Vulnerabilites related to cisco - firepower_4120
cve-2020-3456
Vulnerability from cvelistv5
Published
2020-10-21 18:36
Modified
2024-11-13 17:48
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Firepower Chassis Manager (FCM) of Cisco FXOS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected device. The vulnerability is due to insufficient CSRF protections for the FCM interface. An attacker could exploit this vulnerability by persuading a targeted user to click a malicious link. A successful exploit could allow the attacker to send arbitrary requests that could take unauthorized actions on behalf of the targeted user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxosfcm-csrf-uhO4e5BZ | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:37:54.615Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20201021 Cisco FXOS Software Firepower Chassis Manager Cross-Site Request Forgery Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxosfcm-csrf-uhO4e5BZ", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3456", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:17:20.902636Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T17:48:57.327Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Adaptive Security Appliance (ASA) Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-10-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Firepower Chassis Manager (FCM) of Cisco FXOS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected device. The vulnerability is due to insufficient CSRF protections for the FCM interface. An attacker could exploit this vulnerability by persuading a targeted user to click a malicious link. A successful exploit could allow the attacker to send arbitrary requests that could take unauthorized actions on behalf of the targeted user.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-352", description: "CWE-352", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-21T18:36:14", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20201021 Cisco FXOS Software Firepower Chassis Manager Cross-Site Request Forgery Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxosfcm-csrf-uhO4e5BZ", }, ], source: { advisory: "cisco-sa-fxosfcm-csrf-uhO4e5BZ", defect: [ [ "CSCvo94700", "CSCvp75856", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS Software Firepower Chassis Manager Cross-Site Request Forgery Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-10-21T16:00:00", ID: "CVE-2020-3456", STATE: "PUBLIC", TITLE: "Cisco FXOS Software Firepower Chassis Manager Cross-Site Request Forgery Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Adaptive Security Appliance (ASA) Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Firepower Chassis Manager (FCM) of Cisco FXOS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected device. The vulnerability is due to insufficient CSRF protections for the FCM interface. An attacker could exploit this vulnerability by persuading a targeted user to click a malicious link. A successful exploit could allow the attacker to send arbitrary requests that could take unauthorized actions on behalf of the targeted user.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.8", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-352", }, ], }, ], }, references: { reference_data: [ { name: "20201021 Cisco FXOS Software Firepower Chassis Manager Cross-Site Request Forgery Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxosfcm-csrf-uhO4e5BZ", }, ], }, source: { advisory: "cisco-sa-fxosfcm-csrf-uhO4e5BZ", defect: [ [ "CSCvo94700", "CSCvp75856", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3456", datePublished: "2020-10-21T18:36:14.963320Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T17:48:57.327Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3504
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:10
Severity ?
EPSS score ?
Summary
A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Managed) |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:37:54.362Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200826 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3504", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:24:18.362716Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:10:32.493Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Unified Computing System (Managed)", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-08-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-664", description: "CWE-664", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-27T15:40:13", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200826 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe", }, ], source: { advisory: "cisco-sa-ucs-cli-dos-GQUxCnTe", defect: [ [ "CSCvr91760", ], ], discovery: "INTERNAL", }, title: "Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-08-26T16:00:00", ID: "CVE-2020-3504", STATE: "PUBLIC", TITLE: "Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Unified Computing System (Managed)", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "3.3", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-664", }, ], }, ], }, references: { reference_data: [ { name: "20200826 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe", }, ], }, source: { advisory: "cisco-sa-ucs-cli-dos-GQUxCnTe", defect: [ [ "CSCvr91760", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3504", datePublished: "2020-08-27T15:40:13.292875Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T18:10:32.493Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-12697
Vulnerability from cvelistv5
Published
2019-10-02 19:06
Modified
2024-11-19 18:54
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco FireSIGHT System Software |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:24:39.235Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20191002 Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-12697", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-19T17:22:44.929605Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-19T18:54:09.036Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FireSIGHT System Software", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-10-02T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-693", description: "CWE-693", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-02T19:06:48", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20191002 Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass", }, ], source: { advisory: "cisco-sa-20191002-firepwr-bypass", defect: [ [ "CSCvo70545", "CSCvp66222", ], ], discovery: "INTERNAL", }, title: "Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-10-02T16:00:00-0700", ID: "CVE-2019-12697", STATE: "PUBLIC", TITLE: "Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FireSIGHT System Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "5.8", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-693", }, ], }, ], }, references: { reference_data: [ { name: "20191002 Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass", }, ], }, source: { advisory: "cisco-sa-20191002-firepwr-bypass", defect: [ [ "CSCvo70545", "CSCvp66222", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-12697", datePublished: "2019-10-02T19:06:48.250257Z", dateReserved: "2019-06-04T00:00:00", dateUpdated: "2024-11-19T18:54:09.036Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3172
Vulnerability from cvelistv5
Published
2020-02-26 16:50
Modified
2024-11-15 17:38
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Managed) |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.791Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200226 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3172", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:25:00.721656Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:38:15.493Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Unified Computing System (Managed)", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-26T16:50:40", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200226 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp", }, ], source: { advisory: "cisco-sa-20200226-fxos-nxos-cdp", defect: [ [ "CSCux07556", "CSCux58226", "CSCvr31410", "CSCvr37146", "CSCvr37148", "CSCvr37150", "CSCvr37151", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-26T16:00:00-0800", ID: "CVE-2020-3172", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Unified Computing System (Managed)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.8", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20200226 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp", }, ], }, source: { advisory: "cisco-sa-20200226-fxos-nxos-cdp", defect: [ [ "CSCux07556", "CSCux58226", "CSCvr31410", "CSCvr37146", "CSCvr37148", "CSCvr37150", "CSCvr37151", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3172", datePublished: "2020-02-26T16:50:40.700230Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:38:15.493Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-20866
Vulnerability from cvelistv5
Published
2022-08-10 16:20
Modified
2024-11-01 18:54
Severity ?
EPSS score ?
Summary
A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successful exploit could allow the attacker to retrieve the RSA private key. The following conditions may be observed on an affected device: This vulnerability will apply to approximately 5 percent of the RSA keys on a device that is running a vulnerable release of Cisco ASA Software or Cisco FTD Software; not all RSA keys are expected to be affected due to mathematical calculations applied to the RSA key. The RSA key could be valid but have specific characteristics that make it vulnerable to the potential leak of the RSA private key. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. See the Indicators of Compromise section for more information on the detection of this type of RSA key. The RSA key could be malformed and invalid. A malformed RSA key is not functional, and a TLS client connection to a device that is running Cisco ASA Software or Cisco FTD Software that uses the malformed RSA key will result in a TLS signature failure, which means a vulnerable software release created an invalid RSA signature that failed verification. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:24:50.207Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20220810 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-20866", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-01T18:42:20.599063Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-01T18:54:32.713Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Adaptive Security Appliance (ASA) Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2022-08-10T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successful exploit could allow the attacker to retrieve the RSA private key. The following conditions may be observed on an affected device: This vulnerability will apply to approximately 5 percent of the RSA keys on a device that is running a vulnerable release of Cisco ASA Software or Cisco FTD Software; not all RSA keys are expected to be affected due to mathematical calculations applied to the RSA key. The RSA key could be valid but have specific characteristics that make it vulnerable to the potential leak of the RSA private key. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. See the Indicators of Compromise section for more information on the detection of this type of RSA key. The RSA key could be malformed and invalid. A malformed RSA key is not functional, and a TLS client connection to a device that is running Cisco ASA Software or Cisco FTD Software that uses the malformed RSA key will result in a TLS signature failure, which means a vulnerable software release created an invalid RSA signature that failed verification. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is aware of a public announcement of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-203", description: "CWE-203", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-10T16:20:19", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20220810 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz", }, ], source: { advisory: "cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz", defect: [ [ "CSCwb88651", "CSCwc28334", ], ], discovery: "INTERNAL", }, title: "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2022-08-10T23:00:00", ID: "CVE-2022-20866", STATE: "PUBLIC", TITLE: "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Adaptive Security Appliance (ASA) Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successful exploit could allow the attacker to retrieve the RSA private key. The following conditions may be observed on an affected device: This vulnerability will apply to approximately 5 percent of the RSA keys on a device that is running a vulnerable release of Cisco ASA Software or Cisco FTD Software; not all RSA keys are expected to be affected due to mathematical calculations applied to the RSA key. The RSA key could be valid but have specific characteristics that make it vulnerable to the potential leak of the RSA private key. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. See the Indicators of Compromise section for more information on the detection of this type of RSA key. The RSA key could be malformed and invalid. A malformed RSA key is not functional, and a TLS client connection to a device that is running Cisco ASA Software or Cisco FTD Software that uses the malformed RSA key will result in a TLS signature failure, which means a vulnerable software release created an invalid RSA signature that failed verification. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic.", }, ], }, exploit: [ { lang: "en", value: "The Cisco PSIRT is aware of a public announcement of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.4", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-203", }, ], }, ], }, references: { reference_data: [ { name: "20220810 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz", }, ], }, source: { advisory: "cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz", defect: [ [ "CSCwb88651", "CSCwc28334", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2022-20866", datePublished: "2022-08-10T16:20:19.803227Z", dateReserved: "2021-11-02T00:00:00", dateUpdated: "2024-11-01T18:54:32.713Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3169
