Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-20040

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-11 Mar, 2026 | 16:31
Updated At-12 Mar, 2026 | 03:55
Rejected At-
Credits

Cisco IOS XR Software CLI Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root and execute arbitrary commands on the underlying operating system.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:11 Mar, 2026 | 16:31
Updated At:12 Mar, 2026 | 03:55
Rejected At:
â–¼CVE Numbering Authority (CNA)
Cisco IOS XR Software CLI Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root and execute arbitrary commands on the underlying operating system.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco IOS XR Software
Default Status
unknown
Versions
Affected
  • 6.5.3
  • 6.5.29
  • 6.5.1
  • 6.6.1
  • 6.5.2
  • 6.5.92
  • 6.5.15
  • 6.6.2
  • 7.0.1
  • 6.6.25
  • 6.5.26
  • 6.6.11
  • 6.5.25
  • 6.5.28
  • 6.5.93
  • 6.6.12
  • 6.5.90
  • 7.1.1
  • 7.0.90
  • 6.6.3
  • 6.7.1
  • 7.0.2
  • 7.1.15
  • 7.2.1
  • 7.1.2
  • 6.7.2
  • 7.0.11
  • 7.0.12
  • 7.0.14
  • 7.1.25
  • 6.6.4
  • 7.2.12
  • 7.3.1
  • 7.1.3
  • 6.7.3
  • 7.4.1
  • 7.2.2
  • 6.7.4
  • 6.5.31
  • 7.3.15
  • 7.3.16
  • 6.8.1
  • 7.4.15
  • 6.5.32
  • 7.3.2
  • 7.5.1
  • 7.4.16
  • 7.3.27
  • 7.6.1
  • 7.5.2
  • 7.8.1
  • 7.6.15
  • 7.5.12
  • 7.8.12
  • 7.3.3
  • 7.7.1
  • 6.8.2
  • 7.3.4
  • 7.4.2
  • 6.7.35
  • 6.9.1
  • 7.6.2
  • 7.5.3
  • 7.7.2
  • 6.9.2
  • 7.9.1
  • 7.10.1
  • 7.8.2
  • 7.5.4
  • 6.5.33
  • 7.8.22
  • 7.7.21
  • 7.9.2
  • 7.3.5
  • 7.5.5
  • 7.11.1
  • 7.9.21
  • 7.10.2
  • 24.1.1
  • 7.6.3
  • 7.3.6
  • 7.5.52
  • 7.11.2
  • 24.2.1
  • 24.1.2
  • 24.2.11
  • 24.3.1
  • 24.4.1
  • 24.2.2
  • 7.8.23
  • 7.11.21
  • 24.2.20
  • 24.3.2
  • 24.4.10
  • 6.5.35
  • 25.1.1
  • 24.4.2
  • 24.3.20
  • 24.4.15
  • 25.2.1
  • 6.5.351
  • 25.1.2
  • 24.3.30
  • 25.3.1
  • 6.5.352
  • 24.4.30
  • 24.2.21
  • 25.4.1
  • 25.2.2
  • 25.2.15
  • 7.2.0
  • 7.0.0
  • 25.2.30
  • 6.5.353
  • 25.1.30
  • 25.3.15
Problem Types
TypeCWE IDDescription
cweCWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Type: cwe
CWE ID: CWE-78
Description: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privesc-bF8D5U4W
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privesc-bF8D5U4W
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@cisco.com
Published At:11 Mar, 2026 | 17:16
Updated At:12 Mar, 2026 | 21:08

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root and execute arbitrary commands on the underlying operating system.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-78Primarypsirt@cisco.com
CWE ID: CWE-78
Type: Primary
Source: psirt@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privesc-bF8D5U4Wpsirt@cisco.com
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privesc-bF8D5U4W
Source: psirt@cisco.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

270Records found
CVE-2023-20175
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.10% / 26.61%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 17:13
Updated-16 Dec, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Read-only-level privileges or higher on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-20655
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.40% / 60.75%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 15:56
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of this process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privilege level of ConfD, which is commonly root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco SD-WAN vEdge RouterCisco Ultra Gateway PlatformCisco IOS XE Catalyst SD-WANCisco Network Services OrchestratorCisco Carrier Packet TransportCisco Enterprise NFV Infrastructure SoftwareCisco Catalyst SD-WAN ManagerCisco IOS XR SoftwareCisco Virtual Topology System (VTS)Cisco Catalyst SD-WANvirtual_topology_systemnetwork_services_orchestratorsd-wan_vedge_routerenterprise_nfv_infrastructure_softwareios_xe_catalyst_sd-wanios_xr_softwarecarrier_packet_transportcatalyst_sd-wan_manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-20138
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.04% / 13.25%
||
7 Day CHG~0.00%
Published-12 Mar, 2025 | 16:12
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software CLI Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root and execute arbitrary commands.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-20398
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.24% / 46.61%
||
7 Day CHG~0.00%
Published-11 Sep, 2024 | 16:38
Updated-03 Oct, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Local Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Softwareios_xr_software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-20295
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.45% / 63.74%
||
7 Day CHG~0.00%
Published-24 Apr, 2024 | 19:41
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have read-only or higher privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Unified Computing System (Standalone)Cisco Unified Computing System E-Series Software (UCSE)unified_computing_system
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20038
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.04% / 13.10%
||
7 Day CHG~0.00%
Published-19 Jan, 2023 | 01:34
Updated-28 Oct, 2024 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local attacker to access a static secret key used to store both local data and credentials for accessing remote systems. This vulnerability is due to a static key value stored in the application used to encrypt application data and remote credentials. An attacker could exploit this vulnerability by gaining local access to the server Cisco Industrial Network Director is installed on. A successful exploit could allow the attacker to decrypt data allowing the attacker to access remote systems monitored by Cisco Industrial Network Director.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-industrial_network_directorCisco Industrial Network Director
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-3234
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.05% / 14.04%
||
7 Day CHG~0.00%
Published-03 Jun, 2020 | 17:55
Updated-15 Nov, 2024 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Static Credentials Vulnerability

A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated but low-privileged, local attacker to log in to the Virtual Device Server (VDS) of an affected device by using a set of default credentials. The vulnerability is due to the presence of weak, hard-coded credentials. An attacker could exploit this vulnerability by authenticating to the targeted device and then connecting to VDS through the device’s virtual console by using the static credentials. A successful exploit could allow the attacker to access the Linux shell of VDS as the root user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios11201240829809Cisco IOS 12.2(60)EZ16
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-3115
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.14% / 34.10%
||
7 Day CHG~0.00%
Published-26 Jan, 2020 | 04:31
Updated-15 Nov, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Solution Local Privilege Escalation Vulnerability

