Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-20260

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-17 Jan, 2024 | 16:57
Updated At-13 Nov, 2024 | 19:51
Rejected At-
Credits

A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An attacker could exploit this vulnerability by issuing a command on the CLI with malicious options. A successful exploit could allow the attacker to gain the escalated privileges of the root user on the underlying operating system.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:17 Jan, 2024 | 16:57
Updated At:13 Nov, 2024 | 19:51
Rejected At:
â–¼CVE Numbering Authority (CNA)

A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An attacker could exploit this vulnerability by issuing a command on the CLI with malicious options. A successful exploit could allow the attacker to gain the escalated privileges of the root user on the underlying operating system.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Prime Infrastructure
Versions
Affected
  • 2.0.0
  • 2.0.10
  • 2.0.39
  • 2.1.0
  • 2.1.1
  • 2.1.2
  • 2.1.56
  • 2.2.0
  • 2.2.1
  • 2.2.2
  • 2.2.3
  • 2.2.10
  • 2.2.8
  • 2.2.4
  • 2.2.7
  • 2.2.5
  • 2.2.9
  • 2.2.1 Update 01
  • 2.2.2 Update 03
  • 2.2.2 Update 04
  • 2.2.3 Update 02
  • 2.2.3 Update 03
  • 2.2.3 Update 04
  • 2.2.3 Update 05
  • 2.2.3 Update 06
  • 3.0.0
  • 3.0.1
  • 3.0.2
  • 3.0.3
  • 3.0.4
  • 3.0.6
  • 3.0.5
  • 3.0.7
  • 3.1.0
  • 3.1.1
  • 3.1.7
  • 3.1.5
  • 3.1.2
  • 3.1.3
  • 3.1.4
  • 3.1.6
  • 3.2.2
  • 3.2.0-FIPS
  • 3.2.1
  • 3.3.0
  • 3.3.1
  • 3.3.0 Update 01
  • 3.4.0
  • 3.4.1
  • 3.4.2
  • 3.4.1 Update 01
  • 3.4.1 Update 02
  • 3.4.2 Update 01
  • 3.5.0
  • 3.5.1
  • 3.5.0 Update 01
  • 3.5.0 Update 02
  • 3.5.0 Update 03
  • 3.5.1 Update 01
  • 3.5.1 Update 02
  • 3.5.1 Update 03
  • 3.6.0
  • 3.6.0 Update 01
  • 3.6.0 Update 02
  • 3.6.0 Update 03
  • 3.6.0 Update 04
  • 2.1
  • 2.2
  • 3.2
  • 3.4_DP1
  • 3.4_DP3
  • 3.4_DP2
  • 3.5_DP1
  • 3.4_DP7
  • 3.4_DP10
  • 3.4_DP5
  • 3.1_DP15
  • 3.4_DP11
  • 3.4_DP8
  • 3.7_DP1
  • 3.3_DP4
  • 3.10_DP1
  • 3.8_DP1
  • 3.7_DP2
  • 3.6_DP1
  • 3.1_DP16
  • 3.5_DP4
  • 3.3_DP3
  • 3.2_DP2
  • 3.4_DP4
  • 3.1_DP14
  • 3.1_DP6
  • 3.1_DP9
  • 3.4_DP6
  • 3.2_DP3
  • 3.4_DP9
  • 3.3_DP2
  • 3.2_DP1
  • 3.1_DP10
  • 3.9_DP1
  • 3.3_DP1
  • 3.1_DP13
  • 3.5_DP2
  • 3.1_DP12
  • 3.1_DP4
  • 3.5_DP3
  • 3.1_DP8
  • 3.1_DP7
  • 3.2_DP4
  • 3.1_DP11
  • 3.1_DP5
  • 3.7.0
  • 3.7.1
  • 3.7.1 Update 04
  • 3.7.1 Update 06
  • 3.7.1 Update 07
  • 3.7.1 Update 03
  • 3.7.0 Update 03
  • 3.7.1 Update 01
  • 3.7.1 Update 02
  • 3.7.1 Update 05
  • 3.8.0
  • 3.8.1
  • 3.8.1 Update 02
  • 3.8.1 Update 04
  • 3.8.1 Update 01
  • 3.8.1 Update 03
  • 3.8.0 Update 01
  • 3.8.0 Update 02
  • 3.9.0
  • 3.9.1
  • 3.9.1 Update 02
  • 3.9.1 Update 03
  • 3.9.1 Update 01
  • 3.9.1 Update 04
  • 3.9.0 Update 01
  • 3.10.0
  • 3.10.3
  • 3.10.1
  • 3.10.2
  • 3.10 Update 01
  • 3.10.4
  • 3.10.4 Update 01
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Evolved Programmable Network Manager (EPNM)
Versions
Affected
  • 1.2.6
  • 1.2.2
  • 1.2.3
  • 1.2.5
  • 1.2.1.2
  • 1.2.4
  • 1.2.7
  • 1.2
  • 1.2.2.4
  • 1.2.4.2
  • 2.0.2
  • 2.0.4
  • 2.0.3
  • 2.0.1
  • 2.0
  • 2.0.1.1
  • 2.0.2.1
  • 2.0.4.1
  • 2.0.4.2
  • 2.1.2
  • 2.1.3
  • 2.1.1
  • 2.1
  • 2.1.1.1
  • 2.1.1.3
  • 2.1.1.4
  • 2.1.2.2
  • 2.1.2.3
  • 2.1.3.2
  • 2.1.3.3
  • 2.1.3.4
  • 2.1.3.5
  • 2.1.4
  • 2.2.1
  • 2.2
  • 2.2.1.1
  • 2.2.1.2
  • 2.2.1.3
  • 2.2.1.4
  • 2.2.3
  • 2.2.4
  • 2.2.5
  • 3.0.1
  • 3.0.2
  • 3.0.3
  • 3.0
  • 3.1.1
  • 3.1.2
  • 3.1.3
  • 3.1
  • 4.1.1
  • 4.1
  • 4.1.1.1
  • 4.1.1.2
  • 4.0.3
  • 4.0.1
  • 4.0.2
  • 4.0
  • 4.0.3.1
  • 5.0.1
  • 5.0.2
  • 5.0.2.5
  • 5.0.2.3
  • 5.0.2.4
  • 5.0.2.1
  • 5.0.2.2
  • 5.0
  • 5.0.2.6
  • 5.1.1
  • 5.1.2
  • 5.1.3
  • 5.1.4
  • 5.1.4.2
  • 5.1.4.1
  • 5.1.4.3
  • 5.1
  • 5.1.3.1
  • 5.1.3.2
  • 5.1.4.4
  • 7.0.0
  • 6.0.0
  • 6.0.2
  • 6.0.1
  • 6.0.2.1
  • 6.0.1.1
  • 6.0.3
  • 6.0.3.1
  • 6.1.1
  • 6.1.1.1
  • 6.1
  • 6.1.2
  • 6.1.1.2.2
Problem Types
TypeCWE IDDescription
cweCWE-284Improper Access Control
Type: cwe
CWE ID: CWE-284
Description: Improper Access Control
Metrics
VersionBase scoreBase severityVector
3.16.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Version: 3.1
Base score: 6.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq
Resource: N/A
â–¼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq
x_transferred
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ykramarz@cisco.com
Published At:17 Jan, 2024 | 17:15
Updated At:02 Feb, 2024 | 16:15