Vulnerability from cvelistv5
Published
2020-02-26 16:50
Modified
2024-11-15 17:37
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root on an affected device. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fpwr-cmdinj | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Firepower Extensible Operating System (FXOS) |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.671Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200226 Cisco FXOS Software CLI Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fpwr-cmdinj", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3169", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:58.305369Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:37:39.645Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Firepower Extensible Operating System (FXOS)", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root on an affected device. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-26T16:50:55", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200226 Cisco FXOS Software CLI Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fpwr-cmdinj", }, ], source: { advisory: "cisco-sa-20200226-fpwr-cmdinj", defect: [ [ "CSCvo42633", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS Software CLI Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-26T16:00:00-0800", ID: "CVE-2020-3169", STATE: "PUBLIC", TITLE: "Cisco FXOS Software CLI Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Firepower Extensible Operating System (FXOS)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root on an affected device. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-78", }, ], }, ], }, references: { reference_data: [ { name: "20200226 Cisco FXOS Software CLI Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fpwr-cmdinj", }, ], }, source: { advisory: "cisco-sa-20200226-fpwr-cmdinj", defect: [ [ "CSCvo42633", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3169", datePublished: "2020-02-26T16:50:55.621127Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:37:39.645Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3545
Vulnerability from cvelistv5
Published
2020-09-04 02:25
Modified
2024-11-13 18:09
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer overflow condition. The vulnerability is due to incorrect bounds checking of values that are parsed from a specific file. An attacker could exploit this vulnerability by supplying a crafted file that, when it is processed, may cause a stack-based buffer overflow. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system with root privileges. An attacker would need to have valid administrative credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-buffer-cSdmfWUt | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Firepower Extensible Operating System (FXOS) |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:37:54.889Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200902 Cisco FXOS Software Buffer Overflow Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-buffer-cSdmfWUt", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3545", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:18:11.611518Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:09:11.735Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Firepower Extensible Operating System (FXOS)", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-09-02T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer overflow condition. The vulnerability is due to incorrect bounds checking of values that are parsed from a specific file. An attacker could exploit this vulnerability by supplying a crafted file that, when it is processed, may cause a stack-based buffer overflow. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system with root privileges. An attacker would need to have valid administrative credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-04T02:25:22", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200902 Cisco FXOS Software Buffer Overflow Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-buffer-cSdmfWUt", }, ], source: { advisory: "cisco-sa-fxos-buffer-cSdmfWUt", defect: [ [ "CSCvd72523", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS Software Buffer Overflow Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-09-02T16:00:00", ID: "CVE-2020-3545", STATE: "PUBLIC", TITLE: "Cisco FXOS Software Buffer Overflow Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Firepower Extensible Operating System (FXOS)", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer overflow condition. The vulnerability is due to incorrect bounds checking of values that are parsed from a specific file. An attacker could exploit this vulnerability by supplying a crafted file that, when it is processed, may cause a stack-based buffer overflow. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system with root privileges. An attacker would need to have valid administrative credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.0", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200902 Cisco FXOS Software Buffer Overflow Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-buffer-cSdmfWUt", }, ], }, source: { advisory: "cisco-sa-fxos-buffer-cSdmfWUt", defect: [ [ "CSCvd72523", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3545", datePublished: "2020-09-04T02:25:22.334152Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T18:09:11.735Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3517
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:09
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:37:54.679Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200826 Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3517", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:13:07.454503Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:09:30.343Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-08-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-27T15:40:48", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200826 Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", }, ], source: { advisory: "cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", defect: [ [ "CSCvt39630", "CSCvt46835", "CSCvt46837", "CSCvt46838", "CSCvt46839", "CSCvt46877", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-08-26T16:00:00", ID: "CVE-2020-3517", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.6", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476", }, ], }, ], }, references: { reference_data: [ { name: "20200826 Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", }, ], }, source: { advisory: "cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", defect: [ [ "CSCvt39630", "CSCvt46835", "CSCvt46837", "CSCvt46838", "CSCvt46839", "CSCvt46877", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3517", datePublished: "2020-08-27T15:40:48.124786Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T18:09:30.343Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1368
Vulnerability from cvelistv5
Published
2021-02-24 19:30
Modified
2024-11-08 23:37
Severity ?
EPSS score ?
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:11:16.857Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210224 Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1368", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-08T20:20:53.434491Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-08T23:37:56.190Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-02-24T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-24T19:30:49", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210224 Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35", }, ], source: { advisory: "cisco-sa-nxos-udld-rce-xetH6w35", defect: [ [ "CSCvv78238", "CSCvv96088", "CSCvv96090", "CSCvv96092", "CSCvv96107", "CSCvw38964", "CSCvw38981", "CSCvw38982", "CSCvw38983", "CSCvw38984", "CSCvw38995", "CSCvw45654", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-02-24T16:00:00", ID: "CVE-2021-1368", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.8", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787", }, ], }, ], }, references: { reference_data: [ { name: "20210224 Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35", }, ], }, source: { advisory: "cisco-sa-nxos-udld-rce-xetH6w35", defect: [ [ "CSCvv78238", "CSCvv96088", "CSCvv96090", "CSCvv96092", "CSCvv96107", "CSCvw38964", "CSCvw38981", "CSCvw38982", "CSCvw38983", "CSCvw38984", "CSCvw38995", "CSCvw45654", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1368", datePublished: "2021-02-24T19:30:49.775173Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-08T23:37:56.190Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1780
Vulnerability from cvelistv5
Published
2019-05-16 17:00
Modified
2024-11-21 19:23
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108392 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.632Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1780)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780", }, { name: "108392", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108392", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1780", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T18:58:18.043976Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T19:23:24.133Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-21T09:06:02", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1780)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780", }, { name: "108392", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108392", }, ], source: { advisory: "cisco-sa-20190515-nxos-fxos-cmdinj-1780", defect: [ [ "CSCvi01431", "CSCvi01440", "CSCvi92326", "CSCvi92328", "CSCvi92329", "CSCvi92332", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1780", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.2", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1780)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780", }, { name: "108392", refsource: "BID", url: "http://www.securityfocus.com/bid/108392", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-fxos-cmdinj-1780", defect: [ [ "CSCvi01431", "CSCvi01440", "CSCvi92326", "CSCvi92328", "CSCvi92329", "CSCvi92332", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1780", datePublished: "2019-05-16T17:00:17.177415Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-21T19:23:24.133Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3455
Vulnerability from cvelistv5
Published
2020-10-21 18:36
Modified
2024-11-13 17:48
Severity ?
EPSS score ?
Summary
A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into a specific file that is then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device which would be executed at each boot and maintain persistence across reboots.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbp-XTuPkYTn | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Firepower Extensible Operating System (FXOS) |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:37:54.973Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20201021 Cisco FXOS Software for Firepower 4100/9300 Series Appliances Secure Boot Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbp-XTuPkYTn", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3455", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:17:19.550987Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T17:48:47.807Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Firepower Extensible Operating System (FXOS)", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-10-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into a specific file that is then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device which would be executed at each boot and maintain persistence across reboots.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-693", description: "CWE-693", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-21T18:36:19", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20201021 Cisco FXOS Software for Firepower 4100/9300 Series Appliances Secure Boot Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbp-XTuPkYTn", }, ], source: { advisory: "cisco-sa-fxos-sbbp-XTuPkYTn", defect: [ [ "CSCvt31171", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS Software for Firepower 4100/9300 Series Appliances Secure Boot Bypass Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-10-21T16:00:00", ID: "CVE-2020-3455", STATE: "PUBLIC", TITLE: "Cisco FXOS Software for Firepower 4100/9300 Series Appliances Secure Boot Bypass Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Firepower Extensible Operating System (FXOS)", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into a specific file that is then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device which would be executed at each boot and maintain persistence across reboots.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-693", }, ], }, ], }, references: { reference_data: [ { name: "20201021 Cisco FXOS Software for Firepower 4100/9300 Series Appliances Secure Boot Bypass Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbp-XTuPkYTn", }, ], }, source: { advisory: "cisco-sa-fxos-sbbp-XTuPkYTn", defect: [ [ "CSCvt31171", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3455", datePublished: "2020-10-21T18:36:19.422407Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T17:48:47.807Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0294
Vulnerability from cvelistv5
Published
2018-06-20 21:00
Modified
2024-11-29 15:02
Severity ?
EPSS score ?