A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges to root-level privileges on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted file to the affected system. An exploit could allow the attacker to elevate privileges to root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_100mvedge-5000vedge-100bvedge-2000sd-wan_firmwarevedge-100vedge-1000vedge_100wmCisco SD-WAN Solution
CWE ID-CWE-264
Not Available
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-20046
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.03% / 8.28%
||
7 Day CHG~0.00%
Published-11 Mar, 2026 | 16:31
Updated-12 Mar, 2026 | 21:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software CLI Privilege Escalation Vulnerability

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due to incorrect mapping of a command to task groups within the source code. An attacker with a low-privileged account could exploit this vulnerability by using the CLI command to bypass the task group–based checks. A successful exploit could allow the attacker to elevate privileges and perform actions on an affected device without authorization checks.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco IOS XR Software
CVE-2024-20284
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 28.10%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 16:37
Updated-17 Oct, 2024 | 15:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Python Parser Escape Vulnerability

A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.  Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-n9k-c9232cn9k-c92348gc-xnexus_34200yc-smnexus_93108tc-ex_switchnexus_93180lc-exnexus_3132q-xnexus_3172tqnx-osnexus_3200nexus_3636c-rnexus_9396tx_switchn9k-sup-bnexus_93128txnexus_9336pq_aci_spinenexus_9372tx_switchnexus_9336pq_aci_spine_switchn9k-c9372pxnexus_9336pq_acin9k-x9732c-fxnexus_92160yc_switchn9k-c9504-fm-rnexus_9432pqn9k-c92304qcnexus_9364d-gx2anexus_3016qnexus_3132q-vnexus_9332cnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3524-xn9k-c93216tc-fx2nexus_31108tc-vnexus_9372px-e_switchnexus_9636pqnexus_9348gc-fxpnexus_3172nexus_9808nexus_9272qnexus_9500_supervisor_b\+nexus_9500_4-slotn9k-sc-anexus_93120tx_switchnexus_93180yc-fxnexus_3432d-sn9k-sup-b\+n9k-c93108tc-fxn9k-c93360yc-fx2nexus_3232nexus_3000n9k-x9736c-fxnexus_3524nexus_9000_in_standalonen9k-x9736c-exnexus_3548-x\/xlnexus_9332d-gx2bnexus_3016nexus_9364c-h1nexus_9804n9k-c9372txnexus_92304qcn9k-c9396pxnexus_93108tc-fx-24nexus_93240tc-fx2nexus_9000_in_standalone_nx-os_modenexus_9500_supervisor_bnexus_9500_8-slotn9k-c9316d-gxnexus_3100nexus_3048nexus_9348gc-fx3phnexus_3500_platformnexus_9372tx-enexus_93360yc-fx2nexus_3524-xln9k-c93180yc-fxnexus_9396txn9k-c9348gc-fxpnexus_3232c_nexus_92300yc_switchnexus_3064n9k-c93128txnexus_9716d-gxnexus_3500n9k-x9788tc-fxn9k-c93600cd-gxnexus_9336c-fx2-en9k-c93240yc-fx2n9k-x9564txnexus_9396pxn9k-c93108tc-exn9k-c9372tx-en9k-x9464pxnexus_9221cn9k-c9336c-fx2nexus_3132q-x\/3132q-xlnexus_9372txnexus_9348d-gx2an9k-x9432c-snexus_3064-tnexus_93600cd-gxnexus_3408-snexus_9536pqnexus_9372px-enexus_9336pqnexus_3600nexus_9372tx-e_switchn9k-x9636c-rnexus_3400n9k-c9364c-gxnexus_9332pqnexus_93108tc-exnexus_9508nexus_3100-vn9k-c9236cnexus_92304qc_switchnexus_93120txn9k-x9400-8dnexus_9316d-gxnexus_3524-x\/xln9k-c9332d-gx2bnexus_9504_switchnexus_9408nexus_3100-zn9k-sup-an9k-c9332pqn9k-x9464tx2n9k-c93180yc-exn9k-c9348d-gx2an9k-x96136yc-rnexus_31128pqn9k-x9636q-rnexus_3548-xlnexus_93180yc-fx3snexus_3164qnexus_9364cnexus_93400ld-h1nexus_9800nexus_3132c-znexus_3172pq\/pq-xln9k-x97284yc-fxn9k-c9364d-gx2an9k-c9272qn9k-x9732c-exnexus_93180yc-fx-24nexus_3464cn9k-c9396txnexus_93216tc-fx2nexus_9232enexus_36180yc-rn9k-c9504nexus_93180tc-exnexus_3264qnexus_34180ycnexus_9000vnexus_9300nexus_31108pc-vn9k-x9400-22ln9k-x9636c-rxnexus_9500_supervisor_a\+nexus_3064-32tn9k-c93120txn9k-c93180yc2-fxnexus_93180yc-fx3nexus_9508_switchnexus_93180yc-ex-24n9k-c9516n9k-c9508nexus_3100vnexus_3548nexus_9736pqnexus_9396px_switchnexus_3132qn9k-c9372px-en9k-x9400-16wn9k-x97160yc-exnexus_9000_in_aci_modenexus_9372pxnexus_9364c-gxn9k-c9332cnexus_92160yc-xnexus_93180lc-ex_switchnexus_9372px_switchnexus_3000_seriesnexus_93108tc-ex-24nexus_9332pq_switchn9k-c92300ycnexus_9500_16-slotnexus_3064xnexus_9000nexus_31108pv-vnexus_9236c_switchnexus_9500nexus_93108tc-fx3pnexus_9504nexus_93108tc-fxnexus_3064tn9k-c9508-fm-rnexus_9500_supervisor_anexus_9800_34-port_100g_and_14-port_400g_line_cardnexus_92300ycnexus_3172pqnexus_3064-xnexus_9272q_switchnexus_3232cnexus_9200ycnexus_9200nexus_93180yc-ex_switchnexus_93108tc-fx3nexus_9348gc-fx3nexus_9800_36-port_400g_line_cardn9k-c9364cnexus_93128tx_switchnexus_3264c-enexus_93240yc-fx2n9k-c92160yc-xnexus_3548-xnexus_3132q-xlnexus_3172tq-xlnexus_93180yc-exnexus_9516_switchnexus_9332d-h2rnexus_93128nexus_93108tc-fx3hn9k-c93180lc-exnexus_9236cn9k-sup-a\+n9k-x9564pxnexus_93180yc-fx3hnexus_9516nexus_3172pq-xlnexus_9500rCisco NX-OS Software
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2024-20285
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 28.10%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 16:37
Updated-22 Oct, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Python Parser Escape Vulnerability