A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An attacker could exploit this vulnerability by issuing a command on the CLI with malicious options. A successful exploit could allow the attacker to gain the escalated privileges of the root user on the underlying operating system.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Secondary3.16.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Type: Primary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
CPE Matches
Cisco Systems, Inc.
cisco
>>evolved_programmable_network_manager>>Versions before 7.1.1(exclusive)
cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>Versions before 3.10.4(exclusive)
cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.10.4
cpe:2.3:a:cisco:prime_infrastructure:3.10.4:-:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.10.4
cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update_1:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-88Primarynvd@nist.gov
CWE-284Secondaryykramarz@cisco.com
CWE ID: CWE-88
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-284
Type: Secondary
Source: ykramarz@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeqykramarz@cisco.com
Vendor Advisory
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq
Source: ykramarz@cisco.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

395Records found
CVE-2026-20044
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.01% / 0.32%
||
7 Day CHG~0.00%
Published-04 Mar, 2026 | 17:17
Updated-05 Mar, 2026 | 19:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Secure Firewall Management Center Command Injection Vulnerability

A vulnerability in the lockdown mechanism of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, local attacker to perform arbitrary commands as root. This vulnerability is due to insufficient restrictions on remediation modules while in lockdown mode. An attacker could exploit this vulnerability by sending crafted input to the system CLI of the affected device. A successful exploit could allow the attacker to run arbitrary commands or code as root, even when the system is in lockdown mode. To exploit this vulnerability, the attacker must have valid administrative credentials.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Secure Firewall Management Center (FMC)
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-20136
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.04% / 13.52%
||
7 Day CHG~0.00%
Published-15 Apr, 2026 | 16:11
Updated-17 Apr, 2026 | 15:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. This vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by providing crafted input to a specific CLI command. A successful exploit could allow the attacker to elevate their privileges to root on the underlying operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Identity Services Engine Software
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CVE-2026-20099
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-25 Feb, 2026 | 16:25
Updated-27 Feb, 2026 | 14:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco UCS Manager and FXOS Software Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root.  This vulnerability is due to insufficient input validation of command arguments supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of the affected device with root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Firepower Extensible Operating System (FXOS)Cisco Secure Firewall Adaptive Security Appliance (ASA) SoftwareCisco Unified Computing System (Managed)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0324
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.20% / 42.00%
||
7 Day CHG~0.00%
Published-17 May, 2018 | 03:00
Updated-29 Nov, 2024 | 15:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters in the CLI parser. An attacker could exploit this vulnerability by invoking a vulnerable CLI command with crafted malicious parameters. An exploit could allow the attacker to execute arbitrary commands with a non-root user account on the underlying Linux operating system of the affected device. Cisco Bug IDs: CSCvi09723.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-network_functions_virtualization_infrastructureCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0481
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.80%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Command Injection Vulnerabilities

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes command arguments, failing to prevent access to certain internal data structures on an affected device. An attacker who has privileged EXEC mode (privilege level 15) access to an affected device could exploit these vulnerabilities on the device by executing CLI commands that contain custom arguments. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0224
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.07%
||
7 Day CHG~0.00%
Published-08 Mar, 2018 | 07:00
Updated-02 Dec, 2024 | 20:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected operating system. The vulnerability is due to insufficient validation of user-supplied input by the affected operating system. An attacker could exploit this vulnerability by authenticating to an affected system and injecting malicious arguments into a vulnerable CLI command. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected system. Cisco Bug IDs: CSCvg38807.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-starosasr_5000asr_5500asr_5700Cisco StarOS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-1972
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 9.25%
||
7 Day CHG~0.00%
Published-08 Aug, 2019 | 07:35
Updated-20 Nov, 2024 | 17:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Enterprise NFV Infrastructure Software Privilege Escalation Vulnerability

A vulnerability the Cisco Enterprise NFV Infrastructure Software (NFVIS) restricted CLI could allow an authenticated, local attacker with valid administrator-level credentials to elevate privileges and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient restrictions during the execution of an affected CLI command. An attacker could exploit this vulnerability by leveraging the insufficient restrictions during the execution of an affected command. A successful exploit could allow the attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-enterprise_network_function_virtualization_infrastructureCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-264
Not Available
CVE-2019-1768
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.21% / 44.01%
||
7 Day CHG~0.00%
Published-16 May, 2019 | 01:25
Updated-20 Nov, 2024 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerability

A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_93180lc-exnexus_9332pqnexus_3172tqnexus_93108tc-exnx-osnexus_3636c-rnexus_9508nexus_93120txnexus_93128txnexus_9336pq_aci_spinenexus_3548-xlnexus_31128pqnexus_3132q-vnexus_9332cnexus_9364cnexus_3164qnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3132c-znexus_3524-xnexus_31108tc-vnexus_9348gc-fxpnexus_3172nexus_9272qnexus_3464cnexus_93216tc-fx2nexus_36180yc-rnexus_93180yc-fxnexus_3264qnexus_3432d-snexus_34180ycnexus_9000vnexus_31108pc-vnexus_3524nexus_3548nexus_3132qnexus_3016nexus_9372pxnexus_92304qcnexus_92160yc-xnexus_9504nexus_3048nexus_9372tx-enexus_93108tc-fxnexus_93360yc-fx2nexus_3524-xlnexus_9396txnexus_92300ycnexus_3064nexus_3232cnexus_9396pxnexus_3264c-enexus_93240yc-fx2nexus_9372txnexus_3548-xnexus_3132q-xlnexus_3064-tnexus_3172tq-xlnexus_93180yc-exnexus_3408-snexus_9372px-enexus_9236cnexus_9516nexus_3172pq-xlCisco NX-OS Software
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-1775
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 28.46%
||
7 Day CHG~0.00%
Published-15 May, 2019 | 19:30
Updated-20 Nov, 2024 | 17:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_93180lc-exnexus_56128pnx-osnexus_3636c-r9736pqnexus_7700_supervisor_3en9k-x9732c-fxn9k-c9504-fm-rmds_9506mds_9250inexus_3132q-vnexus_9332cnexus_5020nexus_9336c-fx2x9636q-rnexus_31108tc-vnexus_9348gc-fxpmds_9718mds_9148snexus_9500_supervisor_b\+n7k-f306ck-25mds_9513mds_9148tnexus_93180yc-fxmds_9132tnexus_3432d-sn7k-m348xp-25ln9k-x9736c-fxn9k-x9736c-exmds_92167700_6-slotnexus_7000_supervisor_1nexus_3548-x\/xlmds_9216ax96136yc-rn77-f348xp-23nexus_9500_supervisor_b7000_18-slotnexus_3048nexus_93360yc-fx2n7k-f312fq-25mds_9396tmds_9396sn77-m312cq-26lnexus_5548upn9k-x9788tc-fxn9k-x9564txnexus_7000_supervisor_2ex9636c-rxn77-f430cq-36n9k-x9464pxmds_9216inexus_5596tnexus_3132q-x\/3132q-xlnexus_5624q9636pqn9k-x9432c-snexus_93600cd-gxnexus_3408-sn9k-x9636c-rnexus_93108tc-exnexus_9508nexus_93120tx7000_10-slotnexus_9316d-gxnexus_7000_supervisor_2nexus_3524-x\/xlnexus_6004n9k-x9464tx2n7k-f248xp-25en9k-x96136yc-rn77-f324fq-25nexus_31128pqn9k-x9636q-rnexus_9364cnexus_3164qnexus_7700_supervisor_2e7700_2-slotnexus_3132c-znexus_3172pq\/pq-xlnexus_5548pnexus_5648q9536pqn9k-x9732c-exnexus_3464cnexus_93216tc-fx2nexus_36180yc-rnexus_5672upn77-f312ck-26nexus_3264qnexus_34180ycmds_9509nexus_31108pc-vn9k-x9636c-rxmds_9706nexus_9500_supervisor_a\+7000_4-slotnexus_5596upn7k-m206fq-23ln9k-x97160yc-exnexus_5696qnexus_92160yc-xnexus_9504n77-m324fq-25lnexus_6001nexus_93108tc-fxn7k-m202cf-22ln9k-c9508-fm-rnexus_9500_supervisor_a7000_9-slotnexus_92300ycx9636c-rnexus_3232cn7k-m324fq-25lmds_9222inexus_50107700_10-slotn77-m348xp-23l7700_18-slot9432pqnexus_3264c-enexus_93240yc-fx2mds_9710nexus_3172tq-xlnexus_93180yc-exn9k-x9564pxnexus_9516n7k-m224xp-23lnexus_5672up-16gCisco NX-OS Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-1839
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 27.79%
||
7 Day CHG-0.00%
Published-21 Aug, 2019 | 18:10
Updated-20 Nov, 2024 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Remote PHY Device Software Command Injection Vulnerability

A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attacker who has valid administrator access to an affected device could exploit this vulnerability by supplying various CLI commands with crafted arguments. A successful exploit could allow the attacker to run arbitrary commands as the root user, allowing complete compromise of the system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-cbr-8_firmwareremote_phy_120remote_phy_120_firmwareremote_phy_shelf_7200_firmwareremote_phy_220_firmwarecbr-8remote_phy_220remote_phy_shelf_7200Cisco Remote PHY
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-15997
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.16% / 37.18%
||
7 Day CHG~0.00%
Published-26 Nov, 2019 | 03:41
Updated-20 Nov, 2024 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco DNA Spaces: Connector Command Injection Vulnerability

A vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to perform a command injection attack and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command. An attacker could exploit this vulnerability by including malicious input during the execution of the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-dna_spaces\Cisco DNA Spaces
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-1829
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.34% / 57.24%
||
7 Day CHG~0.00%
Published-18 Apr, 2019 | 01:15
Updated-20 Nov, 2024 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Aironet Series Access Points Command Injection Vulnerability

A vulnerability in the CLI of Cisco Aironet Series Access Points (APs) could allow an authenticated, local attacker to gain access to the underlying Linux operating system (OS) without the proper authentication. The attacker would need valid administrator device credentials. The vulnerability is due to improper validation of user-supplied input for certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input for a CLI command. A successful exploit could allow the attacker to obtain access to the underlying Linux OS without proper authentication.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-aironet_1562iaironet_1542daironet_1850eaironet_1562eaironet_1850iaironet_2800iaironet_1542iaironet_1562daironet_3800eaironet_3800paironet_2800eaironet_access_point_firmwareaironet_1800iaironet_3800iCisco Aironet Access Point Software
CWE ID-CWE-16
Not Available
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-15368
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 29.29%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperly sanitizing command arguments to prevent modifications to the underlying Linux filesystem on a device. An attacker who has privileged EXEC mode (privilege level 15) access to an affected device could exploit this vulnerability on the device by executing CLI commands that contain crafted arguments. A successful exploit could allow the attacker to gain access to the underlying Linux shell of the affected device and execute arbitrary commands with root privileges on the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-12649
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 7.70%
||
7 Day CHG~0.00%
Published-25 Sep, 2019 | 20:05
Updated-20 Nov, 2024 | 17:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability

A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install and boot a malicious software image or execute unsigned binaries on an affected device. The vulnerability exists because, under certain circumstances, an affected device can be configured to not verify the digital signatures of system image files during the boot process. An attacker could exploit this vulnerability by abusing a specific feature that is part of the device boot process. A successful exploit could allow the attacker to install and boot a malicious software image or execute unsigned binaries on the targeted device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_3850-24xs-ecatalyst_3850-32xs-ecatalyst_3850-12s-scatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_9300l-48p-4g-ecatalyst_9300l-48t-4g-ecatalyst_3850-24u-lcatalyst_3850-24p-scatalyst_9300l-24t-4g-acatalyst_3850-16xs-scatalyst_3850-48f-scatalyst_3850-24u-scatalyst_3850-48pw-scatalyst_9300l-24t-4x-acatalyst_c3850-12x48u-lcatalyst_9300l-24t-4x-ecatalyst_9300-48un-ecatalyst_9300-48p-acatalyst_9300-24s-acatalyst_9300l-24p-4g-ecatalyst_3850-48f-ecatalyst_9300l-48t-4x-acatalyst_3850-48u-lcatalyst_9300l-24p-4g-acatalyst_9300-48uxm-acatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_9300-24p-acatalyst_3850-32xs-scatalyst_9300-24t-ecatalyst_9300l-24t-4g-ecatalyst_3850-48f-lcatalyst_3850-24xu-lcatalyst_3850-48xs-ecatalyst_3850-24s-scatalyst_9300-48s-ecatalyst_9300-24u-acatalyst_3850-48t-scatalyst_9300-48p-ecatalyst_3850-24pw-scatalyst_3850-24t-scatalyst_9300lcatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_9300-48t-ecatalyst_9300-24u-ecatalyst_3850-24xu-ecatalyst_3850-48p-scatalyst_9300l-48p-4g-acatalyst_9300-48un-acatalyst_3850-48u-scatalyst_9300l-48t-4g-acatalyst_3850-16xs-eioscatalyst_9300-24p-ecatalyst_3850-48xs-f-ecatalyst_9300-48uxm-ecatalyst_9300-48t-acatalyst_3850-48p-ecatalyst_9300l-48t-4x-ecatalyst_3850-12s-ecatalyst_9300l-48p-4x-ecatalyst_3850-24p-lcatalyst_3850-48t-lcatalyst_3850-24t-ecatalyst_c3850-12x48u-ecatalyst_3850-24xs-scatalyst_9300l-48p-4x-acatalyst_9300-24s-ecatalyst_9300-48u-ecatalyst_9300-48u-acatalyst_9300-48s-acatalyst_3850-12xs-ecatalyst_3850-24u-ecatalyst_3850-48xs-sios_xecatalyst_3850-48p-lcatalyst_3850-24p-ecatalyst_3850-48xs-f-scatalyst_9300-24t-acatalyst_9300l-24p-4x-acatalyst_9300catalyst_3850-48t-ecatalyst_3850-24xu-scatalyst_9300-24ux-ecatalyst_c3850-12x48u-sCisco IOS XE Software 3.2.11aSG
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2019-12662
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 9.96%
||
7 Day CHG~0.00%
Published-25 Sep, 2019 | 20:16
Updated-20 Nov, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability

A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_93180lc-exnexus_34200yc-smnexus_56128pnexus_3172tqnx-osnexus_3548-x_firmwarenexus_93128txnexus_9336pq_aci_spinenexus_3172tq_firmwarenexus_3172pq-xl_firmwarenexus_3064-t_firmwarenexus_3524-x_firmwarenexus_9332cnexus_3132q-vnexus_7000_9-slotnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3524-xnexus_31108tc-vnexus_9348gc-fxpnexus_3172nexus_7000_10-slot_firmwarenexus_9272qnexus_56128p_firmwarenexus_93180yc-fxnexus_3548_firmwarenexus_3432d-snexus_3264q_firmwarenexus_3524nexus_7000_4-slotnexus_7700_6-slotnexus_5548p_firmwarenexus_3016nexus_92304qcnexus_5596t_firmwarenexus_7000_9-slot_firmwarenexus_3048nexus_9372tx-enexus_93360yc-fx2nexus_3524-xlnexus_5548up_firmwarenexus_9396txnexus_3432d-s_firmwarenexus_7000_10-slotnexus_3064nexus_7700_18-slot_firmwarenexus_3132q-v_firmwarenexus_5548upnexus_9396pxnexus_5672up_firmwarenexus_5596tnexus_7700_2-slotnexus_9372txnexus_5624qnexus_3264c-e_firmwarenexus_3064-tnexus_3132q-xl_firmwarenexus_3408-snexus_9372px-enexus_7000_18-slotnexus_5596up_firmwarenexus_6004_firmwarenexus_9332pqnexus_93108tc-exnexus_9508nexus_93120txnexus_31108tc-v_firmwarenexus_6004nexus_7700_6-slot_firmwarenexus_3132q_firmwarenexus_3548-xlnexus_31128pqnexus_9364cnexus_3164qnexus_3408-s_firmwarenexus_3132c-znexus_5548pnexus_5648qmds_9000nexus_34180yc_firmwarenexus_3464cnexus_93216tc-fx2nexus_3048_firmwarenexus_31128pq_firmwarenexus_3164q_firmwarenexus_5672upnexus_3524-xl_firmwarenexus_3264qnexus_7700_2-slot_firmwarenexus_34180ycnexus_3232c_firmwarenexus_9000vnexus_31108pc-vnexus_5624q_firmwarenexus_7700_18-slotnexus_5596upnexus_5696q_firmwarenexus_34200yc-sm_firmwarenexus_3464c_firmwarenexus_3064_firmwarenexus_3172tq-32t_firmwarenexus_3548nexus_3132qnexus_5648q_firmwarenexus_9372pxnexus_3524_firmwarenexus_5696qnexus_92160yc-xnexus_31108pc-v_firmwarenexus_7700_10-slotnexus_9504nexus_6001nexus_3172_firmwarenexus_93108tc-fxnexus_7000_4-slot_firmwarenexus_92300ycnexus_3172tq-xl_firmwarenexus_3232cnexus_3548-xl_firmwarenexus_6001_firmwarenexus_3264c-enexus_93240yc-fx2nexus_7700_10-slot_firmwareios_xenexus_3548-xnexus_3132q-xlnexus_3172tq-xlnexus_93180yc-exnexus_3132c-z_firmwarenexus_9236cnexus_9516nexus_3016_firmwarenexus_3172pq-xlnexus_7000_18-slot_firmwareCisco NX-OS Software 6.0(2)A1(1)
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2018-0217
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.18% / 39.96%
||
7 Day CHG~0.00%
Published-08 Mar, 2018 | 07:00
Updated-02 Dec, 2024 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to perform a command injection attack on an affected system. The vulnerability is due to insufficient validation of commands that are supplied to certain configurations in the CLI of the affected operating system. An attacker could exploit this vulnerability by injecting crafted arguments into a vulnerable CLI command for an affected system. A successful exploit could allow the attacker to insert and execute arbitrary commands in the CLI of the affected system. To exploit this vulnerability, the attacker would need to authenticate to an affected system by using valid administrator credentials. Cisco Bug IDs: CSCvg29441.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asr_5700_firmwareasr_5500_firmwareasr_5000asr_5500asr_5000_firmwareasr_5700Cisco StarOS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0477
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.80%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Command Injection Vulnerabilities

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes command arguments, failing to prevent access to certain internal data structures on an affected device. An attacker who has privileged EXEC mode (privilege level 15) access to an affected device could exploit these vulnerabilities on the device by executing CLI commands that contain custom arguments. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-20370
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.02% / 5.16%
||
7 Day CHG~0.00%
Published-23 Oct, 2024 | 17:29
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco FXOS CLI feature on specific hardware platforms for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to elevate their administrative privileges to root. The attacker would need valid administrative credentials on the device to exploit this vulnerability. This vulnerability exists because certain system configurations and executable files have insecure storage and permissions. An attacker could exploit this vulnerability by authenticating on the device and then performing a series of steps that includes downloading malicious system files and accessing the Cisco FXOS CLI to configure the attack. A successful exploit could allow the attacker to obtain root access on the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) Softwarefirepower_threat_defense_softwareadaptive_security_appliance_software
CWE ID-CWE-264
Not Available
CVE-2024-20492
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.27% / 50.24%
||
7 Day CHG~0.00%
Published-02 Oct, 2024 | 16:55
Updated-08 Oct, 2024 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Expressway Series Privilege Escalation Vulnerability