Summary
A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco FXOS and NX-OS unknown |
Version: Cisco FXOS and NX-OS unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:15.277Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041169", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0294", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:42:14.413008Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T15:02:18.535Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FXOS and NX-OS unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco FXOS and NX-OS unknown", }, ], }, ], datePublic: "2018-06-20T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-23T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041169", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0294", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FXOS and NX-OS unknown", version: { version_data: [ { version_value: "Cisco FXOS and NX-OS unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264", }, ], }, ], }, references: { reference_data: [ { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin", }, { name: "1041169", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041169", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0294", datePublished: "2018-06-20T21:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T15:02:18.535Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1728
Vulnerability from cvelistv5
Published
2019-05-15 16:45
Modified
2024-11-20 17:22
Severity ?
EPSS score ?
Summary
A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An attacker could exploit this vulnerability by authenticating to the device and overwriting the persistent configuration storage with malicious executable files. An exploit could allow the attacker to run arbitrary commands at system startup and those commands will run as the root user. The attacker must have valid administrative credentials for the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-conf-bypass | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108391 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.538Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Secure Configuration Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-conf-bypass", }, { name: "108391", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108391", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1728", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:55:04.067211Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:22:35.424Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An attacker could exploit this vulnerability by authenticating to the device and overwriting the persistent configuration storage with malicious executable files. An exploit could allow the attacker to run arbitrary commands at system startup and those commands will run as the root user. The attacker must have valid administrative credentials for the device.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-347", description: "CWE-347", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-21T12:06:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Secure Configuration Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-conf-bypass", }, { name: "108391", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108391", }, ], source: { advisory: "cisco-sa-20190515-nxos-conf-bypass", defect: [ [ "CSCvh20223", "CSCvi96577", "CSCvi96578", "CSCvi96579", "CSCvi96580", "CSCvi96583", "CSCvi96584", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Secure Configuration Bypass Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1728", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Secure Configuration Bypass Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An attacker could exploit this vulnerability by authenticating to the device and overwriting the persistent configuration storage with malicious executable files. An exploit could allow the attacker to run arbitrary commands at system startup and those commands will run as the root user. The attacker must have valid administrative credentials for the device.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-347", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Secure Configuration Bypass Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-conf-bypass", }, { name: "108391", refsource: "BID", url: "http://www.securityfocus.com/bid/108391", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-conf-bypass", defect: [ [ "CSCvh20223", "CSCvi96577", "CSCvi96578", "CSCvi96579", "CSCvi96580", "CSCvi96583", "CSCvi96584", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1728", datePublished: "2019-05-15T16:45:23.499873Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:22:35.424Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-44228
Vulnerability from cvelistv5
Published
2021-12-10 00:00
Modified
2025-02-04 14:25
Severity ?
EPSS score ?
Summary
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Log4j2 |
Version: 2.0-beta9 < log4j-core* |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:17:24.696Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://logging.apache.org/log4j/2.x/security.html", }, { name: "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/1", }, { name: "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/2", }, { name: "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/3", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211210-0007/", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { tags: [ "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html", }, { name: "DSA-5020", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5020", }, { name: "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html", }, { name: "FEDORA-2021-f0f501d01f", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/", }, { name: "Microsoft’s Response to CVE-2021-44228 Apache Log4j 2", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/", }, { name: "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/2", }, { name: "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/1", }, { name: "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/14/4", }, { name: "20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "VU#930724", tags: [ "third-party-advisory", "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { tags: [ "x_transferred", ], url: "https://twitter.com/kurtseifried/status/1469345530182455296", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html", }, { tags: [ "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", }, { name: "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/15/3", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", }, { name: "FEDORA-2021-66d6c484f3", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html", }, { tags: [ "x_transferred", ], url: "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html", }, { name: "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Mar/23", }, { tags: [ "x_transferred", ], url: "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001", }, { tags: [ "x_transferred", ], url: "https://github.com/cisagov/log4j-affected-db", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213189", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228", }, { tags: [ "x_transferred", ], url: "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html", }, { name: "20220721 Open-Xchange Security Advisory 2022-07-21", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Jul/11", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html", }, { name: "20221208 Intel Data Center Manager <= 5.1 Local Privileges Escalation", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Dec/2", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2021-44228", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T14:25:34.416117Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-12-10", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-44228", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-02-04T14:25:37.215Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Apache Log4j2", vendor: "Apache Software Foundation", versions: [ { changes: [ { at: "2.3.1", status: "unaffected", }, { at: "2.4", status: "affected", }, { at: "2.12.2", status: "unaffected", }, { at: "2.13.0", status: "affected", }, { at: "2.15.0", status: "unaffected", }, ], lessThan: "log4j-core*", status: "affected", version: "2.0-beta9", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "This issue was discovered by Chen Zhaojun of Alibaba Cloud Security Team.", }, ], descriptions: [ { lang: "en", value: "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.", }, ], metrics: [ { other: { content: { other: "critical", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-03T00:00:00.000Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { url: "https://logging.apache.org/log4j/2.x/security.html", }, { name: "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/1", }, { name: "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/2", }, { name: "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/3", }, { url: "https://security.netapp.com/advisory/ntap-20211210-0007/", }, { url: "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { url: "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html", }, { name: "DSA-5020", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-5020", }, { name: "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html", }, { name: "FEDORA-2021-f0f501d01f", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/", }, { name: "Microsoft’s Response to CVE-2021-44228 Apache Log4j 2", tags: [ "vendor-advisory", ], url: "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/", }, { name: "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/2", }, { name: "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/1", }, { name: "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/14/4", }, { name: "20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "VU#930724", tags: [ "third-party-advisory", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { url: "https://twitter.com/kurtseifried/status/1469345530182455296", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf", }, { url: "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html", }, { url: "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { url: "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html", }, { url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", }, { name: "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/15/3", }, { url: "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html", }, { url: "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html", }, { url: "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html", }, { url: "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html", }, { url: "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", }, { name: "FEDORA-2021-66d6c484f3", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/", }, { url: "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { url: "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html", }, { url: "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md", }, { url: "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html", }, { url: "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html", }, { name: "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Mar/23", }, { url: "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001", }, { url: "https://github.com/cisagov/log4j-affected-db", }, { url: "https://support.apple.com/kb/HT213189", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228", }, { url: "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html", }, { name: "20220721 Open-Xchange Security Advisory 2022-07-21", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Jul/11", }, { url: "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html", }, { url: "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html", }, { name: "20221208 Intel Data Center Manager <= 5.1 Local Privileges Escalation", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Dec/2", }, { url: "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html", }, ], source: { discovery: "UNKNOWN", }, title: "Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2021-44228", datePublished: "2021-12-10T00:00:00.000Z", dateReserved: "2021-11-26T00:00:00.000Z", dateUpdated: "2025-02-04T14:25:37.215Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1734
Vulnerability from cvelistv5
Published
2019-11-05 19:15
Modified
2024-11-21 19:06
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 6.2(7) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.554Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1734", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T18:55:53.041640Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T19:06:05.831Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "6.2(7)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-05T19:15:35", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info", }, ], source: { advisory: "cisco-sa-20190515-nxos-fxos-info", defect: [ [ "CSCvj59436", "CSCvk50808", "CSCvk50810", "CSCvk50814", "CSCvk50816", "CSCvk50838", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1734", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "6.2(7)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "5.5", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-fxos-info", defect: [ [ "CSCvj59436", "CSCvk50808", "CSCvk50810", "CSCvk50814", "CSCvk50816", "CSCvk50838", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1734", datePublished: "2019-11-05T19:15:35.896970Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-21T19:06:05.831Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0302
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:59
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could exploit this vulnerability by exceeding the expected length of user input. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61099, CSCvb86743.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-ace | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco FXOS Software and UCS Fabric Interconnect unknown |
Version: Cisco FXOS Software and UCS Fabric Interconnect unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:15.577Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-ace", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0302", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:42:08.635541Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T14:59:13.685Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FXOS Software and UCS Fabric Interconnect unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco FXOS Software and UCS Fabric Interconnect unknown", }, ], }, ], datePublic: "2018-06-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could exploit this vulnerability by exceeding the expected length of user input. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61099, CSCvb86743.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-21T10:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-ace", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0302", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FXOS Software and UCS Fabric Interconnect unknown", version: { version_data: [ { version_value: "Cisco FXOS Software and UCS Fabric Interconnect unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could exploit this vulnerability by exceeding the expected length of user input. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61099, CSCvb86743.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-ace", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-ace", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0302", datePublished: "2018-06-21T11:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T14:59:13.685Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3120
Vulnerability from cvelistv5
Published
2020-02-05 17:50
Modified
2024-11-15 17:42
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos | vendor-advisory, x_refsource_CISCO | |
| http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XR Software |
Version: unspecified < 2.3.1.173 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.647Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3120", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:29:31.395421Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:42:14.893Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco IOS XR Software", vendor: "Cisco", versions: [ { lessThan: "2.3.1.173", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-05T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about the vulnerability that is described in this advisory. Cisco PSIRT is not aware of any malicious use of this vulnerability.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-05T18:06:04", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, ], source: { advisory: "cisco-sa-20200205-fxnxos-iosxr-cdp-dos", defect: [ [ "CSCvr14976", "CSCvr15024", "CSCvr15072", "CSCvr15073", "CSCvr15078", "CSCvr15079", "CSCvr15082", "CSCvr15083", "CSCvr15111", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-05T16:00:00-0800", ID: "CVE-2020-3120", STATE: "PUBLIC", TITLE: "Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco IOS XR Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "2.3.1.173", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about the vulnerability that is described in this advisory. Cisco PSIRT is not aware of any malicious use of this vulnerability.", }, ], impact: { cvss: { baseScore: "7.4", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-190", }, ], }, ], }, references: { reference_data: [ { name: "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos", }, { name: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, ], }, source: { advisory: "cisco-sa-20200205-fxnxos-iosxr-cdp-dos", defect: [ [ "CSCvr14976", "CSCvr15024", "CSCvr15072", "CSCvr15073", "CSCvr15078", "CSCvr15079", "CSCvr15082", "CSCvr15083", "CSCvr15111", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3120", datePublished: "2020-02-05T17:50:18.427416Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:42:14.893Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-20829
Vulnerability from cvelistv5
Published
2022-06-24 15:25
Modified
2024-11-01 19:01
Severity ?