A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.  Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-n9k-c9232cn9k-c92348gc-xnexus_34200yc-smnexus_93108tc-ex_switchnexus_93180lc-exnexus_3132q-xnexus_3172tqnx-osnexus_3200nexus_3636c-rnexus_9396tx_switchn9k-sup-bnexus_93128txnexus_9336pq_aci_spinenexus_9372tx_switchnexus_9336pq_aci_spine_switchn9k-c9372pxnexus_9336pq_acin9k-x9732c-fxnexus_92160yc_switchn9k-c9504-fm-rnexus_9432pqn9k-c92304qcnexus_9364d-gx2anexus_3016qnexus_3132q-vnexus_9332cnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3524-xn9k-c93216tc-fx2nexus_31108tc-vnexus_9372px-e_switchnexus_9636pqnexus_9348gc-fxpnexus_3172nexus_9808nexus_9272qnexus_9500_supervisor_b\+nexus_9500_4-slotn9k-sc-anexus_93120tx_switchnexus_93180yc-fxnexus_3432d-sn9k-sup-b\+n9k-c93108tc-fxn9k-c93360yc-fx2nexus_3232nexus_3000n9k-x9736c-fxnexus_3524nexus_9000_in_standalonen9k-x9736c-exnexus_3548-x\/xlnexus_9332d-gx2bnexus_3016nexus_9364c-h1nexus_9804n9k-c9372txnexus_92304qcn9k-c9396pxnexus_93108tc-fx-24nexus_93240tc-fx2nexus_9000_in_standalone_nx-os_modenexus_9500_supervisor_bnexus_9500_8-slotn9k-c9316d-gxnexus_3100nexus_3048nexus_9348gc-fx3phnexus_3500_platformnexus_9372tx-enexus_93360yc-fx2nexus_3524-xln9k-c93180yc-fxnexus_9396txn9k-c9348gc-fxpnexus_3232c_nexus_92300yc_switchnexus_3064n9k-c93128txnexus_9716d-gxnexus_3500n9k-x9788tc-fxn9k-c93600cd-gxnexus_9336c-fx2-en9k-c93240yc-fx2n9k-x9564txnexus_9396pxn9k-c93108tc-exn9k-c9372tx-en9k-x9464pxnexus_9221cn9k-c9336c-fx2nexus_3132q-x\/3132q-xlnexus_9372txnexus_9348d-gx2an9k-x9432c-snexus_3064-tnexus_93600cd-gxnexus_3408-snexus_9536pqnexus_9372px-enexus_9336pqnexus_3600nexus_9372tx-e_switchn9k-x9636c-rnexus_3400n9k-c9364c-gxnexus_9332pqnexus_93108tc-exnexus_9508nexus_3100-vn9k-c9236cnexus_92304qc_switchnexus_93120txn9k-x9400-8dnexus_9316d-gxnexus_3524-x\/xln9k-c9332d-gx2bnexus_9504_switchnexus_9408nexus_3100-zn9k-sup-an9k-c9332pqn9k-x9464tx2n9k-c93180yc-exn9k-c9348d-gx2an9k-x96136yc-rnexus_31128pqn9k-x9636q-rnexus_3548-xlnexus_93180yc-fx3snexus_3164qnexus_9364cnexus_93400ld-h1nexus_9800nexus_3132c-znexus_3172pq\/pq-xln9k-x97284yc-fxn9k-c9364d-gx2an9k-c9272qn9k-x9732c-exnexus_93180yc-fx-24nexus_3464cn9k-c9396txnexus_93216tc-fx2nexus_9232enexus_36180yc-rn9k-c9504nexus_93180tc-exnexus_3264qnexus_34180ycnexus_9000vnexus_9300nexus_31108pc-vn9k-x9400-22ln9k-x9636c-rxnexus_9500_supervisor_a\+nexus_3064-32tn9k-c93120txn9k-c93180yc2-fxnexus_93180yc-fx3nexus_9508_switchnexus_93180yc-ex-24n9k-c9516n9k-c9508nexus_3100vnexus_3548nexus_9736pqnexus_9396px_switchnexus_3132qn9k-c9372px-en9k-x9400-16wn9k-x97160yc-exnexus_9000_in_aci_modenexus_9372pxnexus_9364c-gxn9k-c9332cnexus_92160yc-xnexus_93180lc-ex_switchnexus_9372px_switchnexus_3000_seriesnexus_93108tc-ex-24nexus_9332pq_switchn9k-c92300ycnexus_9500_16-slotnexus_3064xnexus_9000nexus_31108pv-vnexus_9236c_switchnexus_9500nexus_93108tc-fx3pnexus_9504nexus_93108tc-fxnexus_3064tn9k-c9508-fm-rnexus_9500_supervisor_anexus_9800_34-port_100g_and_14-port_400g_line_cardnexus_92300ycnexus_3172pqnexus_3064-xnexus_9272q_switchnexus_3232cnexus_9200ycnexus_9200nexus_93180yc-ex_switchnexus_93108tc-fx3nexus_9348gc-fx3nexus_9800_36-port_400g_line_cardn9k-c9364cnexus_93128tx_switchnexus_3264c-enexus_93240yc-fx2n9k-c92160yc-xnexus_3548-xnexus_3132q-xlnexus_3172tq-xlnexus_93180yc-exnexus_9516_switchnexus_9332d-h2rnexus_93128nexus_93108tc-fx3hn9k-c93180lc-exnexus_9236cn9k-sup-a\+n9k-x9564pxnexus_93180yc-fx3hnexus_9516nexus_3172pq-xlnexus_9500rCisco NX-OS Software
CWE ID-CWE-653
Improper Isolation or Compartmentalization
CVE-2024-20286
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 28.10%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 16:37
Updated-22 Oct, 2024 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Python Parser Escape Vulnerability

