-fs-acatalyst_3850-24u-ecatalyst_3850-48xs-sios_xe1111x-8p_integrated_services_routerasr_9910asr_9912asr_99221109-4p_integrated_services_router8800_12-slotasr_1001-xasr_901s-2sg-f-dcatalyst_9300-24ux-e4351_integrated_services_routerasr_920-24tz-mCisco IOS XE Software
CWE ID-CWE-284
Improper Access Control
CVE-2023-20050
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.17% / 38.13%
||
7 Day CHG~0.00%
Published-23 Feb, 2023 | 00:00
Updated-25 Oct, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the currently logged-in user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_34200yc-smnexus_56128pnexus_3132q-xnexus_3172tqnx-osnexus_3200nexus_3636c-rnexus_3100-vnexus_6000nexus_3524-x\/xlnexus_6004mds_9140nexus_3100-zmds_9506mds_9250inexus_3548-xlnexus_3016qnexus_3132q-vnexus_31128pqnexus_6001pmds_9200nexus_3164qnexus_3172tq-32tnexus_3524-xnexus_3132c-znexus_31108tc-vnexus_3172pq\/pq-xlnexus_5548pnexus_5648qnexus_3172mds_9718mds_9000nexus_3464cmds_9700mds_9148smds_9513nexus_36180yc-rmds_9148tnexus_5500nexus_5672upmds_9132tnexus_1000_virtual_edgenexus_3264qnexus_3432d-snexus_7004nexus_34180ycnexus_9000vmds_9509nexus_31108pc-vmds_9706nexus_3064-32tnexus_5596upnexus_7009nexus_3524mds_9216nexus_3100vnexus_3548mds_9500nexus_3132qnexus_3548-x\/xlnexus_3016mds_9216anexus_7018nexus_5696qnexus_7710nexus_3064xnexus_3100nexus_9000mds_9100mds_9148nexus_3048nexus_31108pv-vnexus_6001nexus_3064tnexus_3524-xlmds_9396tnexus_3232c_nexus_7000nexus_7010mds_9396snexus_3064nexus_7706nexus_3172pqnexus_3064-xnexus_7718nexus_3500nexus_3232cnexus_5548upnexus_5600mds_9222inexus_1000vmds_9216inexus_5596tnexus_7702nexus_3264c-enexus_3132q-x\/3132q-xlnexus_5624qnexus_3548-xnexus_6004xnexus_3132q-xlnexus_3064-tmds_9710nexus_3172tq-xlnexus_6001tnexus_3408-snexus_3600mds_9134nexus_3172pq-xlnexus_7700nexus_5672up-16gnexus_3400Cisco NX-OS Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20236
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.59%
||
7 Day CHG~0.00%
Published-13 Sep, 2023 | 16:39
Updated-16 Dec, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-8201ncs_4216ncs_5001ncs_5002asr_9010ncs_400982028208ncs_1001asr_9902ncs_551682188212ncs_4206asr_9006ncs_4016ncs_540ncs_57b1-5dse-sysncs_57c3-mods-sysios_xrncs_55008831ncs_4201ncs_5508asr_9903ncs_5501ncs_57c1-48q6-sysasr_9000ncs_560880488128818ncs_5011asr_9001ncs_5504asr_9000vasr_9910asr_99068808asr_9904asr_9920asr_9912asr_9922ncs_57c3-mod-sysncs_1004ncs_560-4ncs_560-7ncs_1002ncs_4202ncs_5502asr_9901ncs_57b1-6d24-sysCisco IOS XR Softwareios_xr_software
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2021-40124
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.10%
||
7 Day CHG~0.00%
Published-04 Nov, 2021 | 15:36
Updated-07 Nov, 2024 | 21:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability

A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to incorrect privilege assignment to scripts executed before user logon. An attacker could exploit this vulnerability by configuring a script to be executed before logon. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-anyconnect_secure_mobility_clientCisco AnyConnect Secure Mobility Client
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-1572
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 28.77%
||
7 Day CHG~0.00%
Published-04 Aug, 2021 | 17:20
Updated-07 Nov, 2024 | 22:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ConfD CLI Secure Shell Server Privilege Escalation Vulnerability