EPSS score ?
Summary
A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. This vulnerability is due to insufficient validation of the authenticity of an ASDM image during its installation on a device that is running Cisco ASA Software. An attacker could exploit this vulnerability by installing a crafted ASDM image on the device that is running Cisco ASA Software and then waiting for a targeted user to access that device using ASDM. A successful exploit could allow the attacker to execute arbitrary code on the machine of the targeted user with the privileges of that user on that machine. Notes: To successfully exploit this vulnerability, the attacker must have administrative privileges on the device that is running Cisco ASA Software. Potential targets are limited to users who manage the same device that is running Cisco ASA Software using ASDM. Cisco has released and will release software updates that address this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-asdm-sig-NPKvwDjm | vendor-advisory, x_refsource_CISCO | |
| https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/ | x_refsource_MISC | |
| https://github.com/jbaines-r7/theway | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:24:49.930Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20220622 Cisco Adaptive Security Device Manager and Adaptive Security Appliance Software Client-side Arbitrary Code Execution Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-asdm-sig-NPKvwDjm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/jbaines-r7/theway", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-20829", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-01T18:42:49.142935Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-01T19:01:05.229Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Adaptive Security Appliance (ASA) Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2022-06-22T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. This vulnerability is due to insufficient validation of the authenticity of an ASDM image during its installation on a device that is running Cisco ASA Software. An attacker could exploit this vulnerability by installing a crafted ASDM image on the device that is running Cisco ASA Software and then waiting for a targeted user to access that device using ASDM. A successful exploit could allow the attacker to execute arbitrary code on the machine of the targeted user with the privileges of that user on that machine. Notes: To successfully exploit this vulnerability, the attacker must have administrative privileges on the device that is running Cisco ASA Software. Potential targets are limited to users who manage the same device that is running Cisco ASA Software using ASDM. Cisco has released and will release software updates that address this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-345", description: "CWE-345", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-16T16:45:43", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20220622 Cisco Adaptive Security Device Manager and Adaptive Security Appliance Software Client-side Arbitrary Code Execution Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-asdm-sig-NPKvwDjm", }, { tags: [ "x_refsource_MISC", ], url: "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/jbaines-r7/theway", }, ], source: { advisory: "cisco-sa-asa-asdm-sig-NPKvwDjm", defect: [ [ "CSCwb05264", "CSCwb05291", ], ], discovery: "INTERNAL", }, title: "Cisco Adaptive Security Device Manager and Adaptive Security Appliance Software Client-side Arbitrary Code Execution Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2022-06-22T16:00:00", ID: "CVE-2022-20829", STATE: "PUBLIC", TITLE: "Cisco Adaptive Security Device Manager and Adaptive Security Appliance Software Client-side Arbitrary Code Execution Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Adaptive Security Appliance (ASA) Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. This vulnerability is due to insufficient validation of the authenticity of an ASDM image during its installation on a device that is running Cisco ASA Software. An attacker could exploit this vulnerability by installing a crafted ASDM image on the device that is running Cisco ASA Software and then waiting for a targeted user to access that device using ASDM. A successful exploit could allow the attacker to execute arbitrary code on the machine of the targeted user with the privileges of that user on that machine. Notes: To successfully exploit this vulnerability, the attacker must have administrative privileges on the device that is running Cisco ASA Software. Potential targets are limited to users who manage the same device that is running Cisco ASA Software using ASDM. Cisco has released and will release software updates that address this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "9.1", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-345", }, ], }, ], }, references: { reference_data: [ { name: "20220622 Cisco Adaptive Security Device Manager and Adaptive Security Appliance Software Client-side Arbitrary Code Execution Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-asdm-sig-NPKvwDjm", }, { name: "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/", refsource: "MISC", url: "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/", }, { name: "https://github.com/jbaines-r7/theway", refsource: "MISC", url: "https://github.com/jbaines-r7/theway", }, ], }, source: { advisory: "cisco-sa-asa-asdm-sig-NPKvwDjm", defect: [ [ "CSCwb05264", "CSCwb05291", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2022-20829", datePublished: "2022-06-24T15:25:10.668661Z", dateReserved: "2021-11-02T00:00:00", dateUpdated: "2024-11-01T19:01:05.229Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-20751
Vulnerability from cvelistv5
Published
2022-05-03 03:15
Modified
2024-11-06 16:20
Severity ?
EPSS score ?
Summary
A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Firepower Threat Defense Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:24:49.350Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20220427 Cisco Firepower Threat Defense Software Snort Out of Memory Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-20751", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-06T16:01:36.401192Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-06T16:20:47.088Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Firepower Threat Defense Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2022-04-27T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-03T03:15:28", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20220427 Cisco Firepower Threat Defense Software Snort Out of Memory Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM", }, ], source: { advisory: "cisco-sa-ftd-snort-dos-hd2hFgM", defect: [ [ "CSCvu41615", ], ], discovery: "INTERNAL", }, title: "Cisco Firepower Threat Defense Software Snort Out of Memory Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2022-04-27T16:00:00", ID: "CVE-2022-20751", STATE: "PUBLIC", TITLE: "Cisco Firepower Threat Defense Software Snort Out of Memory Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Firepower Threat Defense Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition.", }, ], }, exploit: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.6", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-770", }, ], }, ], }, references: { reference_data: [ { name: "20220427 Cisco Firepower Threat Defense Software Snort Out of Memory Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM", }, ], }, source: { advisory: "cisco-sa-ftd-snort-dos-hd2hFgM", defect: [ [ "CSCvu41615", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2022-20751", datePublished: "2022-05-03T03:15:28.395288Z", dateReserved: "2021-11-02T00:00:00", dateUpdated: "2024-11-06T16:20:47.088Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1795
Vulnerability from cvelistv5
Published
2019-05-15 20:15
Modified
2024-11-20 17:20
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108479 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.777Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1795)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795", }, { name: "108479", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108479", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1795", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:54:37.609624Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:20:05.520Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-28T16:06:05", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1795)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795", }, { name: "108479", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108479", }, ], source: { advisory: "cisco-sa-20190515-nxos-cmdinj-1795", defect: [ [ "CSCvh20029", "CSCvh20359", "CSCvh66202", "CSCvh66214", "CSCvh66219", "CSCvh66243", "CSCvh66257", "CSCvh66259", "CSCvk30761", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1795", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1795)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795", }, { name: "108479", refsource: "BID", url: "http://www.securityfocus.com/bid/108479", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-cmdinj-1795", defect: [ [ "CSCvh20029", "CSCvh20359", "CSCvh66202", "CSCvh66214", "CSCvh66219", "CSCvh66243", "CSCvh66257", "CSCvh66259", "CSCvk30761", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1795", datePublished: "2019-05-15T20:15:17.287630Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:20:05.520Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20016
Vulnerability from cvelistv5
Published
2023-02-23 00:00
Modified
2024-10-25 16:04
Severity ?
EPSS score ?