A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.  Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-n9k-c9232cn9k-c92348gc-xnexus_34200yc-smnexus_93108tc-ex_switchnexus_93180lc-exnexus_3132q-xnexus_3172tqnx-osnexus_3200nexus_3636c-rnexus_9396tx_switchn9k-sup-bnexus_93128txnexus_9336pq_aci_spinenexus_9372tx_switchnexus_9336pq_aci_spine_switchn9k-c9372pxnexus_9336pq_acin9k-x9732c-fxnexus_92160yc_switchn9k-c9504-fm-rnexus_9432pqn9k-c92304qcnexus_9364d-gx2anexus_3016qnexus_3132q-vnexus_9332cnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3524-xn9k-c93216tc-fx2nexus_31108tc-vnexus_9372px-e_switchnexus_9636pqnexus_9348gc-fxpnexus_3172nexus_9808nexus_9272qnexus_9500_supervisor_b\+nexus_9500_4-slotn9k-sc-anexus_93120tx_switchnexus_93180yc-fxnexus_3432d-sn9k-sup-b\+n9k-c93108tc-fxn9k-c93360yc-fx2nexus_3232nexus_3000n9k-x9736c-fxnexus_3524nexus_9000_in_standalonen9k-x9736c-exnexus_3548-x\/xlnexus_9332d-gx2bnexus_3016nexus_9364c-h1nexus_9804n9k-c9372txnexus_92304qcn9k-c9396pxnexus_93108tc-fx-24nexus_93240tc-fx2nexus_9000_in_standalone_nx-os_modenexus_9500_supervisor_bnexus_9500_8-slotn9k-c9316d-gxnexus_3100nexus_3048nexus_9348gc-fx3phnexus_3500_platformnexus_9372tx-enexus_93360yc-fx2nexus_3524-xln9k-c93180yc-fxnexus_9396txn9k-c9348gc-fxpnexus_3232c_nexus_92300yc_switchnexus_3064n9k-c93128txnexus_9716d-gxnexus_3500n9k-x9788tc-fxn9k-c93600cd-gxnexus_9336c-fx2-en9k-c93240yc-fx2n9k-x9564txnexus_9396pxn9k-c93108tc-exn9k-c9372tx-en9k-x9464pxnexus_9221cn9k-c9336c-fx2nexus_3132q-x\/3132q-xlnexus_9372txnexus_9348d-gx2an9k-x9432c-snexus_3064-tnexus_93600cd-gxnexus_3408-snexus_9536pqnexus_9372px-enexus_9336pqnexus_3600nexus_9372tx-e_switchn9k-x9636c-rnexus_3400n9k-c9364c-gxnexus_9332pqnexus_93108tc-exnexus_9508nexus_3100-vn9k-c9236cnexus_92304qc_switchnexus_93120txn9k-x9400-8dnexus_9316d-gxnexus_3524-x\/xln9k-c9332d-gx2bnexus_9504_switchnexus_9408nexus_3100-zn9k-sup-an9k-c9332pqn9k-x9464tx2n9k-c93180yc-exn9k-c9348d-gx2an9k-x96136yc-rnexus_31128pqn9k-x9636q-rnexus_3548-xlnexus_93180yc-fx3snexus_3164qnexus_9364cnexus_93400ld-h1nexus_9800nexus_3132c-znexus_3172pq\/pq-xln9k-x97284yc-fxn9k-c9364d-gx2an9k-c9272qn9k-x9732c-exnexus_93180yc-fx-24nexus_3464cn9k-c9396txnexus_93216tc-fx2nexus_9232enexus_36180yc-rn9k-c9504nexus_93180tc-exnexus_3264qnexus_34180ycnexus_9000vnexus_9300nexus_31108pc-vn9k-x9400-22ln9k-x9636c-rxnexus_9500_supervisor_a\+nexus_3064-32tn9k-c93120txn9k-c93180yc2-fxnexus_93180yc-fx3nexus_9508_switchnexus_93180yc-ex-24n9k-c9516n9k-c9508nexus_3100vnexus_3548nexus_9736pqnexus_9396px_switchnexus_3132qn9k-c9372px-en9k-x9400-16wn9k-x97160yc-exnexus_9000_in_aci_modenexus_9372pxnexus_9364c-gxn9k-c9332cnexus_92160yc-xnexus_93180lc-ex_switchnexus_9372px_switchnexus_3000_seriesnexus_93108tc-ex-24nexus_9332pq_switchn9k-c92300ycnexus_9500_16-slotnexus_3064xnexus_9000nexus_31108pv-vnexus_9236c_switchnexus_9500nexus_93108tc-fx3pnexus_9504nexus_93108tc-fxnexus_3064tn9k-c9508-fm-rnexus_9500_supervisor_anexus_9800_34-port_100g_and_14-port_400g_line_cardnexus_92300ycnexus_3172pqnexus_3064-xnexus_9272q_switchnexus_3232cnexus_9200ycnexus_9200nexus_93180yc-ex_switchnexus_93108tc-fx3nexus_9348gc-fx3nexus_9800_36-port_400g_line_cardn9k-c9364cnexus_93128tx_switchnexus_3264c-enexus_93240yc-fx2n9k-c92160yc-xnexus_3548-xnexus_3132q-xlnexus_3172tq-xlnexus_93180yc-exnexus_9516_switchnexus_9332d-h2rnexus_93128nexus_93108tc-fx3hn9k-c93180lc-exnexus_9236cn9k-sup-a\+n9k-x9564pxnexus_93180yc-fx3hnexus_9516nexus_3172pq-xlnexus_9500rCisco NX-OS Software
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2024-20435
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.10% / 28.06%
||
7 Day CHG~0.00%
Published-17 Jul, 2024 | 16:27
Updated-08 Aug, 2025 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of Cisco AsyncOS for Secure Web Appliance could allow an authenticated, local attacker to execute arbitrary commands and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the CLI. An attacker could exploit this vulnerability by authenticating to the system and executing a crafted command on the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. To successfully exploit this vulnerability, an attacker would need at least guest credentials.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_web_appliance_virtual_s1000vsecure_web_appliance_virtual_s600vsecure_web_appliance_virtual_s300vasyncossecure_web_appliance_s196secure_web_appliance_s396secure_web_appliance_s696secure_web_appliance_virtual_s100vCisco Secure Web Appliancesecure_web_appliance
CWE ID-CWE-250
Execution with Unnecessary Privileges
CVE-2019-12675
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.2||HIGH
EPSS-0.03% / 9.25%
||
7 Day CHG~0.00%
Published-02 Oct, 2019 | 19:06
Updated-20 Nov, 2024 | 17:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_4145_firmwarefirepower_9300firepower_4150firepower_4110firepower_9300_firmwarefirepower_4125firepower_4125_firmwarefirepower_4140firepower_4115_firmwarefirepower_4150_firmwarefirepower_4120_firmwarefirepower_4145firepower_4120firepower_4140_firmwarefirepower_4110_firmwarefirepower_4115firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-216
DEPRECATED: Containment Errors (Container Errors)
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CVE-2023-20050
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.11% / 29.41%
||
7 Day CHG~0.00%
Published-23 Feb, 2023 | 00:00
Updated-25 Oct, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the currently logged-in user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_34200yc-smnexus_56128pnexus_3132q-xnexus_3172tqnx-osnexus_3200nexus_3636c-rnexus_3100-vnexus_6000nexus_3524-x\/xlnexus_6004mds_9140nexus_3100-zmds_9506mds_9250inexus_3548-xlnexus_3016qnexus_3132q-vnexus_31128pqnexus_6001pmds_9200nexus_3164qnexus_3172tq-32tnexus_3524-xnexus_3132c-znexus_31108tc-vnexus_3172pq\/pq-xlnexus_5548pnexus_5648qnexus_3172mds_9718mds_9000nexus_3464cmds_9700mds_9148smds_9513nexus_36180yc-rmds_9148tnexus_5500nexus_5672upmds_9132tnexus_1000_virtual_edgenexus_3264qnexus_3432d-snexus_7004nexus_34180ycnexus_9000vmds_9509nexus_31108pc-vmds_9706nexus_3064-32tnexus_5596upnexus_7009nexus_3524mds_9216nexus_3100vnexus_3548mds_9500nexus_3132qnexus_3548-x\/xlnexus_3016mds_9216anexus_7018nexus_5696qnexus_7710nexus_3064xnexus_3100nexus_9000mds_9100mds_9148nexus_3048nexus_31108pv-vnexus_6001nexus_3064tnexus_3524-xlmds_9396tnexus_3232c_nexus_7000nexus_7010mds_9396snexus_3064nexus_7706nexus_3172pqnexus_3064-xnexus_7718nexus_3500nexus_3232cnexus_5548upnexus_5600mds_9222inexus_1000vmds_9216inexus_5596tnexus_7702nexus_3264c-enexus_3132q-x\/3132q-xlnexus_5624qnexus_3548-xnexus_6004xnexus_3132q-xlnexus_3064-tmds_9710nexus_3172tq-xlnexus_6001tnexus_3408-snexus_3600mds_9134nexus_3172pq-xlnexus_7700nexus_5672up-16gnexus_3400Cisco NX-OS Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20013
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 24.67%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 21:01
Updated-21 Nov, 2024 | 21:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities. These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-intersight_private_virtual_applianceCisco Intersight Virtual Appliance
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-20193
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-07 Sep, 2023 | 19:29
Updated-23 Oct, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ESR console. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges to root and read, write, or delete arbitrary files from the underlying operating system of the affected device. Note: The ESR is not enabled by default and must be licensed. To verify the status of the ESR in the Admin GUI, choose Administration > Settings > Protocols > IPSec.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-20152
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.31% / 54.19%
||
7 Day CHG-0.10%
Published-05 Apr, 2023 | 00:00
Updated-06 Nov, 2024 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Command Injection Vulnerabilities