A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on an affected device. The vulnerability exists because the affected software incorrectly runs the SFTP user service at the privilege level of the account that was running when the ConfD built-in Secure Shell (SSH) server for CLI was enabled. If the ConfD built-in SSH server was not enabled, the device is not affected by this vulnerability. An attacker with low-level privileges could exploit this vulnerability by authenticating to an affected device and issuing a series of commands at the SFTP interface. A successful exploit could allow the attacker to elevate privileges to the level of the account under which ConfD is running, which is commonly root. Note: Any user who can authenticate to the built-in SSH server may exploit this vulnerability. By default, all ConfD users have this access if the server is enabled. Software updates that address this vulnerability have been released.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-confdnetwork_services_orchestratorCisco ConfD
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-34755
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.30%
||
7 Day CHG~0.00%
Published-27 Oct, 2021 | 18:55
Updated-07 Nov, 2024 | 21:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_management_center_virtual_appliancefirepower_threat_defensesourcefire_defense_centerCisco Firepower Threat Defense Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34719
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 23.03%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 05:00
Updated-07 Nov, 2024 | 22:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-82018101-32hncs_5001ncs_5002asr_9010ncs_4009ncs_540_fronthaul8202ncs_1001asr_9902ncs_5501-sencs_5516ncs_6000asr_9006ncs_540ncs_4016asr_9000v-v2ios_xrncs_5502-se8201-32fhncs_5508asr_9903ncs_5501ios_xrv880488128818ncs_5011ios_xrv_9000asr_90018101-32fhncs_6008asr_9910asr_99068808asr_9904asr_9912asr_9922ncs_560-4ncs_1004ncs_560-7ncs_10028102-64hncs_5502ncs_520asr_9901Cisco IOS XR Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20274
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.02% / 4.43%
||
7 Day CHG~0.00%
Published-21 Nov, 2023 | 18:49
Updated-29 Aug, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the installer script of Cisco AppDynamics PHP Agent could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient permissions that are set by the PHP Agent Installer on the PHP Agent install directory. An attacker could exploit this vulnerability by modifying objects in the PHP Agent install directory, which would run with the same privileges as PHP. A successful exploit could allow a lower-privileged attacker to elevate their privileges to root on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-appdynamicsCisco AppDynamics
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-34728
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.16% / 36.91%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 05:01
Updated-07 Nov, 2024 | 22:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-82018101-32hncs_5001ncs_5002asr_9010ncs_4009ncs_540_fronthaul8202ncs_1001asr_9902ncs_5501-sencs_5516ncs_6000asr_9006ncs_540ncs_4016asr_9000v-v2ios_xrncs_5502-se8201-32fhncs_5508asr_9903ncs_5501ios_xrv880488128818ncs_5011ios_xrv_9000asr_90018101-32fhncs_6008asr_9910asr_99068808asr_9904asr_9912asr_9922ncs_560-4ncs_1004ncs_560-7ncs_10028102-64hncs_5502ncs_520asr_9901Cisco IOS XR Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2016-6367
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-18.76% / 95.43%
||
7 Day CHG~0.00%
Published-18 Aug, 2016 | 18:00
Updated-22 Apr, 2026 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-14||Apply updates per vendor instructions.

Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asa_5520asa_5545-xasa_5500-xasa_5500asa_5506w-xasa_5515-xasa_5585-xpix_firewall_535adaptive_security_appliance_softwareasa_5500_csc-ssmpix_firewall_525asa_5512-xpix_firewall_501asa_5506h-xpix_firewall_506epix_firewall_515asa_5508-xasa_5510asa_5525-xasa_5540asa_5580firewall_services_moduleasa_5555-xasa_5506-xasa_5505asa_5550pix_firewall_515easa_5516-xpix_firewall_520pix_firewall_506n/aAdaptive Security Appliance (ASA)
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2019-1966
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.23% / 46.23%
||
7 Day CHG~0.00%
Published-29 Aug, 2019 | 21:45
Updated-20 Nov, 2024 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Unified Computing System Fabric Interconnect root Privilege Escalation Vulnerability

A vulnerability in a specific CLI command within the local management (local-mgmt) context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand options present for a specific CLI command within the local-mgmt context. An attacker could exploit this vulnerability by authenticating to an affected device, entering the local-mgmt context, and issuing a specific CLI command and submitting user input. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device. The attacker would need to have valid user credentials for the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ucs_6454_fabric_interconnectucs_6324_fabric_interconnectucs_6332-16up_fabric_interconnectnx-osucs_6296_up_fabric_interconnectucs_6248_up_fabric_interconnectunified_computing_systemucs_6332_fabric_interconnectCisco Unified Computing System (Managed)
CWE ID-CWE-264
Not Available
CVE-2026-20126
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.02% / 3.58%
||
7 Day CHG~0.00%
Published-25 Feb, 2026 | 16:13
Updated-20 Mar, 2026 | 21:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability

A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker with low privileges to gain root privileges on the underlying operating system. This vulnerability is due to an insufficient user authentication mechanism in the REST API. An attacker could exploit this vulnerability by sending a request to the REST API of the affected system. A successful exploit could allow the attacker to gain root privileges on the underlying operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_sd-wan_managerCisco Catalyst SD-WAN Manager
CWE ID-CWE-648
Incorrect Use of Privileged APIs
CVE-2019-1893
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.34%
||
7 Day CHG~0.00%
Published-06 Jul, 2019 | 01:20
Updated-20 Nov, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Enterprise NFV Infrastructure Software Command Injection Vulnerability

A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device as root. The vulnerability is due to insufficient input validation of a configuration file that is accessible to a local shell user. An attacker could exploit this vulnerability by including malicious input during the execution of this file. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS as root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-enterprise_nfv_infrastructure_softwareCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-1883
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7||HIGH
EPSS-0.14% / 34.44%
||
7 Day CHG~0.00%
Published-21 Aug, 2019 | 18:20
Updated-20 Nov, 2024 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Integrated Management Controller CLI Command Injection Vulnerability

A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input on the command-line interface. An attacker could exploit this vulnerability by authenticating with read-only privileges via the CLI of an affected device and submitting crafted input to the affected commands. A successful exploit could allow an attacker to execute arbitrary commands on the device with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ucs_c125_m5ucs_s3260integrated_management_controller_supervisorucs-e1120d-m3ucs-e160s-m3ucs_c4200ucs-e140s-m2encs_5100ucs-e160d-m2encs_5400unified_computing_systemucs-e180d-m3ucs-e168d-m2Cisco Unified Computing System E-Series Software (UCSE)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-1735
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.10% / 26.31%
||
7 Day CHG~0.00%
Published-15 May, 2019 | 18:45
Updated-21 Nov, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_93180lc-exucs_6332-16upnexus_9332pqnexus_3172tqnexus_93108tc-exnx-osnexus_3636c-rnexus_9508nexus_93120txnexus_6000nexus_93128txnexus_9336pq_aci_spinenexus_1000venexus_3548-xlnexus_31128pqnexus_3132q-vnexus_9332cnexus_9364cnexus_3164qnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2mds_9200nexus_3524-xnexus_3132c-znexus_31108tc-vnexus_9348gc-fxpnexus_3172mds_9000nexus_9272qnexus_3464cmds_9700nexus_93216tc-fx2nexus_36180yc-rnexus_5500nexus_93180yc-fxnexus_3264qnexus_3432d-snexus_34180ycnexus_9000vnexus_31108pc-vnexus_3524nexus_3548mds_9500nexus_3132qnexus_3016nexus_9372pxnexus_92304qcnexus_92160yc-xucs_6248upmds_9100nexus_9504nexus_3048nexus_9372tx-enexus_93108tc-fxnexus_93360yc-fx2nexus_3524-xlucs_6324nexus_9396txnexus_7000nexus_92300ycnexus_3064ucs_6332nexus_3232cnexus_5600nexus_9396pxucs_6296upnexus_1000vnexus_3264c-enexus_93240yc-fx2nexus_9372txnexus_3548-xnexus_3132q-xlnexus_3064-tnexus_3172tq-xlnexus_93180yc-exnexus_3408-snexus_9372px-enexus_9236cnexus_9516nexus_3172pq-xlnexus_7700Cisco NX-OS Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2019-1816
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.12% / 30.35%
||
7 Day CHG~0.00%
Published-03 May, 2019 | 16:25
Updated-21 Nov, 2024 | 19:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Web Security Appliance Privilege Escalation Vulnerability