Summary
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Managed) |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.614Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230223 Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20016", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:36:41.126540Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T16:04:01.210Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Unified Computing System (Managed) ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-02-23T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-321", description: "CWE-321", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-23T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230223 Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA", }, ], source: { advisory: "cisco-sa-ucsm-bkpsky-H8FCQgsA", defect: [ [ "CSCvm53827", "CSCwc01592", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20016", datePublished: "2023-02-23T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T16:04:01.210Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3167
Vulnerability from cvelistv5
Published
2020-02-26 16:51
Modified
2024-11-15 17:37
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.717Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200226 Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3167", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:56.860837Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:37:18.211Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Adaptive Security Appliance (ASA) Software", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-26T16:51:05", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200226 Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj", }, ], source: { advisory: "cisco-sa-20200226-fxos-ucs-cmdinj", defect: [ [ "CSCvo42628", "CSCvo42636", "CSCvp44264", "CSCvp44281", "CSCvr49734", "CSCvr58699", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-26T16:00:00-0800", ID: "CVE-2020-3167", STATE: "PUBLIC", TITLE: "Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Adaptive Security Appliance (ASA) Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.8", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-78", }, ], }, ], }, references: { reference_data: [ { name: "20200226 Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj", }, ], }, source: { advisory: "cisco-sa-20200226-fxos-ucs-cmdinj", defect: [ [ "CSCvo42628", "CSCvo42636", "CSCvp44264", "CSCvp44281", "CSCvr49734", "CSCvr58699", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3167", datePublished: "2020-02-26T16:51:05.960558Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:37:18.211Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34714
Vulnerability from cvelistv5
Published
2021-09-23 02:25
Modified
2024-11-07 21:59
Severity ?
EPSS score ?
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ | vendor-advisory, x_refsource_CISCO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:19:48.217Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210922 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-34714", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-07T21:40:36.961651Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-07T21:59:09.403Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco IOS", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-09-22T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-23T02:25:58", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210922 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", }, ], source: { advisory: "cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", defect: [ [ "CSCvw22670", "CSCvw26126", "CSCvw26127", "CSCvw26129", "CSCvw26130", "CSCvw26152", "CSCvw46194", "CSCvw46239", ], ], discovery: "INTERNAL", }, title: "Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-09-22T16:00:00", ID: "CVE-2021-34714", STATE: "PUBLIC", TITLE: "Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco IOS", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.4", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20210922 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", }, ], }, source: { advisory: "cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", defect: [ [ "CSCvw22670", "CSCvw26126", "CSCvw26127", "CSCvw26129", "CSCvw26130", "CSCvw26152", "CSCvw46194", "CSCvw46239", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-34714", datePublished: "2021-09-23T02:25:58.322621Z", dateReserved: "2021-06-15T00:00:00", dateUpdated: "2024-11-07T21:59:09.403Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1690
Vulnerability from cvelistv5
Published
2019-03-11 22:00
Modified
2024-11-21 19:42
Severity ?
EPSS score ?
Summary
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/107317 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) |
Version: unspecified < 4.2(0.21c) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:41.061Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "107317", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107317", }, { name: "20190306 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1690", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T18:59:59.996279Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T19:42:40.791Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Application Policy Infrastructure Controller (APIC)", vendor: "Cisco", versions: [ { lessThan: "4.2(0.21c)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-03-06T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-12T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "107317", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107317", }, { name: "20190306 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6", }, ], source: { advisory: "cisco-sa-20190306-apic-ipv6", defect: [ [ "CSCvn09855", ], ], discovery: "INTERNAL", }, title: "Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-03-06T16:00:00-0800", ID: "CVE-2019-1690", STATE: "PUBLIC", TITLE: "Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Application Policy Infrastructure Controller (APIC)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "4.2(0.21c)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.3", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284", }, ], }, ], }, references: { reference_data: [ { name: "107317", refsource: "BID", url: "http://www.securityfocus.com/bid/107317", }, { name: "20190306 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6", }, ], }, source: { advisory: "cisco-sa-20190306-apic-ipv6", defect: [ [ "CSCvn09855", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1690", datePublished: "2019-03-11T22:00:00Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-21T19:42:40.791Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20015
Vulnerability from cvelistv5
Published
2023-02-23 00:00
Modified
2024-10-28 16:33
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute unauthorized commands within the CLI. An attacker with Administrator privileges could also execute arbitrary commands on the underlying operating system of Cisco UCS 6400 and 6500 Series Fabric Interconnects with root-level privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Managed) |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.589Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230223 Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS Fabric Interconnects Command Injection Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxfp-cmdinj-XXBZjtR", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20015", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-28T16:19:24.685336Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-28T16:33:53.572Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Unified Computing System (Managed) ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-02-23T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute unauthorized commands within the CLI. An attacker with Administrator privileges could also execute arbitrary commands on the underlying operating system of Cisco UCS 6400 and 6500 Series Fabric Interconnects with root-level privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-23T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230223 Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS Fabric Interconnects Command Injection Vulnerability", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxfp-cmdinj-XXBZjtR", }, ], source: { advisory: "cisco-sa-nxfp-cmdinj-XXBZjtR", defect: [ [ "CSCwc52151", "CSCwd11206", "CSCwd11228", ], ], discovery: "INTERNAL", }, title: "Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS Fabric Interconnects Command Injection Vulnerability", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20015", datePublished: "2023-02-23T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-28T16:33:53.572Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0240
Vulnerability from cvelistv5
Published
2018-04-19 20:00
Modified
2024-11-29 15:17
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerabilities are due to logical errors during traffic inspection. An attacker could exploit these vulnerabilities by sending a high volume of malicious traffic across an affected device. An exploit could allow the attacker to cause a deadlock condition, resulting in a reload of an affected device. These vulnerabilities affect Cisco ASA Software and Cisco FTD Software configured for Application Layer Protocol Inspection running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1040722 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/103934 | vdb-entry, x_refsource_BID | |
| https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco Adaptive Security Appliance |
Version: Cisco Adaptive Security Appliance |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:14.947Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect", }, { name: "1040722", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040722", }, { name: "103934", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/103934", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0240", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:44:25.368518Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T15:17:08.486Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Adaptive Security Appliance", vendor: "n/a", versions: [ { status: "affected", version: "Cisco Adaptive Security Appliance", }, ], }, ], datePublic: "2018-04-19T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerabilities are due to logical errors during traffic inspection. An attacker could exploit these vulnerabilities by sending a high volume of malicious traffic across an affected device. An exploit could allow the attacker to cause a deadlock condition, resulting in a reload of an affected device. These vulnerabilities affect Cisco ASA Software and Cisco FTD Software configured for Application Layer Protocol Inspection running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-399", description: "CWE-399", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-07-05T17:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect", }, { name: "1040722", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040722", }, { name: "103934", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/103934", }, { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0240", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Adaptive Security Appliance", version: { version_data: [ { version_value: "Cisco Adaptive Security Appliance", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerabilities are due to logical errors during traffic inspection. An attacker could exploit these vulnerabilities by sending a high volume of malicious traffic across an affected device. An exploit could allow the attacker to cause a deadlock condition, resulting in a reload of an affected device. These vulnerabilities affect Cisco ASA Software and Cisco FTD Software configured for Application Layer Protocol Inspection running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-399", }, ], }, ], }, references: { reference_data: [ { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect", }, { name: "1040722", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040722", }, { name: "103934", refsource: "BID", url: "http://www.securityfocus.com/bid/103934", }, { name: "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0240", datePublished: "2018-04-19T20:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T15:17:08.486Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1779
Vulnerability from cvelistv5
Published
2019-05-15 19:40
Modified
2024-11-21 19:26
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108394 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.641Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1779)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779", }, { name: "108394", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108394", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1779", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T18:58:34.645310Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T19:26:22.386Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-21T17:06:03", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1779)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779", }, { name: "108394", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108394", }, ], source: { advisory: "cisco-sa-20190515-nxos-fxos-cmdinj-1779", defect: [ [ "CSCve51688", "CSCvh76126", "CSCvj00412", "CSCvj00416", "CSCvj00418", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1779", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.2", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1779)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779", }, { name: "108394", refsource: "BID", url: "http://www.securityfocus.com/bid/108394", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-fxos-cmdinj-1779", defect: [ [ "CSCve51688", "CSCvh76126", "CSCvj00412", "CSCvj00416", "CSCvj00418", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1779", datePublished: "2019-05-15T19:40:16.540228Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-21T19:26:22.386Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0303
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:58
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco FXOS and NX-OS unknown |
Version: Cisco FXOS and NX-OS unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:15.585Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041169", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0303", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:42:07.087359Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T14:58:54.149Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FXOS and NX-OS unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco FXOS and NX-OS unknown", }, ], }, ], datePublic: "2018-06-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-23T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041169", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0303", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FXOS and NX-OS unknown", version: { version_data: [ { version_value: "Cisco FXOS and NX-OS unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos", }, { name: "1041169", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041169", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0303", datePublished: "2018-06-21T11:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T14:58:54.149Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1649
Vulnerability from cvelistv5
Published
2019-05-13 19:10
Modified
2024-11-20 17:23
Severity ?
EPSS score ?