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid Administrator privileges on the affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20231
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.64% / 70.50%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 17:19
Updated-16 Dec, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to execute arbitrary Cisco IOS XE Software CLI commands with level 15 privileges. Note: This vulnerability is exploitable only if the attacker obtains the credentials for a Lobby Ambassador account. This account is not configured by default.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_9300l-48t-4g-ecatalyst_9300l-48p-4g-ecatalyst_9105axwcatalyst_9500hcatalyst_9300l-24t-4g-acatalyst_9300l-24t-4x-acatalyst_9130axecatalyst_9300l_stackcatalyst_9300l-24t-4x-ecatalyst_9300-48un-ecatalyst_9800-l-ccatalyst_9300-48p-acatalyst_9300-24s-acatalyst_9300l-24p-4g-ecatalyst_9120axpcatalyst_9124axicatalyst_9300l-48t-4x-acatalyst_9115axicatalyst_9105axcatalyst_9117axicatalyst_9800-lcatalyst_9300l-24p-4g-acatalyst_9115axcatalyst_9300-48uxm-acatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_9300lmcatalyst_9300-24p-acatalyst_9500catalyst_9117axcatalyst_9300-24t-ecatalyst_9300l-24t-4g-ecatalyst_9300-48s-ecatalyst_9300-24u-acatalyst_9800-clcatalyst_9300-48p-ecatalyst_9407rcatalyst_9300lcatalyst_9300-24u-ecatalyst_9300-48t-ecatalyst_9300l-48p-4g-acatalyst_9300xcatalyst_9300-48un-acatalyst_9120axecatalyst_9300l-48t-4g-acatalyst_9300-24p-ecatalyst_9300-48uxm-ecatalyst_9300-48t-acatalyst_9800-l-fcatalyst_9800-80catalyst_9300l-48t-4x-ecatalyst_9300l-48p-4x-ecatalyst_9400catalyst_9130axicatalyst_9800-40catalyst_9300l-48p-4x-acatalyst_9800catalyst_9300-24s-ecatalyst_9300-48u-ecatalyst_9300-48u-acatalyst_9120axcatalyst_9124axdcatalyst_9300-48s-acatalyst_9105axicatalyst_9120axiios_xecatalyst_9115axecatalyst_9130axcatalyst_9300l-24p-4x-acatalyst_9300-24t-acatalyst_9410rcatalyst_9300catalyst_9124axcatalyst_9300-24ux-eCisco IOS XE Softwareios_xe_software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2023-20023
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.31% / 54.19%
||
7 Day CHG~0.00%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Privilege Escalation Vulnerabilities

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid Administrator privileges on the affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20163
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.49% / 65.52%
||
7 Day CHG~0.00%
Published-18 May, 2023 | 00:00
Updated-28 Oct, 2024 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Command Injection Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20082
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.19% / 40.88%
||
7 Day CHG~0.00%
Published-23 Mar, 2023 | 00:00
Updated-28 Oct, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass Vulnerability

A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This vulnerability is due to errors that occur when retrieving the public release key that is used for image signature verification. An attacker could exploit this vulnerability by modifying specific variables in the Serial Peripheral Interface (SPI) flash memory of an affected device. A successful exploit could allow the attacker to execute persistent code on the underlying operating system. Note: In Cisco IOS XE Software releases 16.11.1 and later, the complexity of an attack using this vulnerability is high. However, an attacker with level-15 privileges could easily downgrade the Cisco IOS XE Software on a device to a release that would lower the attack complexity.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_9300-24u-ecatalyst_9300-48t-ecatalyst_9300l-48t-4g-ecatalyst_9300l-48p-4g-acatalyst_9300l-48p-4g-ecatalyst_9300-48un-acatalyst_9300xcatalyst_9300l-24t-4g-acatalyst_9300l-48t-4g-acatalyst_9300l-24t-4x-acatalyst_9300l_stackcatalyst_9300l-24t-4x-ecatalyst_9300-48un-ecatalyst_9300-24p-ecatalyst_9300-48p-acatalyst_9300-24s-acatalyst_9300-48t-acatalyst_9300-48uxm-ecatalyst_9300l-24p-4g-ecatalyst_9300l-48t-4x-ecatalyst_9300l-48t-4x-acatalyst_9300l-48p-4x-ecatalyst_9300l-24p-4g-acatalyst_9300-48uxm-acatalyst_9300l-24p-4x-ecatalyst_9300l-48p-4x-acatalyst_9300-24s-ecatalyst_9300-48u-ecatalyst_9300-24ux-acatalyst_9300lmcatalyst_9300-24p-acatalyst_9300-48u-acatalyst_9300-48s-acatalyst_9300-24t-ecatalyst_9300l-24t-4g-eios_xecatalyst_9300l-24p-4x-acatalyst_9300-24t-acatalyst_9300-48s-ecatalyst_9300catalyst_9300-24u-acatalyst_9300lcatalyst_9300-48p-ecatalyst_9300-24ux-eCisco IOS XE ROMMON Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20122
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.27% / 50.57%
||
7 Day CHG+0.05%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection Vulnerabilities