A vulnerability in the log subscription subsystem of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The vulnerability is due to insufficient validation of user-supplied input on the web and command-line interface. An attacker could exploit this vulnerability by authenticating to the affected device and injecting scripting commands in the scope of the log subscription subsystem. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-web_security_applianceCisco Web Security Appliance (WSA)
CWE ID-CWE-20
Improper Input Validation
CVE-2019-1726
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 13.26%
||
7 Day CHG~0.00%
Published-15 May, 2019 | 16:40
Updated-21 Nov, 2024 | 19:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software CLI Bypass to Internal Service Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument to the affected command. A successful exploit could allow the attacker to bypass intended restrictions and access internal services of the device. An attacker would need valid device credentials to exploit this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_3500nexus_3100vmds_9500mds_9000nexus_9200nexus_5600nx-osnexus_3200mds_9700ucs_6296upnexus_6000ucs_6248upnexus_5500nexus_3400nexus_3100nexus_9000mds_9100nexus_9500nexus_3548-xnexus_3100-znexus_7000nexus_3524-xlnexus_9300nexus_3548-xlnexus_3000nexus_3600mds_9200nexus_7700nexus_3524-xCisco NX-OS Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-1745
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.09% / 25.40%
||
7 Day CHG~0.00%
Published-27 Mar, 2019 | 23:40
Updated-20 Nov, 2024 | 17:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Command Injection Vulnerability

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with elevated privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected commands. An exploit could allow the attacker to gain root privileges on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-1654
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.21% / 42.61%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 21:45
Updated-20 Nov, 2024 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Aironet Series Access Points Development Shell Access Vulnerability

A vulnerability in the development shell (devshell) authentication for Cisco Aironet Series Access Points (APs) running the Cisco AP-COS operating system could allow an authenticated, local attacker to access the development shell without proper authentication, which allows for root access to the underlying Linux OS. The attacker would need valid device credentials. The vulnerability exists because the software improperly validates user-supplied input at the CLI authentication prompt for development shell access. An attacker could exploit this vulnerability by authenticating to the device and entering crafted input at the CLI. A successful exploit could allow the attacker to access the AP development shell without proper authentication, which allows for root access to the underlying Linux OS. Software versions prior to 8.3.150.0, 8.5.135.0, and 8.8.100.0 are affected.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ap-cosaironet_2800aironet_1800aironet_3800aironet_1560aironet_1540Cisco Aironet Access Point Software
CWE ID-CWE-255
Not Available
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-1593
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.12%
||
7 Day CHG~0.00%
Published-06 Mar, 2019 | 22:00
Updated-20 Nov, 2024 | 17:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation Vulnerability

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The vulnerability is due to the incorrect implementation of a Bash shell command that allows role-based access control (RBAC) to be bypassed. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Bash prompt. A successful exploit could allow the attacker to escalate their privilege level by executing commands that should be restricted to other roles. For example, a dev-ops user could escalate their privilege level to admin with a successful exploit of this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_3500nexus_9500nexus_9000_in_aci_modenx-osnexus_3000nexus_3600nexus_7000nexus_7700nexus_9000_in_standaloneNexus 3600 Platform SwitchesNexus 9000 Series Switches in Standalone NX-OS ModeNexus 7000 and 7700 Series SwitchesNexus 3500 Platform SwitchesNexus 9000 Series Fabric Switches in ACI ModeNexus 3000 Series Switches
CWE ID-CWE-264
Not Available
CVE-2019-1664
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.1||HIGH
EPSS-0.40% / 60.96%
||
7 Day CHG~0.00%
Published-21 Feb, 2019 | 19:00
Updated-20 Nov, 2024 | 17:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco HyperFlex Software Unauthenticated Root Access Vulnerability

A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by connecting to the hxterm service as a non-privileged, local user. A successful exploit could allow the attacker to gain root access to all member nodes of the HyperFlex cluster. This vulnerability affects Cisco HyperFlex Software Releases prior to 3.5(2a).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-hyperflex_hx_data_platformCisco HyperFlex HX-Series
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-287
Improper Authentication
CVE-2019-1646
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.86%
||
7 Day CHG~0.00%
Published-24 Jan, 2019 | 15:00
Updated-20 Nov, 2024 | 17:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation Vulnerability in Cisco SD-WAN Solution

A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by sending crafted commands to the CLI of an affected device. A successful exploit could allow the attacker to establish an interactive session with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_2000sd-wanvedge_100_firmwarevbond_orchestratorvedge_5000_firmwarevedge_1000_firmwarevedge_5000vsmart_controllervedge_100vmanage_network_managementvedge_2000_firmwarevedge_1000Cisco SD-WAN Solution
CWE ID-CWE-264
Not Available
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2019-1596
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.37%
||
7 Day CHG~0.00%
Published-07 Mar, 2019 | 19:00
Updated-20 Nov, 2024 | 17:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Bash Shell Privilege Escalation Vulnerability