Summary
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot | vendor-advisory, x_refsource_CISCO | |
| https://www.kb.cert.org/vuls/id/400865 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securityfocus.com/bid/108350 | vdb-entry, x_refsource_BID | |
| https://www.us-cert.gov/ics/advisories/icsa-20-072-03 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Routers |
Version: unspecified < 16.12.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:20:28.350Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190513 Cisco Secure Boot Hardware Tampering Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot", }, { name: "VU#400865", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/400865", }, { name: "108350", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108350", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-072-03", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1649", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:55:08.575056Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:23:01.830Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Routers", vendor: "Cisco", versions: [ { lessThan: "16.12.1", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-13T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform.", }, ], exploits: [ { lang: "en", value: "This vulnerability was publicly disclosed by Red Balloon Security on May 13, 2019.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-26T02:22:29", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190513 Cisco Secure Boot Hardware Tampering Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot", }, { name: "VU#400865", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "https://www.kb.cert.org/vuls/id/400865", }, { name: "108350", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108350", }, { tags: [ "x_refsource_MISC", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-072-03", }, ], source: { advisory: "cisco-sa-20190513-secureboot", defect: [ [ "CSCvn77141", "CSCvn77142", "CSCvn77143", "CSCvn77147", "CSCvn77150", "CSCvn77151", "CSCvn77152", "CSCvn77153", "CSCvn77154", "CSCvn77155", "CSCvn77156", "CSCvn77158", "CSCvn77159", "CSCvn77160", "CSCvn77162", "CSCvn77166", "CSCvn77167", "CSCvn77168", "CSCvn77169", "CSCvn77170", "CSCvn77171", "CSCvn77172", "CSCvn77175", "CSCvn77178", "CSCvn77180", "CSCvn77181", "CSCvn77182", "CSCvn77183", "CSCvn77184", "CSCvn77185", "CSCvn77191", "CSCvn77201", "CSCvn77202", "CSCvn77205", "CSCvn77207", "CSCvn77209", "CSCvn77212", "CSCvn77219", "CSCvn77220", "CSCvn77222", "CSCvn77245", "CSCvn77246", "CSCvn77248", "CSCvn77249", "CSCvn89137", "CSCvn89138", "CSCvn89140", "CSCvn89143", "CSCvn89144", "CSCvn89145", "CSCvn89146", "CSCvn89150", "CSCvp42792", ], ], discovery: "INTERNAL", }, title: "Cisco Secure Boot Hardware Tampering Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-13T17:30:00-0700", ID: "CVE-2019-1649", STATE: "PUBLIC", TITLE: "Cisco Secure Boot Hardware Tampering Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Routers", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "16.12.1", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform.", }, ], }, exploit: [ { lang: "en", value: "This vulnerability was publicly disclosed by Red Balloon Security on May 13, 2019.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284", }, ], }, ], }, references: { reference_data: [ { name: "20190513 Cisco Secure Boot Hardware Tampering Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot", }, { name: "VU#400865", refsource: "CERT-VN", url: "https://www.kb.cert.org/vuls/id/400865", }, { name: "108350", refsource: "BID", url: "http://www.securityfocus.com/bid/108350", }, { name: "https://www.us-cert.gov/ics/advisories/icsa-20-072-03", refsource: "MISC", url: "https://www.us-cert.gov/ics/advisories/icsa-20-072-03", }, ], }, source: { advisory: "cisco-sa-20190513-secureboot", defect: [ [ "CSCvn77141", "CSCvn77142", "CSCvn77143", "CSCvn77147", "CSCvn77150", "CSCvn77151", "CSCvn77152", "CSCvn77153", "CSCvn77154", "CSCvn77155", "CSCvn77156", "CSCvn77158", "CSCvn77159", "CSCvn77160", "CSCvn77162", "CSCvn77166", "CSCvn77167", "CSCvn77168", "CSCvn77169", "CSCvn77170", "CSCvn77171", "CSCvn77172", "CSCvn77175", "CSCvn77178", "CSCvn77180", "CSCvn77181", "CSCvn77182", "CSCvn77183", "CSCvn77184", "CSCvn77185", "CSCvn77191", "CSCvn77201", "CSCvn77202", "CSCvn77205", "CSCvn77207", "CSCvn77209", "CSCvn77212", "CSCvn77219", "CSCvn77220", "CSCvn77222", "CSCvn77245", "CSCvn77246", "CSCvn77248", "CSCvn77249", "CSCvn89137", "CSCvn89138", "CSCvn89140", "CSCvn89143", "CSCvn89144", "CSCvn89145", "CSCvn89146", "CSCvn89150", "CSCvp42792", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1649", datePublished: "2019-05-13T19:10:14.147871Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:23:01.830Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3459
Vulnerability from cvelistv5
Published
2020-10-21 18:35
Modified
2024-11-13 17:49
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-b63rwKPm | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Firepower Extensible Operating System (FXOS) |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:37:54.127Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20201021 Cisco FXOS Software for Firepower 4100/9300 Series Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-b63rwKPm", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3459", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:17:25.426580Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T17:49:25.983Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Firepower Extensible Operating System (FXOS)", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-10-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-21T18:35:59", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20201021 Cisco FXOS Software for Firepower 4100/9300 Series Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-b63rwKPm", }, ], source: { advisory: "cisco-sa-fxos-cmdinj-b63rwKPm", defect: [ [ "CSCvt65399", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS Software for Firepower 4100/9300 Series Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-10-21T16:00:00", ID: "CVE-2020-3459", STATE: "PUBLIC", TITLE: "Cisco FXOS Software for Firepower 4100/9300 Series Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Firepower Extensible Operating System (FXOS)", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-78", }, ], }, ], }, references: { reference_data: [ { name: "20201021 Cisco FXOS Software for Firepower 4100/9300 Series Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-b63rwKPm", }, ], }, source: { advisory: "cisco-sa-fxos-cmdinj-b63rwKPm", defect: [ [ "CSCvt65399", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3459", datePublished: "2020-10-21T18:35:59.759359Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T17:49:25.983Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-20795
Vulnerability from cvelistv5
Published
2022-04-21 18:50
Modified
2024-11-06 16:22
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:24:49.655Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20220420 Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-20795", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-06T16:01:40.319401Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-06T16:22:08.505Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Adaptive Security Appliance (ASA) Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2022-04-20T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-345", description: "CWE-345", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-21T18:50:50", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20220420 Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV", }, ], source: { advisory: "cisco-sa-vpndtls-dos-TunzLEV", defect: [ [ "CSCvz09106", ], ], discovery: "INTERNAL", }, title: "Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2022-04-20T16:00:00", ID: "CVE-2022-20795", STATE: "PUBLIC", TITLE: "Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Adaptive Security Appliance (ASA) Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.", }, ], impact: { cvss: { baseScore: "5.8", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-345", }, ], }, ], }, references: { reference_data: [ { name: "20220420 Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV", }, ], }, source: { advisory: "cisco-sa-vpndtls-dos-TunzLEV", defect: [ [ "CSCvz09106", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2022-20795", datePublished: "2022-04-21T18:50:51.145597Z", dateReserved: "2021-11-02T00:00:00", dateUpdated: "2024-11-06T16:22:08.505Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1963
Vulnerability from cvelistv5
Published
2019-08-28 18:50
Modified
2024-11-21 19:15
Severity ?
EPSS score ?