A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have Administrator-level credentials with read-write privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a series of crafted CLI commands. A successful exploit could allow the attacker to escape the restricted shell and gain root privileges on the underlying operating system of the affected device. Note: Cisco Expressway Series refers to Cisco Expressway Control (Expressway-C) devices and Cisco Expressway Edge (Expressway-E) devices.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-telepresence_video_communication_serverCisco TelePresence Video Communication Server (VCS) Expresswaytelepresence_video_communication_server
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-20411
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 13.85%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 16:27
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Bash Arbitrary Code Execution Vulnerability

A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to execute arbitrary code as root on an affected device. This vulnerability is due to insufficient security restrictions when executing commands from the Bash shell. An attacker with privileges to access the Bash shell could exploit this vulnerability by executing a specific crafted command on the underlying operating system. A successful exploit could allow the attacker to execute arbitrary code with the privileges of root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco NX-OS Softwarenx-os
CWE ID-CWE-267
Privilege Defined With Unsafe Actions
CVE-2024-20399
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.66% / 71.50%
||
7 Day CHG-0.11%
Published-01 Jul, 2024 | 16:11
Updated-28 Oct, 2025 | 13:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-07-23||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Cisco NX-OS Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root. Note: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. The following Cisco devices already allow administrative users to access the underlying operating system through the bash-shell feature, so, for these devices, this vulnerability does not grant any additional privileges: Nexus 3000 Series Switches Nexus 7000 Series Switches that are running Cisco NX-OS Software releases 8.1(1) and later Nexus 9000 Series Switches in standalone NX-OS mode

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_9804nexus_7000mds_9216inexus_3132q-xlnexus_3172pq-xlnexus_9000_in_standalone_nx-os_modenexus_31108pv-vnexus_3100vnexus_9232enexus_5548pnexus_9236cnexus_9432pqnexus_93128nexus_9500_supervisor_b\+nexus_7700_supervisor_2enexus_7702nexus_3200nexus_9316d-gxnexus_93240tc-fx2nexus_9364d-gx2anexus_34200yc-smnexus_93180yc-fx-24nexus_9500_8-slotnexus_9396pxnexus_92348gc-xnexus_7000_supervisor_2enexus_9332pqnexus_9332d-h2rnexus_5548upnexus_9272qnexus_93108tc-fx-24nexus_5000nexus_3548-xnexus_9332cnexus_5696qnexus_9332d-gx2bnexus_3100-vnexus_9536pqmds_9396snexus_5672up-16gnexus_9504mds_9506nexus_93180yc-fxnexus_5020nexus_9500_supervisor_bnexus_93108tc-fx3hnexus_7700_10-slotnexus_9336c-fx2-enexus_9396txnexus_3132q-xmds_9500nexus_3524-x\/xlmds_9148nexus_93180lc-exnexus_7700_supervisor_3enexus_3500nexus_31108pc-vnexus_7700_6-slotnexus_3172tq-xlnexus_7000_supervisor_2nexus_9200nexus_93216tc-fx2nexus_9500_supervisor_anexus_9808nexus_5500nexus_9364c-gxnexus_9336pq_acinexus_3524-xlnexus_3264qnexus_3264c-enexus_3064-32tnexus_3400nexus_3172pq\/pq-xlnexus_56128pmds_9700mds_9148tnexus_3164qnexus_3132qnexus_9508nexus_3132q-vnexus_3064xnexus_92160yc-xnexus_93108tc-fx3pnexus_93180yc-fx3nexus_3548-xlnexus_31108tc-vmds_9706nexus_3000nexus_3100nexus_5596upnexus_93180tc-exnexus_9348gc-fxpnexus_93108tc-fxnexus_31128pqnexus_7700_18-slotnexus_7010mds_9148snexus_5672upnexus_3548mds_9216anexus_93108tc-exnexus_93180yc-exmds_9200nexus_92300ycnexus_5648qnexus_7018nexus_36180yc-rmds_9250inexus_3172nexus_93240yc-fx2nexus_3172pqnexus_3464cnexus_93180yc-ex-24nexus_7700nexus_7718nexus_9500_4-slotnexus_9000mds_9222inexus_7700_2-slotnexus_9500mds_9132tnexus_9000vnexus_3064-xnexus_9516nexus_7004nexus_3636c-rnexus_7000_4-slotnexus_9000_in_standalonenexus_92304qcnexus_9348d-gx2anexus_3600nexus_3524-xnexus_7009nexus_9221cnexus_9408nexus_9000_in_aci_modenexus_3172tq-32tnexus_7706nexus_9300nexus_7710nexus_9500rnexus_9348gc-fx3nexus_3232c_nexus_5624qnexus_9336pqnexus_3232nx-osnexus_9336c-fx2nexus_3100-zmds_9216nexus_7000_supervisor_1nexus_93180yc-fx3snexus_9736pqnexus_5600mds_9710mds_9140nexus_7000_18-slotmds_9513nexus_9372tx-enexus_9500_supervisor_a\+nexus_3524nexus_9372pxmds_9100nexus_3064tnexus_3408-snexus_93108tc-ex-24nexus_9636pqmds_9396tnexus_7000_9-slotnexus_3132c-znexus_7000_10-slotnexus_9372txnexus_93600cd-gxnexus_9800nexus_3132q-x\/3132q-xlmds_9000nexus_93180yc-fx3hnexus_3432d-snexus_5010mds_9134nexus_9500_16-slotnexus_93128txnexus_9200ycnexus_3048nexus_93120txmds_9718nexus_93360yc-fx2nexus_9372px-enexus_34180ycnexus_9716d-gxnexus_9336pq_aci_spinemds_9509nexus_3016qnexus_3232cnexus_3064-tnexus_3064nexus_3016nexus_9364cnexus_3548-x\/xlnexus_5596tnexus_3172tqCisco NX-OS Softwarenx-osNX-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-20456
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.00%
||
7 Day CHG~0.00%
Published-10 Jul, 2024 | 16:06
Updated-04 Aug, 2025 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Cisco Secure Boot functionality and load unverified software on an affected device. To exploit this successfully, the attacker must have root-system privileges on the affected device. This vulnerability is due to an error in the software build process. An attacker could exploit this vulnerability by manipulating the system’s configuration options to bypass some of the integrity checks that are performed during the booting process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass of the requirement to run Cisco signed images or alter the security properties of the running system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-8201-32fh-oncs_540x-4z14g2q-ancs_540x-8z16g-sys-ancs_1010ncs_540-24q8l2dd-sysncs_540x-4z14g2q-d8122-64ehf-oncs_540-acc-sys8212-48fh-m8711-32fh-m8111-32eh-o8101-32fh-oncs_540-24q2c2dd-sysncs_540x-16z8q2c-d8808ncs_540-12z20g-sys-aios_xrncs_540-24z8q2c-sys870082028122-64eh-oncs_540-12z20g-sys-d8202-32fh-mncs_57b1-5dse-sys8608ncs_1014ncs_540-fh-csr-sysncs_540-28z4c-sys-ancs_540x-6z18g-sys-a8102-64h-oncs_57d2-18dd-sysncs_540x-16z4g8q2c-a8101-32h-oncs_540x-acc-sys88128404ncs_540-28z4c-sys-d8011-4g24y4h-i8101-32fhncs_540-6z14s-sys-dncs_540-6z18g-sys-dncs_57c1-48q6-sys8818ncs_540x-12z16g-sys-a8201-24h8fh8102-64h8501-sys-mtncs_540x-6z18g-sys-dncs_540-fh-agg88048201ncs_540-6z18g-sys-ancs_540x-16z4g8q2c-d8712-mod-m8102-28fh-dpu-o8201-32fhncs_540x-12z16g-sys-dncs_57b1-6d24-sysncs_540x-8z16g-sys-dCisco IOS XR Softwareios_xr_software
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-20485
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.04% / 11.18%
||
7 Day CHG~0.00%
Published-23 Oct, 2024 | 17:52
Updated-01 Nov, 2024 | 19:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability is due to improper validation of a specific file when it is read from system flash memory. An attacker could exploit this vulnerability by restoring a crafted backup file to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device after the next reload of the device, which could alter system behavior. Because the injected code could persist across device reboots, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defense_softwareadaptive_security_appliance_softwareCisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) Softwarefirepower_threat_defense_softwareadaptive_security_appliance_software
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-20306
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.02% / 7.19%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 16:58
Updated-30 Jul, 2025 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Unified Threat Defense (UTD) configuration CLI of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying host operating system. To exploit this vulnerability, an attacker must have level 15 privileges on the affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting a crafted CLI command to an affected device. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Softwareios_xe
CWE ID-CWE-233
Improper Handling of Parameters
CVE-2024-20413
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 14.00%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 16:27
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Bash Privilege Escalation Vulnerability