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root. The attacker must authenticate with valid user credentials. The vulnerability is due to incorrect permissions of a system executable. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Bash prompt. A successful exploit could allow the attacker to escalate their privilege level to root. Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_3500nexus_9000nexus_9500nx-osnexus_3000nexus_3600Nexus 3600 Platform SwitchesNexus 9000 Series Switches in Standalone NX-OS ModeNexus 3500 Platform SwitchesNexus 3000 Series SwitchesNexus 9500 R-Series Line Cards and Fabric Modules
CWE ID-CWE-264
Not Available
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-1602
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.24% / 47.14%
||
7 Day CHG~0.00%
Published-08 Mar, 2019 | 19:00
Updated-20 Nov, 2024 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Privilege Escalation Vulnerability

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator. The vulnerability is due to improper implementation of filesystem permissions. An attacker could exploit this vulnerability by logging in to the CLI of an affected device, accessing a specific file, and leveraging this information to authenticate to the NX-API server. A successful exploit could allow an attacker to make configuration changes as administrator. Note: NX-API is disabled by default. Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5). Nexus 9000 Series Switches-Standalone are affected in versions prior to 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_9000nexus_3500nexus_9500nx-osnexus_3000nexus_3600Nexus 3600 Platform SwitchesNexus 3500 Platform SwitchesNexus 9000 Series Switches-StandaloneNexus 3000 Series SwitchesNexus 9500 R-Series Line Cards and Fabric Modules
CWE ID-CWE-264
Not Available
CVE-2019-1605
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.19% / 40.66%
||
7 Day CHG~0.00%
Published-08 Mar, 2019 | 20:00
Updated-20 Nov, 2024 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary code as root. The vulnerability is due to incorrect input validation in the NX-API feature. An attacker could exploit this vulnerability by sending a crafted HTTP or HTTPS request to an internal service on an affected device that has the NX-API feature enabled. A successful exploit could allow the attacker to cause a buffer overflow and execute arbitrary code as root. Note: The NX-API feature is disabled by default. MDS 9000 Series Multilayer Switches are affected in versions prior to 8.1(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I4(8) and 7.0(3)I7(1). Nexus 3500 Platform Switches are affected in versions prior to 6.0(2)A8(8). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5). Nexus 2000, 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.3(2)N1(1). Nexus 7000 and 7700 Series Switches are affected in versions prior to 7.3(3)D1(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I4(8) and 7.0(3)I7(1). Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_3500nexus_9000nexus_9500mds_9000nexus_5500nexus_5600nx-osnexus_3000nexus_6000nexus_3600nexus_7000nexus_2000nexus_7700MDS 9000 Series Multilayer SwitchesNexus 3600 Platform SwitchesNexus 9000 Series Switches in Standalone NX-OS ModeNexus 3500 Platform SwitchesNexus 7000 and 7700 Series SwitchesNexus 2000, 5500, 5600, and 6000 Series SwitchesNexus 3000 Series SwitchesNexus 9500 R-Series Line Cards and Fabric Modules
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-16011
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.32%
||
7 Day CHG~0.00%
Published-29 Apr, 2020 | 20:40
Updated-15 Nov, 2024 | 17:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_10134431_integrated_services_routerasr_1002-hx1100_integrated_services_routerios_xe4221_integrated_services_router4331_integrated_services_routerasr_10064461_integrated_services_routerasr_1001-xasr_1001-hxasr_1004asr_1002-xcsr1000vasr_1009-xasr_1006-xCisco IOS XE SD-WAN Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2019-1592
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.23% / 46.23%
||
7 Day CHG~0.00%
Published-03 May, 2019 | 14:50
Updated-20 Nov, 2024 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Privilege Escalation Vulnerability