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Managed) |
Version: unspecified < 8.4(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:35:51.823Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190828 Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1963", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T18:57:11.615078Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T19:15:22.318Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Unified Computing System (Managed)", vendor: "Cisco", versions: [ { lessThan: "8.4(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-08-28T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-28T18:50:15", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190828 Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos", }, ], source: { advisory: "cisco-sa-20190828-fxnxos-snmp-dos", defect: [ [ "CSCvn13270", "CSCvn23529", "CSCvn23531", "CSCvn23532", "CSCvn23534", "CSCvn23535", "CSCvn23536", "CSCvn23537", "CSCvn23538", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-08-28T16:00:00-0700", ID: "CVE-2019-1963", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Unified Computing System (Managed)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.4(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.7", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20190828 Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos", }, ], }, source: { advisory: "cisco-sa-20190828-fxnxos-snmp-dos", defect: [ [ "CSCvn13270", "CSCvn23529", "CSCvn23531", "CSCvn23532", "CSCvn23534", "CSCvn23535", "CSCvn23536", "CSCvn23537", "CSCvn23538", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1963", datePublished: "2019-08-28T18:50:15.502235Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-21T19:15:22.318Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0331
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:57
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco FXOS, NX-OS, and UCS Manager unknown |
Version: Cisco FXOS, NX-OS, and UCS Manager unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:14.780Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041169", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0331", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:37:35.507766Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T14:57:02.830Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FXOS, NX-OS, and UCS Manager unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco FXOS, NX-OS, and UCS Manager unknown", }, ], }, ], datePublic: "2018-06-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-399", description: "CWE-399", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-23T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041169", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0331", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FXOS, NX-OS, and UCS Manager unknown", version: { version_data: [ { version_value: "Cisco FXOS, NX-OS, and UCS Manager unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-399", }, ], }, ], }, references: { reference_data: [ { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp", }, { name: "1041169", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041169", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0331", datePublished: "2018-06-21T11:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T14:57:02.830Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-12674
Vulnerability from cvelistv5
Published
2019-10-02 19:06
Modified
2024-11-20 17:08
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Firepower Threat Defense Software |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:24:39.185Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20191002 Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-12674", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:51:38.594400Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:08:58.524Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Firepower Threat Defense Software", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-10-02T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-216", description: "CWE-216", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-02T19:06:38", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20191002 Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc", }, ], source: { advisory: "cisco-sa-20191002-ftd-container-esc", defect: [ [ "CSCvm14296", "CSCvo83194", ], ], discovery: "INTERNAL", }, title: "Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-10-02T16:00:00-0700", ID: "CVE-2019-12674", STATE: "PUBLIC", TITLE: "Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Firepower Threat Defense Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "8.2", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-216", }, ], }, ], }, references: { reference_data: [ { name: "20191002 Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc", }, ], }, source: { advisory: "cisco-sa-20191002-ftd-container-esc", defect: [ [ "CSCvm14296", "CSCvo83194", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-12674", datePublished: "2019-10-02T19:06:38.169044Z", dateReserved: "2019-06-04T00:00:00", dateUpdated: "2024-11-20T17:08:58.524Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1448
Vulnerability from cvelistv5
Published
2021-04-29 17:30
Modified
2024-11-08 23:24
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. This vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Firepower Threat Defense Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:11:17.353Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210428 Cisco Firepower Threat Defense Software Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1448", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-08T20:18:37.949107Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-08T23:24:30.811Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Firepower Threat Defense Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-04-28T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. This vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-29T17:30:33", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210428 Cisco Firepower Threat Defense Software Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT", }, ], source: { advisory: "cisco-sa-ftd-cmdinj-vWY5wqZT", defect: [ [ "CSCvt74832", "CSCvv78677", ], ], discovery: "INTERNAL", }, title: "Cisco Firepower Threat Defense Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-04-28T16:00:00", ID: "CVE-2021-1448", STATE: "PUBLIC", TITLE: "Cisco Firepower Threat Defense Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Firepower Threat Defense Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. This vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.8", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20210428 Cisco Firepower Threat Defense Software Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT", }, ], }, source: { advisory: "cisco-sa-ftd-cmdinj-vWY5wqZT", defect: [ [ "CSCvt74832", "CSCvv78677", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1448", datePublished: "2021-04-29T17:30:33.849115Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-08T23:24:30.811Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3166
Vulnerability from cvelistv5
Published
2020-02-26 16:51
Modified
2024-11-15 17:37
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to a specific CLI command. A successful exploit could allow the attacker to read or write to arbitrary files on the underlying OS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-cli-file | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Firepower Extensible Operating System (FXOS) |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.654Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200226 Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-cli-file", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3166", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:29:15.961494Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:37:05.421Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Firepower Extensible Operating System (FXOS)", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to a specific CLI command. A successful exploit could allow the attacker to read or write to arbitrary files on the underlying OS.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-26T16:51:11", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200226 Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-cli-file", }, ], source: { advisory: "cisco-sa-20200226-fxos-cli-file", defect: [ [ "CSCvo42637", "CSCvr09748", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-26T16:00:00-0800", ID: "CVE-2020-3166", STATE: "PUBLIC", TITLE: "Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Firepower Extensible Operating System (FXOS)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to a specific CLI command. A successful exploit could allow the attacker to read or write to arbitrary files on the underlying OS.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.2", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20200226 Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-cli-file", }, ], }, source: { advisory: "cisco-sa-20200226-fxos-cli-file", defect: [ [ "CSCvo42637", "CSCvr09748", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3166", datePublished: "2020-02-26T16:51:11.143878Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:37:05.421Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3171
Vulnerability from cvelistv5
Published
2020-02-26 16:50
Modified
2024-11-15 17:38
Severity ?
EPSS score ?
Summary
A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cli-cmdinj | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.702Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200226 Cisco FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cli-cmdinj", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3171", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:59.539855Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:38:05.029Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Adaptive Security Appliance (ASA) Software", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-26T16:50:46", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200226 Cisco FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cli-cmdinj", }, ], source: { advisory: "cisco-sa-20200226-fxos-ucs-cli-cmdinj", defect: [ [ "CSCvo42634", "CSCvo42654", "CSCvp44202", "CSCvp44232", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-26T16:00:00-0800", ID: "CVE-2020-3171", STATE: "PUBLIC", TITLE: "Cisco FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Adaptive Security Appliance (ASA) Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.8", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-78", }, ], }, ], }, references: { reference_data: [ { name: "20200226 Cisco FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cli-cmdinj", }, ], }, source: { advisory: "cisco-sa-20200226-fxos-ucs-cli-cmdinj", defect: [ [ "CSCvo42634", "CSCvo42654", "CSCvp44202", "CSCvp44232", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3171", datePublished: "2020-02-26T16:50:46.086693Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:38:05.029Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3457
Vulnerability from cvelistv5
Published
2020-10-21 18:36
Modified
2024-11-13 17:49
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:37:54.092Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20201021 Cisco FXOS Software Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3457", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:17:22.294952Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T17:49:07.352Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Adaptive Security Appliance (ASA) Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-10-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-21T18:36:09", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20201021 Cisco FXOS Software Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr", }, ], source: { advisory: "cisco-sa-fxos-cmdinj-pqZvmXCr", defect: [ [ "CSCvt69369", "CSCvt74037", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-10-21T16:00:00", ID: "CVE-2020-3457", STATE: "PUBLIC", TITLE: "Cisco FXOS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Adaptive Security Appliance (ASA) Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-78", }, ], }, ], }, references: { reference_data: [ { name: "20201021 Cisco FXOS Software Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr", }, ], }, source: { advisory: "cisco-sa-fxos-cmdinj-pqZvmXCr", defect: [ [ "CSCvt69369", "CSCvt74037", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3457", datePublished: "2020-10-21T18:36:10.064433Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T17:49:07.352Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1782
Vulnerability from cvelistv5
Published
2019-05-15 19:45
Modified
2024-11-20 17:20
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108407 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.805Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108407", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1782", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:54:46.135024Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:20:56.298Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-22T13:06:04", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108407", }, ], source: { advisory: "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", defect: [ [ "CSCvh20027", "CSCvh20389", "CSCvi01445", "CSCvi01448", "CSCvi91985", "CSCvi92126", "CSCvi92128", "CSCvi92129", "CSCvi92130", "CSCvi96522", "CSCvi96524", "CSCvi96525", "CSCvi96526", "CSCvi96527", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1782", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", refsource: "BID", url: "http://www.securityfocus.com/bid/108407", }, ], }, source: { advisory: "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", defect: [ [ "CSCvh20027", "CSCvh20389", "CSCvi01445", "CSCvi01448", "CSCvi91985", "CSCvi92126", "CSCvi92128", "CSCvi92129", "CSCvi92130", "CSCvi96522", "CSCvi96524", "CSCvi96525", "CSCvi96526", "CSCvi96527", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1782", datePublished: "2019-05-15T19:45:19.350442Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:20:56.298Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-20828
Vulnerability from cvelistv5
Published
2022-06-24 15:25
Modified
2024-11-01 19:00
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco FirePOWER Services Software for ASA |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:24:50.067Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20220622 Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asasfr-cmd-inject-PE4GfdG", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/168256/Cisco-ASA-X-With-FirePOWER-Services-Authenticated-Command-Injection.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-20828", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-01T18:42:47.498802Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-01T19:00:55.956Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FirePOWER Services Software for ASA", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2022-06-22T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-236", description: "CWE-236", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-05T16:06:12", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20220622 Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asasfr-cmd-inject-PE4GfdG", }, { tags: [ "x_refsource_MISC", ], url: "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/168256/Cisco-ASA-X-With-FirePOWER-Services-Authenticated-Command-Injection.html", }, ], source: { advisory: "cisco-sa-asasfr-cmd-inject-PE4GfdG", defect: [ [ "CSCwb32418", ], ], discovery: "INTERNAL", }, title: "Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2022-06-22T23:00:00", ID: "CVE-2022-20828", STATE: "PUBLIC", TITLE: "Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FirePOWER Services Software for ASA", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA.", }, ], }, exploit: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.5", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-236", }, ], }, ], }, references: { reference_data: [ { name: "20220622 Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asasfr-cmd-inject-PE4GfdG", }, { name: "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/", refsource: "MISC", url: "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/", }, { name: "http://packetstormsecurity.com/files/168256/Cisco-ASA-X-With-FirePOWER-Services-Authenticated-Command-Injection.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/168256/Cisco-ASA-X-With-FirePOWER-Services-Authenticated-Command-Injection.html", }, ], }, source: { advisory: "cisco-sa-asasfr-cmd-inject-PE4GfdG", defect: [ [ "CSCwb32418", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2022-20828", datePublished: "2022-06-24T15:25:16.277268Z", dateReserved: "2021-11-02T00:00:00", dateUpdated: "2024-11-01T19:00:55.956Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0311
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:57
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco FXOS and NX-OS unknown |
Version: Cisco FXOS and NX-OS unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:15.129Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041169", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0311", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:43:38.619660Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T14:57:32.415Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FXOS and NX-OS unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco FXOS and NX-OS unknown", }, ], }, ], datePublic: "2018-06-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-399", description: "CWE-399", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-23T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041169", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0311", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FXOS and NX-OS unknown", version: { version_data: [ { version_value: "Cisco FXOS and NX-OS unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-399", }, ], }, ], }, references: { reference_data: [ { name: "1041169", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041169", }, { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0311", datePublished: "2018-06-21T11:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T14:57:32.415Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0310
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:57
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco FXOS and NX-OS unknown |
Version: Cisco FXOS and NX-OS unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:15.282Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041169", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0310", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:45:33.591091Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T14:57:46.193Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FXOS and NX-OS unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco FXOS and NX-OS unknown", }, ], }, ], datePublic: "2018-06-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-399", description: "CWE-399", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-23T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041169", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0310", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FXOS and NX-OS unknown", version: { version_data: [ { version_value: "Cisco FXOS and NX-OS unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-399", }, ], }, ], }, references: { reference_data: [ { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos", }, { name: "1041169", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041169", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0310", datePublished: "2018-06-21T11:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T14:57:46.193Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1858
Vulnerability from cvelistv5
Published
2019-05-16 01:20
Modified
2024-11-19 19:07
Severity ?