A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to elevate privileges to network-admin on an affected device. This vulnerability is due to insufficient security restrictions when executing application arguments from the Bash shell. An attacker with privileges to access the Bash shell could exploit this vulnerability by executing crafted commands on the underlying operating system. A successful exploit could allow the attacker to create new users with the privileges of network-admin.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco NX-OS Softwarenx-os
CWE ID-CWE-862
Missing Authorization
CVE-2024-20358
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.03% / 7.65%
||
7 Day CHG~0.00%
Published-24 Apr, 2024 | 19:38
Updated-04 Mar, 2026 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability exists because the contents of a backup file are improperly sanitized at restore time. An attacker could exploit this vulnerability by restoring a crafted backup file to an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system as root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defense_softwareadaptive_security_appliance_softwareCisco Secure Firewall Adaptive Security Appliance (ASA) SoftwareCisco Secure Firewall Threat Defense (FTD) Softwareadaptive_security_appliance
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-20461
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.11% / 29.73%
||
7 Day CHG~0.00%
Published-16 Oct, 2024 | 16:16
Updated-22 Oct, 2024 | 18:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection Vulnerability

A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit this vulnerability by sending malicious characters to the CLI. A successful exploit could allow the attacker to read and write to the underlying operating system as the root user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ata_192_firmwareata_191_firmwareata_192ata_191Cisco Analog Telephone Adaptor (ATA) Softwareata_190_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-20359
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.14% / 33.62%
||
7 Day CHG~0.00%
Published-24 Apr, 2024 | 18:16
Updated-28 Oct, 2025 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-05-01||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability is due to improper validation of a file when it is read from system flash memory. An attacker could exploit this vulnerability by copying a crafted file to the disk0: file system of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device after the next reload of the device, which could alter system behavior. Because the injected code could persist across device reboots, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliance_softwarefirepower_threat_defenseCisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) Softwareasafirepower_threat_defense_softwareAdaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-20282
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.05% / 16.53%
||
7 Day CHG~0.00%
Published-03 Apr, 2024 | 16:20
Updated-07 May, 2025 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this vulnerability by using this token to access resources within the device infrastructure. A successful exploit could allow an attacker to gain root access to the filesystem or hosted containers on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_dashboardCisco Nexus Dashboardnexus_dashboard
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-20908
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.03% / 7.70%
||
7 Day CHG~0.00%
Published-21 Jul, 2022 | 03:50
Updated-01 Nov, 2024 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Nexus Dashboard Privilege Escalation Vulnerabilities

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_dashboardCisco Nexus Dashboard
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE ID-CWE-20
Improper Input Validation
CVE-2022-20907
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.02% / 6.33%
||
7 Day CHG~0.00%
Published-21 Jul, 2022 | 03:50
Updated-01 Nov, 2024 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Nexus Dashboard Privilege Escalation Vulnerabilities

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these vulnerabilities by authenticating as the rescue-user and executing vulnerable CLI commands using a malicious payload. A successful exploit could allow the attacker to elevate privileges to root on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_dashboardCisco Nexus Dashboard
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-20727
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.53% / 67.80%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 14:20
Updated-16 Sep, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOx Application Hosting Environment Vulnerabilities

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeiosic3000_industrial_compute_gatewaycgr1000_compute_moduleir510_operating_systemCisco IOS
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-20665
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.11% / 29.27%
||
7 Day CHG~0.00%
Published-06 Apr, 2022 | 18:13
Updated-06 Nov, 2024 | 16:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco StarOS Command Injection Vulnerability

A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-starosultra_cloud_coreasr_5500asr_5700Cisco ASR 5000 Series Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-3602
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.12% / 31.18%
||
7 Day CHG~0.00%
Published-08 Oct, 2020 | 04:21
Updated-13 Nov, 2024 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco StarOS Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-starosasr_5500asr_5700Cisco ASR 5000 Series Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3393
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.10% / 28.09%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:02
Updated-19 Dec, 2024 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software IOx Application Hosting Privilege Escalation Vulnerability