A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. The vulnerability is due to insufficient validation of user-supplied files on an affected device. An attacker could exploit this vulnerability by logging in to the CLI of the affected device and creating a crafted file in a specific directory on the filesystem. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_93180lc-exnexus_9348gc-fxpnexus_9332pqnexus_93108tc-exnexus_9272qnexus_9396pxnx-osnexus_9372pxnexus_9508nexus_93120txnexus_92304qcnexus_92160yc-xnexus_93128txnexus_93240yc-fx2nexus_93180yc-fxnexus_9000nexus_9372txnexus_9372tx-enexus_93108tc-fxnexus_93180yc-exnexus_9372px-enexus_9396txnexus_9336pqnexus_9332cnexus_9236cnexus_9364cnexus_92300ycnexus_9336c-fx2Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode 11.0.1b
CWE ID-CWE-264
Not Available
CWE ID-CWE-20
Improper Input Validation
CVE-2019-1606
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.17% / 37.69%
||
7 Day CHG~0.00%
Published-08 Mar, 2019 | 20:00
Updated-21 Nov, 2024 | 19:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1606)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability. Nexus 3000, 3500, and Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(4).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_9000nexus_3000nx-osnexus_3500Nexus 3500 Platform SwitchesNexus 3000 Series SwitchesNexus 9000 Series Switches in Standalone NX-OS Mode
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2022-20818
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.52% / 67.09%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 18:45
Updated-26 Feb, 2026 | 04:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Software Privilege Escalation Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-8101-32hcatalyst_8540csr1100-6g_integrated_services_router4331\/k9_integrated_services_router82021100_integrated_services_routerasr_1001-hx_r4331_integrated_services_router4461_integrated_services_routerasr_1002-hx_rasr_1000-x4000_integrated_services_routercatalyst_8300111x_integrated_services_routercatalyst_8500-4qcasr_1006-x8201-32fhasr_1013catalyst_8540msrasr_102388124321\/k9-rf_integrated_services_router8818catalyst_8300-1n1s-6t8101-32fhasr_10014221_integrated_services_routersd-wansd-wan_vsmart_controllerasr_1001-hxasr_1002-x8102-64h1131_integrated_services_routerasr_1009-x82014451-x_integrated_services_router4351_integrated_services_router4331\/k9-ws_integrated_services_router4351\/k9_integrated_services_router1160_integrated_services_routerasr_1001-x_rcatalyst_8000v_edgecatalyst_8510csr4351\/k9-ws_integrated_services_routerasr_1002-hxcatalyst_8510msr1109-2p_integrated_services_routercatalyst_cg418-ecatalyst_8200asr_1002-x_rasr_1002catalyst_8300-2n2s-6tsd-wan_vmanage1109_integrated_services_routerasr_1004catalyst_85001120_integrated_services_router88314351\/k9-rf_integrated_services_router4321\/k9-ws_integrated_services_router1100-4g_integrated_services_router1111x_integrated_services_router4321_integrated_services_routercatalyst_8500lcatalyst_8300-1n1s-4t2x88041101-4p_integrated_services_router4431_integrated_services_router1100-4p_integrated_services_routerasr_1000catalyst_8300-2n2s-4t2x1111x-8p_integrated_services_router8808asr_10061100-8p_integrated_services_routersd-wan_vbond_orchestrator1109-4p_integrated_services_routercatalyst_cg522-easr_1001-x1101_integrated_services_router4331\/k9-rf_integrated_services_router4451_integrated_services_router4321\/k9_integrated_services_routerCisco SD-WAN Solution
CWE ID-CWE-25
Path Traversal: '/../filedir'
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2019-1591
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.24% / 46.94%
||
7 Day CHG~0.00%
Published-06 Mar, 2019 | 22:00
Updated-20 Nov, 2024 | 17:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Shell Escape Vulnerability