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20273
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-92.38% / 99.73%
||
7 Day CHG~0.00%
Published-24 Oct, 2023 | 14:13
Updated-28 Oct, 2025 | 13:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-10-27||Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_3850-48f-ecatalyst_3850-48t-lcatalyst_3650-48fq-scatalyst_3650-48pd-scatalyst_3650-48ps-ecatalyst_3850-12x48ucatalyst_3650-12x48uz-ecatalyst_3850-48xs-f-scatalyst_3650-12x48uq-scatalyst_3850-24xu-ecatalyst_3850-48xs-f-ecatalyst_3850-nm-2-40gcatalyst_3650-8x24pd-scatalyst_3650-48fqm-scatalyst_3650-48ps-lcatalyst_3850-12xs-ecatalyst_3650-48fd-ecatalyst_3650-48ts-lcatalyst_3650-24ts-ecatalyst_3650-24pd-scatalyst_3650-24td-scatalyst_3650-12x48uz-lcatalyst_3650-48fqm-lcatalyst_3650-8x24uq-scatalyst_3650-48pd-ecatalyst_3650-24td-ecatalyst_3650-24pdcatalyst_3850-16xs-scatalyst_3850-24p-ecatalyst_3650catalyst_3650-48pd-lcatalyst_3850-24p-lcatalyst_3850-48t-scatalyst_3650-12x48uq-ecatalyst_3650-48td-lcatalyst_3850-48u-lcatalyst_3650-48tq-lcatalyst_3850-nm-8-10gcatalyst_3650-48fd-lcatalyst_3650-24ps-lcatalyst_3650-48fs-ecatalyst_3650-48tq-ecatalyst_3850-48f-scatalyst_3650-48pq-scatalyst_3850-48u-ecatalyst_3650-48td-ecatalyst_3650-12x48urcatalyst_3850-32xs-ecatalyst_3850-48p-scatalyst_3650-48td-scatalyst_3850-24pw-scatalyst_3850-24xucatalyst_3650-48fs-scatalyst_3650-12x48uq-lcatalyst_3850-48ucatalyst_3650-24pdm-scatalyst_3650-12x48ur-lcatalyst_3850-24xs-ecatalyst_3850-48xs-ecatalyst_3650-24td-lcatalyst_3650-24ps-ecatalyst_3850-24u-lcatalyst_3850-48u-scatalyst_3850-48xscatalyst_3850-32xs-scatalyst_3650-24pdm-lcatalyst_3850-24xu-scatalyst_3650-12x48fd-lcatalyst_3650-48fs-lcatalyst_3650-8x24uqcatalyst_3650-24pd-lcatalyst_3650-8x24uq-ecatalyst_3850-48p-lcatalyst_3650-48fq-lcatalyst_3650-48fq-ecatalyst_3650-12x48fd-scatalyst_3650-12x48uz-scatalyst_3650-24pd-ecatalyst_3650-24pdmcatalyst_3850-24t-lcatalyst_3850-48f-lcatalyst_3850-48pw-scatalyst_3850-48t-ecatalyst_3850-12s-scatalyst_3850-24xs-scatalyst_3850-24xscatalyst_3650-48tq-scatalyst_3650-24ps-scatalyst_3650-48fqcatalyst_3650-8x24pd-ecatalyst_3650-48pq-lcatalyst_3650-48ts-ecatalyst_3650-48fqmcatalyst_3850-24p-scatalyst_3850-24ucatalyst_3850-48p-ecatalyst_3650-12x48uqcatalyst_3850-48xs-scatalyst_3650-48ts-scatalyst_3850-12xs-scatalyst_3850-24t-ecatalyst_3850-24s-ecatalyst_3650-8x24pd-lcatalyst_3650-24pdm-ecatalyst_3650-24ts-lcatalyst_3650-48fqm-ecatalyst_3650-12x48fd-eios_xecatalyst_3850-24u-ecatalyst_3650-48pq-ecatalyst_3850-12s-ecatalyst_3650-24ts-scatalyst_3650-12x48uzcatalyst_3650-12x48ur-scatalyst_3650-48fd-scatalyst_3650-48ps-scatalyst_3850-16xs-ecatalyst_3850catalyst_3650-8x24uq-lcatalyst_3650-12x48ur-ecatalyst_3850-24u-scatalyst_3850-24t-scatalyst_3850-24s-scatalyst_3850-24xu-lCisco IOS XE SoftwareCisco IOS XE Web UI
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20164
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.49% / 65.52%
||
7 Day CHG~0.00%
Published-18 May, 2023 | 00:00
Updated-28 Oct, 2024 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Command Injection Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20015
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.15% / 35.22%
||
7 Day CHG~0.00%
Published-23 Feb, 2023 | 00:00
Updated-28 Oct, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS Fabric Interconnects Command Injection Vulnerability