A vulnerability in the application-hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. The attacker could execute IOS XE commands outside the application-hosting subsystem Docker container as well as on the underlying Linux operating system. These commands could be run as the root user. The vulnerability is due to a combination of two factors: (a) incomplete input validation of the user payload of CLI commands, and (b) improper role-based access control (RBAC) when commands are issued at the command line within the application-hosting subsystem. An attacker could exploit this vulnerability by using a CLI command with crafted user input. A successful exploit could allow the lower-privileged attacker to execute arbitrary CLI commands with root privileges. The attacker would need valid user credentials to exploit this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_c9200l-48pxg-4x1100-6g_integrated_services_routercatalyst_c9407rcatalyst_c9300-48pws-c3650-24td4331_integrated_services_routercatalyst_c9500-16x4461_integrated_services_routercatalyst_c9200-24pasr_1000-xws-c3850catalyst_c9200l-48pxg-2ycatalyst_c9200l-48t-4g111x_integrated_services_routercatalyst_9800-lasr_1013catalyst_c9300l-48p-4xcatalyst_c9500-24y4ccatalyst_c9200l-24t-4gws-c3650-24psasr1001-hxcatalyst_9800-clws-c3650-48tqcatalyst_c9200l-48p-4gws-c3650-12x48uzws-c3850-48xs1160_integrated_services_routercatalyst_c9300l-24t-4g1100-lte_integrated_services_routercatalyst_c9200l-24pxg-2yws-c3850-24ucatalyst_9800-801109_integrated_services_routercatalyst_c9200l-24p-4xcatalyst_c9300l-24p-4xcatalyst_c9300l-48p-4gws-c3650-48pd1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_c9300-48uxmcatalyst_9800-401101-4p_integrated_services_router1100-4p_integrated_services_routercatalyst_c9500-40xasr_1006ws-c3850-24xsasr1002-hx-wscatalyst_c9200-24tws-c3650-24pdm1101_integrated_services_router1100-4gltegb_integrated_services_router4451_integrated_services_routerws-c3650-48fqmws-c3850-48tcatalyst_c9200l-48p-4xcatalyst_c9410rcatalyst_c9300-24pasr1001-hx-rfws-c3650-24pdws-c3650-48fsws-c3850-48pws-c3850-24pcatalyst_c9300-48u1100-4gltena_integrated_services_router1100_integrated_services_routerws-c3650-8x24uqcatalyst_9800-l-cws-c3650-48tscatalyst_c9300-48tcatalyst_c9500-12qcatalyst_c9500-24qws-c3650-12x48urcatalyst_c9200-48tcatalyst_c9300-24sasr1002-x-rfws-c3650-12x48uqws-c3650-48tdasr_1001asr1002-hx4221_integrated_services_routercatalyst_c9404rws-c3850-12x48ucatalyst_c9300-24ucatalyst_c9200l-48t-4xws-c3650-48fdasr1002-x-wscatalyst_c9500-32casr_1002-xcatalyst_c9300l-24p-4gws-c3850-12scatalyst_c9500-32qcasr1002-hx-rfws-c3850-48ucatalyst_c9200l-24p-4gcatalyst_c9300-48sws-c3650-48fqws-c3850-48fws-c3850-24xucatalyst_c9300l-48t-4xws-c3650-48ps1109-2p_integrated_services_routerws-c3850-24tasr_1002catalyst_c9300l-24t-4xcatalyst_9800-l-fws-c3650-24tsasr_1004catalyst_c9200-48p1120_integrated_services_routercatalyst_c9300-48uncatalyst_c9200l-24t-4xasr1001-x-rfws-c3650-48pqcatalyst_c9300-24t4431_integrated_services_routercatalyst_c9200l-24pxg-4xasr1001-x-wscsr_1000vios_xecatalyst_c9300l-48t-4g1111x-8p_integrated_services_routercatalyst_c9500-48y4c1100-8p_integrated_services_routerws-c3850-24s1109-4p_integrated_services_routercatalyst_c9300-24uxasr_1001-xws-c3850-12xsCisco IOS XE Software
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-20
Improper Input Validation
CVE-2024-20469
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.12% / 30.60%
||
7 Day CHG~0.00%
Published-04 Sep, 2024 | 16:28
Updated-25 Sep, 2025 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Command Injection Vulnerability

A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid Administrator privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Softwareidentity_services_engine_software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20167
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.28% / 51.88%
||
7 Day CHG-0.28%
Published-18 May, 2023 | 00:00
Updated-28 Oct, 2024 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Path Traversal Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-24
Path Traversal: '../filedir'
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-20339
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.03% / 9.98%
||
7 Day CHG~0.00%
Published-24 Sep, 2025 | 16:40
Updated-24 Sep, 2025 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN vEdge Software Access Control List Bypass Vulnerability

A vulnerability in the access control list (ACL) processing of IPv4 packets of Cisco SD-WAN vEdge Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the improper enforcement of the implicit deny all at the end of a configured ACL. An attacker could exploit this vulnerability by attempting to send unauthorized traffic to an interface on an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco SD-WAN vEdge CloudCisco SD-WAN vEdge Router
CWE ID-CWE-284
Improper Access Control
CVE-2021-1389
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.38% / 59.95%
||
7 Day CHG~0.00%
Published-04 Feb, 2021 | 16:40
Updated-08 Nov, 2024 | 23:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR and Cisco NX-OS Software IPv6 Access Control List Bypass Vulnerability

A vulnerability in the IPv6 traffic processing of Cisco IOS XR Software and Cisco NX-OS Software for certain Cisco devices could allow an unauthenticated, remote attacker to bypass an IPv6 access control list (ACL) that is configured for an interface of an affected device. The vulnerability is due to improper processing of IPv6 traffic that is sent through an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 packets that traverse the affected device. A successful exploit could allow the attacker to access resources that would typically be protected by the interface ACL.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ncs_5502-sencs_5508ncs_5501ncs_540ncs_560nx-osncs_5516nexus_9500_rnexus_3600ios_xrncs_5502ncs_5501-seCisco IOS XR Software
CWE ID-CWE-284
Improper Access Control
CVE-2025-20190
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 22.69%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 17:34
Updated-31 Jul, 2025 | 15:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the lobby ambassador web interface of Cisco IOS XE Wireless Controller Software could allow an authenticated, remote attacker to remove arbitrary users that are defined on an affected device. This vulnerability is due to insufficient access control of actions executed by lobby ambassador users. An attacker could exploit this vulnerability by logging in to an affected device with a lobby ambassador user account and sending crafted HTTP requests to the API. A successful exploit could allow the attacker to delete arbitrary user accounts on the device, including users with administrative privileges. Note: This vulnerability is exploitable only if the attacker obtains the credentials for a lobby ambassador account. This account is not configured by default.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xecatalyst_9130axecatalyst_9800-40catalyst_9120axpcatalyst_cw9800h2catalyst_9800-80catalyst_9800-lcatalyst_cw9800mcatalyst_9130axicatalyst_9800-cl_wireless_controllers_for_cloudcatalyst_9115axicatalyst_9117axicatalyst_9120axecatalyst_9105axicatalyst_cw9800h1catalyst_9115axecatalyst_9120axiCisco IOS XE Software
CWE ID-CWE-284
Improper Access Control
CVE-2025-20153
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.13% / 32.44%
||
7 Day CHG~0.00%
Published-19 Feb, 2025 | 16:06
Updated-31 Jul, 2025 | 12:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco ESA mail Bypass

A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device.   This vulnerability is due to improper handling of email that passes through an affected device. An attacker could exploit this vulnerability by sending a crafted email through the affected device. A successful exploit could allow the attacker to bypass email filters on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_email_gatewayCisco Secure Email
CWE ID-CWE-284
Improper Access Control
CVE-2025-20335
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.05% / 15.50%
||
7 Day CHG~0.00%
Published-03 Sep, 2025 | 17:41
Updated-05 Jan, 2026 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Arbitrary File Write Vulnerability