A vulnerability in a specific CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escape a restricted shell on an affected device. The vulnerability is due to insufficient sanitization of user-supplied input when issuing a specific CLI command with parameters on an affected device. An attacker could exploit this vulnerability by authenticating to the device CLI and issuing certain commands. A successful exploit could allow the attacker to escape the restricted shell and execute arbitrary commands with root-level privileges on the affected device. This vulnerability only affects Cisco Nexus 9000 Series ACI Mode Switches that are running a release prior to 14.0(3d).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_9000nx-osCisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode
CWE ID-CWE-264
Not Available
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-20775
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.39% / 60.07%
||
7 Day CHG+0.03%
Published-30 Sep, 2022 | 18:45
Updated-02 Mar, 2026 | 13:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2026-02-27||Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
Cisco SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_1000-xcatalyst_8540csrsd-wan_vsmart_controllerasr_1001-hx_r4351_integrated_services_routerasr_1009-x1131_integrated_services_router1100-4p_integrated_services_routercatalyst_85001109_integrated_services_routersd-wan4321\/k9-rf_integrated_services_router8102-64h1100-4g_integrated_services_router4351\/k9_integrated_services_routercatalyst_8300catalyst_8510msr1109-2p_integrated_services_router88041101_integrated_services_routercatalyst_8300-2n2s-4t2xasr_10014321\/k9_integrated_services_router4321_integrated_services_router4321\/k9-ws_integrated_services_routercatalyst_8300-1n1s-4t2x1120_integrated_services_routerasr_1004asr_1006catalyst_8300-1n1s-6t4461_integrated_services_router8101-32fh4451-x_integrated_services_routersd-wan_vedge_cloud4331_integrated_services_router880882024351\/k9-ws_integrated_services_routerasr_1001-hxasr_1002-xasr_1013catalyst_cg418-e8818catalyst_8200catalyst_8500lasr_1023asr_1002-hx1100-8p_integrated_services_router4331\/k9-ws_integrated_services_routercatalyst_cg522-e8201-32fh88124351\/k9-rf_integrated_services_routerasr_1002-x_rcatalyst_sd-wan_manager4431_integrated_services_router88311100_integrated_services_routercatalyst_8500-4qccatalyst_8510csrasr_1000catalyst_8000v_edgeasr_1002-hx_rsd-wan_vbond_orchestrator82011109-4p_integrated_services_routerasr_1001-x_r8101-32hasr_1006-x4451_integrated_services_router1111x_integrated_services_router4221_integrated_services_router1111x-8p_integrated_services_routercatalyst_8540msrasr_1001-x1100-6g_integrated_services_routercatalyst_8300-2n2s-6t4331\/k9-rf_integrated_services_router4000_integrated_services_router111x_integrated_services_router1101-4p_integrated_services_router4331\/k9_integrated_services_router1160_integrated_services_routerasr_1002Cisco Catalyst SD-WANCisco SD-WAN vEdge RouterCisco Catalyst SD-WAN ManagerCisco SD-WAN vEdge CloudCisco SD-WAN vContainerSD-WAN
CWE ID-CWE-25
Path Traversal: '/../filedir'
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-20716
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.13% / 31.78%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 14:15
Updated-06 Nov, 2024 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Solution Improper Access Control Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the affected system. A local attacker could exploit this vulnerability by modifying certain files on the vulnerable device. If successful, the attacker could gain escalated privileges and take actions on the system with the privileges of the root user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sd-wan_vedge_routersd-wansd-wan_solutionsd-wan_vedge_cloudsd-wan_vbond_orchestratorsd-wan_vsmart_controller_softwarecatalyst_sd-wan_managerCisco SD-WAN Solution
CWE ID-CWE-284
Improper Access Control
CVE-2019-1625
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.71%
||
7 Day CHG~0.00%
Published-20 Jun, 2019 | 02:45
Updated-20 Nov, 2024 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Solution Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the root user on an affected device. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by authenticating to the targeted device and executing commands that could lead to elevated privileges. A successful exploit could allow the attacker to make configuration changes to the system as the root user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_100mvedge-5000vedge-2000sd-wan_firmwarevedge-100vedge-1000vedge_100wmvedge_100bCisco SD-WAN Solution
CWE ID-CWE-264
Not Available
CVE-2019-1601
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.68%
||
7 Day CHG~0.00%
Published-08 Mar, 2019 | 18:00
Updated-20 Nov, 2024 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Unauthorized Filesystem Access Vulnerability

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to gain read and write access to a critical configuration file. The vulnerability is due to a failure to impose strict filesystem permissions on the targeted device. An attacker could exploit this vulnerability by accessing and modifying restricted files. A successful exploit could allow an attacker to use the content of this configuration file to bypass authentication and log in as any user of the device. MDS 9000 Series Multilayer Switches are affected in versions prior to 6.2(25), 8.1(1b), and 8.3(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 3500 Platform Switches are affected in versions prior to 6.0(2)A8(10) and 7.0(3)I7(4). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5). Nexus 2000, 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.1(5)N1(1b) and 7.3(3)N1(1). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(22), 7.3(3)D1(1), and 8.2(3). Nexus 9000 Series Switches-Standalone are affected in versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_3500nexus_9000nexus_9500mds_9000nexus_5500nexus_5600nx-osnexus_3000nexus_6000nexus_3600nexus_7000nexus_2000nexus_7700MDS 9000 Series Multilayer SwitchesNexus 3600 Platform SwitchesNexus 3500 Platform SwitchesNexus 7000 and 7700 Series SwitchesNexus 9000 Series Switches-StandaloneNexus 2000, 5500, 5600, and 6000 Series SwitchesNexus 3000 Series SwitchesNexus 9500 R-Series Line Cards and Fabric Modules
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-1603
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.22% / 44.16%
||
7 Day CHG~0.00%
Published-08 Mar, 2019 | 19:00
Updated-20 Nov, 2024 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to escalate lower-level privileges to the administrator level. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by authenticating to the targeted device and executing commands that could lead to elevated privileges. A successful exploit could allow an attacker to make configuration changes to the system as administrator. Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5). Nexus 9000 Series Switches-Standalone are affected in versions prior to 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_3500nexus_9000nexus_9500nx-osnexus_3000nexus_3600Nexus 3600 Platform SwitchesNexus 3500 Platform SwitchesNexus 9000 Series Switches-StandaloneNexus 3000 Series SwitchesNexus 9500 R-Series Line Cards and Fabric Modules
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2019-1648
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.71%
||
7 Day CHG~0.00%
Published-24 Jan, 2019 | 15:00
Updated-20 Nov, 2024 | 17:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Solution Privilege Escalation Vulnerability