A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute unauthorized commands within the CLI. An attacker with Administrator privileges could also execute arbitrary commands on the underlying operating system of Cisco UCS 6400 and 6500 Series Fabric Interconnects with root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ucs_6454_firmwareucs_6300firepower_4150ucs_6332-16upucs_6300_firmwareucs_64108firepower_4110ucs_6248upfirepower_4125ucs_6296up_firmwareucs_64108_firmwareucs_central_softwarefirepower_9300_sm-44_x_3firepower_9300_sm-40ucs_6324ucs_6248up_firmwareucs_6332_firmwarefirepower_4120firepower_4145firepower_9300_sm-56firepower_9300_sm-56_x_3ucs_6536ucs_6332firepower_9300_sm-44firepower_4100ucs_6296upfirepower_9300_sm-24ucs_6536_firmwarefirepower_9300_sm-36ucs_6200firepower_extensible_operating_systemfirepower_9300_sm-48ucs_6324_firmwarefirepower_4112firepower_4140ucs_6454ucs_6332-16up_firmwareucs_6200_firmwarefirepower_4115Cisco Unified Computing System (Managed)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20219
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-0.45% / 63.59%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 17:08
Updated-26 Nov, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The attacker would need valid device credentials but does not require administrator privileges to exploit this vulnerability. These vulnerabilities are due to insufficient validation of user-supplied input for certain configuration options. An attacker could exploit these vulnerabilities by using crafted input within the device configuration GUI. A successful exploit could allow the attacker to execute arbitrary commands on the device including the underlying operating system which could also affect the availability of the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_firewall_management_centerCisco Firepower Management Centerfirepower_management_center
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-20075
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.09% / 25.99%
||
7 Day CHG-0.09%
Published-16 Feb, 2023 | 15:25
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands. These vulnerability is due to improper input validation in the CLI. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-email_security_applianceCisco Secure Email
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20021
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.31% / 54.19%
||
7 Day CHG~0.00%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Privilege Escalation Vulnerabilities

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid Administrator privileges on the affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20153
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.31% / 54.19%
||
7 Day CHG-0.10%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Command Injection Vulnerabilities

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid Administrator privileges on the affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20076
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-0.36% / 58.20%
||
7 Day CHG~0.00%
Published-12 Feb, 2023 | 00:00
Updated-28 Oct, 2024 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOx Application Hosting Environment Command Injection Vulnerability

A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xe809_industrial_integrated_services_routerir510_wpan_firmware829_industrial_integrated_services_router_firmwareic3000_industrial_compute_gatewaycgr1240807_industrial_integrated_services_router_firmware807_industrial_integrated_services_routercgr1000_firmware829_industrial_integrated_services_routerir510_wpan809_industrial_integrated_services_router_firmwarecgr1240_firmwarecgr1000ioxCisco IOS
CWE ID-CWE-233
Improper Handling of Parameters
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20007
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.38% / 59.70%
||
7 Day CHG~0.00%
Published-19 Jan, 2023 | 01:40
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code or cause the web-based management process on the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The attacker must have valid administrator credentials. This vulnerability is due to insufficient validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the web-based management process to restart, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-rv340_firmwarerv340wrv345prv345rv345_firmwarerv345p_firmwarerv340rv340w_firmwareCisco Small Business RV Series Router Firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20170
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.03% / 9.58%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 17:12
Updated-16 Dec, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20017
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 18.52%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 21:01
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities. These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-intersight_private_virtual_applianceCisco Intersight Virtual Appliance
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2021-1497
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-94.36% / 99.96%
||
7 Day CHG~0.00%
Published-06 May, 2021 | 12:41
Updated-28 Oct, 2025 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.
Cisco HyperFlex HX Command Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-hyperflex_hx240c_m5hyperflex_hx220c_edge_m5hyperflex_hx240chyperflex_hx220c_af_m5hyperflex_hx220c_all_nvme_m5hyperflex_hx220c_m5hyperflex_hx_data_platformhyperflex_hx240c_af_m5Cisco HyperFlex HX Data PlatformHyperFlex HX
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1318
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-0.58% / 68.84%
||
7 Day CHG~0.00%
Published-04 Feb, 2021 | 16:55
Updated-08 Nov, 2024 | 23:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business RV Series Routers Management Interface Command Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-rv042_dual_wan_vpn_router_firmwarerv016_multi-wan_vpn_router_firmwarerv042_dual_wan_vpn_routerrv082_dual_wan_vpn_router_firmwarerv325_dual_gigabit_wan_vpn_router_firmwarerv082_dual_wan_vpn_routerrv016_multi-wan_vpn_routerrv320_dual_gigabit_wan_vpn_routerrv320_dual_gigabit_wan_vpn_router_firmwarerv042g_dual_gigabit_wan_vpn_routerrv325_dual_gigabit_wan_vpn_routerrv042g_dual_gigabit_wan_vpn_router_firmwareCisco Small Business RV Series Router Firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1138
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-11.69% / 93.70%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 20:11
Updated-12 Nov, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-smart_software_manager_satelliteCisco Smart Software Manager On-Prem
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1618
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.60% / 81.75%
||
7 Day CHG~0.00%
Published-22 Jul, 2021 | 15:20
Updated-07 Nov, 2024 | 22:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Intersight Virtual Appliance Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to do one or both of the following: Execute a command using crafted input Upload a file that has been altered using path traversal techniques A successful exploit could allow the attacker to read and write arbitrary files or execute arbitrary commands as root on an affected system. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-intersight_virtual_applianceCisco Intersight Virtual Appliance
CWE ID-CWE-36
Absolute Path Traversal
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1498
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-94.21% / 99.92%
||
7 Day CHG~0.00%
Published-06 May, 2021 | 12:41
Updated-28 Oct, 2025 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.
Cisco HyperFlex HX Command Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-hyperflex_hx240c_m5hyperflex_hx220c_edge_m5hyperflex_hx240chyperflex_hx220c_af_m5hyperflex_hx220c_all_nvme_m5hyperflex_hx220c_m5hyperflex_hx_data_platformhyperflex_hx240c_af_m5Cisco HyperFlex HX Data PlatformHyperFlex HX
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1602
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.2||HIGH
EPSS-1.62% / 81.82%
||
7 Day CHG~0.00%
Published-04 Aug, 2021 | 17:20
Updated-07 Nov, 2024 | 22:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business RV160 and RV260 Series VPN Routers Remote Command Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device using root-level privileges. Due to the nature of the vulnerability, only commands without parameters can be executed.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-small_business_rv260small_business_rv160small_business_rv260wsmall_business_rv_series_router_firmwaresmall_business_rv160wsmall_business_rv260pCisco Small Business RV Series Router Firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2021-1315
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-0.58% / 68.84%
||
7 Day CHG~0.00%
Published-04 Feb, 2021 | 16:56
Updated-08 Nov, 2024 | 23:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business RV Series Routers Management Interface Command Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-rv042_dual_wan_vpn_router_firmwarerv016_multi-wan_vpn_router_firmwarerv042_dual_wan_vpn_routerrv082_dual_wan_vpn_router_firmwarerv325_dual_gigabit_wan_vpn_router_firmwarerv082_dual_wan_vpn_routerrv016_multi-wan_vpn_routerrv320_dual_gigabit_wan_vpn_routerrv320_dual_gigabit_wan_vpn_router_firmwarerv042g_dual_gigabit_wan_vpn_routerrv325_dual_gigabit_wan_vpn_routerrv042g_dual_gigabit_wan_vpn_router_firmwareCisco Small Business RV Series Router Firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1316
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-0.58% / 68.84%
||
7 Day CHG~0.00%
Published-04 Feb, 2021 | 16:56
Updated-08 Nov, 2024 | 23:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business RV Series Routers Management Interface Command Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-rv042_dual_wan_vpn_router_firmwarerv016_multi-wan_vpn_router_firmwarerv042_dual_wan_vpn_routerrv082_dual_wan_vpn_router_firmwarerv325_dual_gigabit_wan_vpn_router_firmwarerv082_dual_wan_vpn_routerrv016_multi-wan_vpn_routerrv320_dual_gigabit_wan_vpn_routerrv320_dual_gigabit_wan_vpn_router_firmwarerv042g_dual_gigabit_wan_vpn_routerrv325_dual_gigabit_wan_vpn_routerrv042g_dual_gigabit_wan_vpn_router_firmwareCisco Small Business RV Series Router Firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1514
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.07% / 21.82%
||
7 Day CHG~0.00%
Published-06 May, 2021 | 12:50
Updated-08 Nov, 2024 | 23:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_2000vedge_100_firmwarevedge_100mvedge_5000_firmwarevedge_1000_firmwarevedge_5000vsmart_controllervedge_100b_firmwarevedge_100wm_firmwarevedge_2000_firmwarevedge_1000vedge_100bcatalyst_sd-wan_managervedge_cloudvedge-100b_firmwarevsmart_controller_firmwaresd-wan_vbond_orchestratorvedge-100bvedge_100m_firmwarevedge_100sd-wan_vmanagevedge_cloud_firmwarevedge_100wmCisco SD-WAN Solution
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1441
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.47%
||
7 Day CHG~0.00%
Published-24 Mar, 2021 | 20:06
Updated-08 Nov, 2024 | 23:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Hardware Initialization Routines Arbitrary Code Execution Vulnerability