A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to a lack of proper authentication controls. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to perform arbitrary file writes to specific directories in the underlying operating system. Note: To exploit this vulnerability, Web Access must be enabled on the phone. Web Access is disabled by default.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-desk_phone_9871ip_phone_7821ip_phone_8861_firmwareip_phone_7841ip_phone_7821_firmwareip_phone_8851nr_firmwareip_phone_7841_firmwaredesk_phone_9841ip_phone_8851_firmwareip_phone_7811_firmwareip_phone_8841ip_phone_8865_firmwaredesk_phone_9861desk_phone_9851_firmwaredesk_phone_9851desk_phone_9841_firmwareip_phone_8861ip_phone_7811ip_phone_8845ip_phone_7861ip_phone_7861_firmwareip_phone_8851ip_phone_8841_firmwareip_phone_8845_firmwareip_phone_8811video_phone_8875ip_phone_8865desk_phone_9871_firmwaredesk_phone_9861_firmwareip_phone_8811_firmwareip_phone_8851nrip_phone_8821_firmwarevideo_phone_8875_firmwareip_phone_8821Cisco Session Initiation Protocol (SIP) Software
CWE ID-CWE-284
Improper Access Control
CVE-2025-20316
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.03% / 9.98%
||
7 Day CHG~0.00%
Published-24 Sep, 2025 | 17:16
Updated-26 Sep, 2025 | 14:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the access control list (ACL) programming of Cisco IOS XE Software for Cisco Catalyst 9500X and 9600X Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL on an affected device. This vulnerability is due to the flooding of traffic from an unlearned MAC address on a switch virtual interface (SVI) that has an egress ACL applied. An attacker could exploit this vulnerability by causing the VLAN to flush its MAC address table. This condition can also occur if the MAC address table is full. A successful exploit could allow the attacker to bypass an egress ACL on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco IOS XE Software
CWE ID-CWE-284
Improper Access Control
CVE-2025-20242
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 8.62%
||
7 Day CHG~0.00%
Published-21 May, 2025 | 16:35
Updated-11 Jul, 2025 | 15:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cloud Connect component of Cisco Unified Contact Center Enterprise (CCE) could allow an unauthenticated, remote attacker to read and modify data on an affected device. This vulnerability is due to a lack of proper authentication controls. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port on an affected device. A successful exploit could allow the attacker to read or modify data on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unified_contact_center_enterpriseCisco Unified Contact Center Enterprise
CWE ID-CWE-284
Improper Access Control
CVE-2025-20159
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 13.78%
||
7 Day CHG~0.00%
Published-10 Sep, 2025 | 16:06
Updated-11 Sep, 2025 | 17:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Management Interface ACL Bypass Vulnerability

A vulnerability in the management interface access control list (ACL) processing feature in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass configured ACLs for the SSH, NetConf, and gRPC features. This vulnerability exists because management interface ACLs have not been supported on Cisco IOS XR Software Packet I/O infrastructure platforms for Linux-handled features such as SSH, NetConf, or gRPC. An attacker could exploit this vulnerability by attempting to send traffic to an affected device. A successful exploit could allow the attacker to bypass an ingress ACL that is applied on the management interface of the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco IOS XR Software
CWE ID-CWE-284
Improper Access Control
CVE-2025-20341
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.26% / 49.96%
||
7 Day CHG+0.01%
Published-13 Nov, 2025 | 16:18
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Catalyst Center Privilege Escalation Vulnerability

A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected system. A successful exploit could allow the attacker to perform unauthorized modifications to the system, including creating new user accounts or elevating their own privileges on an affected system. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Digital Network Architecture Center (DNA Center)
CWE ID-CWE-284
Improper Access Control
CVE-2025-20219
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 13.78%
||
7 Day CHG~0.00%
Published-14 Aug, 2025 | 16:28
Updated-15 Aug, 2025 | 13:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Access Control Bypass Vulnerability

A vulnerability in the implementation of access control rules for loopback interfaces in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send traffic that should have been blocked to a loopback interface. This vulnerability is due to improper enforcement of access control rules for loopback interfaces. An attacker could exploit this vulnerability by sending traffic to a loopback interface on an affected device. A successful exploit could allow the attacker to bypass configured access control rules and send traffic that should have been blocked to a loopback interface on the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Adaptive Security Appliance (ASA) SoftwareCisco Firepower Threat Defense Software
CWE ID-CWE-284
Improper Access Control
CVE-2025-20223
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.27% / 50.42%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 17:37
Updated-23 Jul, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device. This vulnerability is due to insufficient enforcement of access control on HTTP requests. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_centerCisco Digital Network Architecture Center (DNA Center)
CWE ID-CWE-284
Improper Access Control
CVE-2025-20131
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 17.39%
||
7 Day CHG~0.00%
Published-20 Aug, 2025 | 16:26
Updated-22 Aug, 2025 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Arbitrary File Upload Vulnerability

A vulnerability in the GUI of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload using the Cisco ISE GUI. A successful exploit could allow the attacker to upload arbitrary files to an affected system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Identity Services Engine Software
CWE ID-CWE-284
Improper Access Control
CVE-2025-20144
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4||MEDIUM
EPSS-0.03% / 7.68%
||
7 Day CHG~0.00%
Published-12 Mar, 2025 | 16:12
Updated-04 Aug, 2025 | 12:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Access Control List Bypass Vulnerability

A vulnerability in the hybrid access control list (ACL) processing of IPv4 packets in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect handling of packets when a specific configuration of the hybrid ACL exists. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass a configured ACL on the affected device. For more information, see the section of this advisory. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ncs_540x-4z14g2q-ancs_540x-8z16g-sys-ancs_540-24q8l2dd-sysncs_540x-4z14g2q-dncs_540-acc-sysncs_540-24q2c2dd-sysncs_540x-16z8q2c-dncs_57c3-mod-sysncs_540-12z20g-sys-aios_xrncs_540-24z8q2c-sysncs_5501-sencs_5508ncs_540-12z20g-sys-dncs_5502ncs_57b1-5dse-sysncs_540-fh-csr-sysncs_540-28z4c-sys-ancs_540x-6z18g-sys-ancs_57d2-18dd-sysncs_540x-16z4g8q2c-ancs_540x-acc-sysncs_5501ncs_540-28z4c-sys-dncs_540-6z18g-sys-dncs_540-6z14s-sys-dncs_57c1-48q6-sysncs_540x-12z16g-sys-ancs_560-7ncs_5502-sencs_540x-6z18g-sys-dncs_560-4ncs_5516ncs_540-fh-aggncs_540-6z18g-sys-ancs_540x-16z4g8q2c-dncs_540x-12z16g-sys-dncs_57b1-6d24-sysncs_540x-8z16g-sys-dCisco IOS XR Software
CWE ID-CWE-284
Improper Access Control
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • Next
Details not found