A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An attacker could exploit this vulnerability by writing a crafted file to the directory where the user group configuration is located in the underlying operating system. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_2000sd-wanvedge_100_firmwarevbond_orchestratorvedge_5000_firmwarevedge_1000_firmwarevedge_5000vsmart_controllervedge_100vmanage_network_managementvedge_2000_firmwarevedge_1000Cisco SD-WAN Solution
CWE ID-CWE-264
Not Available
CWE ID-CWE-20
Improper Input Validation
CVE-2022-20681
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 29.87%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 14:16
Updated-16 Sep, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Catalyst 9000 Family Wireless Controllers Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate privileges to level 15 on an affected device. This vulnerability is due to insufficient validation of user privileges after the user executes certain CLI commands. An attacker could exploit this vulnerability by logging in to an affected device as a low-privileged user and then executing certain CLI commands. A successful exploit could allow the attacker to execute arbitrary commands with level 15 privileges on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-266
Incorrect Privilege Assignment
CVE-2019-12717
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 32.46%
||
7 Day CHG~0.00%
Published-25 Sep, 2019 | 20:16
Updated-20 Nov, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability

A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges, which may lead to complete system compromise. An attacker would need valid administrator credentials to exploit this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_93180lc-exnexus_56128pnexus_9332pqnexus_3172tqnexus_93108tc-exnx-osnexus_3636c-rnexus_9508nexus_93120txnexus_93128txnexus_9336pq_aci_spinenexus_6004nexus_3548-xlnexus_31128pqnexus_3132q-vnexus_9332cnexus_7000_9-slotnexus_9364cnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3164qnexus_3524-xnexus_3132c-znexus_31108tc-vnexus_5548pnexus_9348gc-fxpnexus_5648qnexus_3172nexus_9272qnexus_3464cnexus_93216tc-fx2nexus_36180yc-rnexus_5672upnexus_93180yc-fxnexus_3264qnexus_3432d-snexus_34180ycnexus_9000vnexus_31108pc-vnexus_7700_18-slotnexus_5596upnexus_3524nexus_3548nexus_7000_4-slotnexus_7700_6-slotnexus_3132qnexus_3016nexus_9372pxnexus_5696qnexus_92304qcnexus_92160yc-xnexus_7700_10-slotnexus_9500nexus_3048nexus_9372tx-enexus_9504nexus_6001nexus_93108tc-fxnexus_93360yc-fx2nexus_3524-xlnexus_9396txnexus_7000_10-slotnexus_7000nexus_92300ycnexus_3064nexus_3232cnexus_5548upnexus_9396pxnexus_5596tnexus_3264c-enexus_7700_2-slotnexus_93240yc-fx2nexus_9372txnexus_5624qnexus_3548-xnexus_6004xnexus_3132q-xlnexus_3064-tnexus_3172tq-xlnexus_93180yc-exnexus_3408-snexus_9372px-enexus_7000_18-slotnexus_9236cnexus_9516nexus_3172pq-xlnexus_7700Cisco NX-OS Software 5.0(3)A1(1)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-12645
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 10.34%
||
7 Day CHG~0.00%
Published-05 Sep, 2019 | 01:20
Updated-20 Nov, 2024 | 17:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Jabber Client Framework for Mac Code Execution Vulnerability

A vulnerability in Cisco Jabber Client Framework (JCF) for Mac Software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to execute arbitrary code on an affected device The vulnerability is due to improper file level permissions on an affected device when it is running Cisco JCF for Mac Software. An attacker could exploit this vulnerability by authenticating to the affected device and executing arbitrary code or potentially modifying certain configuration files. A successful exploit could allow the attacker to execute arbitrary code or modify certain configuration files on the device using the privileges of the installed Cisco JCF for Mac Software.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-jabberCisco Jabber for Mac
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 10
  • 11
  • Next
Details not found