A vulnerability in the hardware initialization routines of Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers could allow an authenticated, local attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of parameters passed to a diagnostic script that is executed when the device boots up. An attacker could exploit this vulnerability by tampering with an executable file stored on a device. A successful exploit could allow the attacker to execute unsigned code at boot time and bypass the software image verification check part of the secure boot process of an affected device. To exploit this vulnerability, the attacker would need administrative level credentials (level 15) on the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeesr6300ir1101Cisco IOS XE Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1584
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.11% / 29.43%
||
7 Day CHG~0.00%
Published-25 Aug, 2021 | 19:10
Updated-07 Nov, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation Vulnerability

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient restrictions during the execution of a specific CLI command. An attacker with administrative privileges could exploit this vulnerability by performing a command injection attack on the vulnerable command. A successful exploit could allow the attacker to access the underlying operating system as root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_93180lc-exnexus_9332pqnexus_93108tc-exnx-osnexus_9372pxnexus_9364c-gxnexus_9508nexus_93108tc-fx-24nexus_92304qcnexus_93120txnexus_92160yc-xnexus_93128txnexus_9316d-gxnexus_93108tc-ex-24nexus_9000nexus_9372tx-enexus_93108tc-fx3pnexus_93108tc-fxnexus_93360yc-fx2nexus_9396txnexus_93180yc-fx3snexus_9332cnexus_9364cnexus_92300ycnexus_92348gc-xnexus_9336c-fx2nexus_9348gc-fxpnexus_9272qnexus_93180yc-fx-24nexus_9336c-fx2-enexus_9396pxnexus_93216tc-fx2nexus_93240yc-fx2nexus_93180yc-fxnexus_9372txnexus_93180yc-exnexus_93600cd-gxnexus_9000vnexus_9372px-enexus_9236cnexus_93180yc-fx3nexus_93180yc-ex-24Cisco NX-OS System Software in ACI Mode
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1443
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.69% / 71.73%
||
7 Day CHG~0.00%
Published-24 Mar, 2021 | 20:06
Updated-08 Nov, 2024 | 23:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Web UI OS Command Injection Vulnerability

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying operating system of an affected device. The vulnerability exists because the affected software improperly sanitizes values that are parsed from a specific configuration file. An attacker could exploit this vulnerability by tampering with a specific configuration file and then sending an API call. A successful exploit could allow the attacker to inject arbitrary code that would be executed on the underlying operating system of the affected device. To exploit this vulnerability, the attacker would need to have a privileged set of credentials to the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1557
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.07% / 21.12%
||
7 Day CHG~0.00%
Published-22 May, 2021 | 06:40
Updated-08 Nov, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco DNA Spaces Connector Privilege Escalation Vulnerabilities

Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. These vulnerabilities are due to insufficient restrictions during the execution of affected CLI commands. An attacker could exploit these vulnerabilities by leveraging the insufficient restrictions during execution of these commands. A successful exploit could allow the attacker to elevate privileges from dnasadmin and execute arbitrary commands on the underlying operating system as root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-dna_spaces\Cisco DNA Spaces Connector
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1452
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.07% / 22.09%
||
7 Day CHG~0.00%
Published-24 Mar, 2021 | 20:06
Updated-08 Nov, 2024 | 23:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability

A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An attacker could exploit this vulnerability by setting malicious values for a specific ROMMON variable. A successful exploit could allow the attacker to execute unsigned code and bypass the image verification check during the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated, physical access to the device or obtain privileged access to the root shell on the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_ie3400_heavy_duty_switchcatalyst_ie3400_rugged_switchcatalyst_ie3200_rugged_switchios_xe_rom_monitoress_3300catalyst_ie3300_rugged_switchCisco IOS XE ROMMON Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1421
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.62%
||
7 Day CHG~0.00%
Published-06 May, 2021 | 12:42
Updated-08 Nov, 2024 | 23:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Enterprise NFV Infrastructure Software Command Injection Vulnerability

A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to perform a command injection attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to a configuration command. An attacker could exploit this vulnerability by including malicious input during the execution of this command. A successful exploit could allow a non-privileged attacker authenticated in the restricted CLI to execute arbitrary commands on the underlying operating system (OS) with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-enterprise_nfv_infrastructure_softwareCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1150
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-0.58% / 68.84%
||
7 Day CHG~0.00%
Published-13 Jan, 2021 | 21:37
Updated-12 Nov, 2024 | 20:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Command Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on an affected device. Cisco has not released software updates that address these vulnerabilities.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-rv130w_firmwareapplication_extension_platformrv130_vpn_routerrv130_vpn_router_firmwarerv215w_wireless-n_vpn_routerrv110wrv215w_wireless-n_vpn_router_firmwarerv110w_firmwarerv130wCisco Small Business RV Series Router Firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found