EPSS score ?
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108358 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Firepower Extensible Operating System (FXOS) |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.870Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos", }, { name: "108358", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108358", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1858", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-19T17:24:11.424585Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-19T19:07:01.018Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Firepower Extensible Operating System (FXOS)", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-17T07:06:02", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos", }, { name: "108358", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108358", }, ], source: { advisory: "cisco-sa-20190515-nxos-snmp-dos", defect: [ [ "CSCvc58707", "CSCvd45657", "CSCvn19457", "CSCvn19463", "CSCvn19464", "CSCvn19465", "CSCvn19468", "CSCvn19483", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1858", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Firepower Extensible Operating System (FXOS)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.6", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos", }, { name: "108358", refsource: "BID", url: "http://www.securityfocus.com/bid/108358", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-snmp-dos", defect: [ [ "CSCvc58707", "CSCvd45657", "CSCvn19457", "CSCvn19463", "CSCvn19464", "CSCvn19465", "CSCvn19468", "CSCvn19483", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1858", datePublished: "2019-05-16T01:20:22.764484Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-19T19:07:01.018Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-20625
Vulnerability from cvelistv5
Published
2022-02-23 17:40
Modified
2024-11-06 16:29
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of Cisco Discovery Protocol messages that are processed by the Cisco Discovery Protocol service. An attacker could exploit this vulnerability by sending a series of malicious Cisco Discovery Protocol messages to an affected device. A successful exploit could allow the attacker to cause the Cisco Discovery Protocol service to fail and restart. In rare conditions, repeated failures of the process could occur, which could cause the entire device to restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdp-dos-G8DPLWYG | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:17:52.933Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20220223 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdp-dos-G8DPLWYG", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-20625", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-06T15:59:11.678425Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-06T16:29:50.135Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2022-02-23T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of Cisco Discovery Protocol messages that are processed by the Cisco Discovery Protocol service. An attacker could exploit this vulnerability by sending a series of malicious Cisco Discovery Protocol messages to an affected device. A successful exploit could allow the attacker to cause the Cisco Discovery Protocol service to fail and restart. In rare conditions, repeated failures of the process could occur, which could cause the entire device to restart.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-399", description: "CWE-399", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-23T17:40:15", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20220223 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdp-dos-G8DPLWYG", }, ], source: { advisory: "cisco-sa-cdp-dos-G8DPLWYG", defect: [ [ "CSCvz72442", "CSCvz72462", "CSCvz72463", "CSCvz72464", "CSCvz72465", "CSCvz72466", "CSCvz72467", "CSCvz74433", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2022-02-23T16:00:00", ID: "CVE-2022-20625", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of Cisco Discovery Protocol messages that are processed by the Cisco Discovery Protocol service. An attacker could exploit this vulnerability by sending a series of malicious Cisco Discovery Protocol messages to an affected device. A successful exploit could allow the attacker to cause the Cisco Discovery Protocol service to fail and restart. In rare conditions, repeated failures of the process could occur, which could cause the entire device to restart.", }, ], }, exploit: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.3", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-399", }, ], }, ], }, references: { reference_data: [ { name: "20220223 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdp-dos-G8DPLWYG", }, ], }, source: { advisory: "cisco-sa-cdp-dos-G8DPLWYG", defect: [ [ "CSCvz72442", "CSCvz72462", "CSCvz72463", "CSCvz72464", "CSCvz72465", "CSCvz72466", "CSCvz72467", "CSCvz74433", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2022-20625", datePublished: "2022-02-23T17:40:15.926880Z", dateReserved: "2021-11-02T00:00:00", dateUpdated: "2024-11-06T16:29:50.135Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3571
Vulnerability from cvelistv5
Published
2020-10-21 18:40
Modified
2024-11-13 17:46
Severity ?
EPSS score ?
Summary
A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation upon receiving ICMP packets. An attacker could exploit this vulnerability by sending a high number of crafted ICMP or ICMPv6 packets to an affected device. A successful exploit could allow the attacker to cause a memory exhaustion condition that may result in an unexpected reload. No manual intervention is needed to recover the device after the reload.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Firepower Threat Defense Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:37:55.489Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20201021 Cisco Firepower 4110 ICMP Flood Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3571", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:12:16.266699Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T17:46:50.965Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Firepower Threat Defense Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-10-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation upon receiving ICMP packets. An attacker could exploit this vulnerability by sending a high number of crafted ICMP or ICMPv6 packets to an affected device. A successful exploit could allow the attacker to cause a memory exhaustion condition that may result in an unexpected reload. No manual intervention is needed to recover the device after the reload.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-21T18:40:47", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20201021 Cisco Firepower 4110 ICMP Flood Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM", }, ], source: { advisory: "cisco-sa-ftd-icmp-dos-hxxcycM", defect: [ [ "CSCvt09940", ], ], discovery: "INTERNAL", }, title: "Cisco Firepower 4110 ICMP Flood Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-10-21T16:00:00", ID: "CVE-2020-3571", STATE: "PUBLIC", TITLE: "Cisco Firepower 4110 ICMP Flood Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Firepower Threat Defense Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation upon receiving ICMP packets. An attacker could exploit this vulnerability by sending a high number of crafted ICMP or ICMPv6 packets to an affected device. A successful exploit could allow the attacker to cause a memory exhaustion condition that may result in an unexpected reload. No manual intervention is needed to recover the device after the reload.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.6", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-400", }, ], }, ], }, references: { reference_data: [ { name: "20201021 Cisco Firepower 4110 ICMP Flood Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM", }, ], }, source: { advisory: "cisco-sa-ftd-icmp-dos-hxxcycM", defect: [ [ "CSCvt09940", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3571", datePublished: "2020-10-21T18:40:48.022255Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T17:46:50.965Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-12675
Vulnerability from cvelistv5
Published
2019-10-02 19:06
Modified
2024-11-20 17:08
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Firepower Threat Defense Software |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:24:39.211Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20191002 Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-12675", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:51:36.927165Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:08:49.643Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Firepower Threat Defense Software", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-10-02T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-216", description: "CWE-216", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-02T19:06:38", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20191002 Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc", }, ], source: { advisory: "cisco-sa-20191002-ftd-container-esc", defect: [ [ "CSCvm14296", "CSCvo83194", ], ], discovery: "INTERNAL", }, title: "Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-10-02T16:00:00-0700", ID: "CVE-2019-12675", STATE: "PUBLIC", TITLE: "Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Firepower Threat Defense Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "8.2", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-216", }, ], }, ], }, references: { reference_data: [ { name: "20191002 Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc", }, ], }, source: { advisory: "cisco-sa-20191002-ftd-container-esc", defect: [ [ "CSCvm14296", "CSCvo83194", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-12675", datePublished: "2019-10-02T19:06:38.596452Z", dateReserved: "2019-06-04T00:00:00", dateUpdated: "2024-11-20T17:08:49.643Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-20865
Vulnerability from cvelistv5
Published
2022-08-25 18:40
Modified
2024-11-06 16:07
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The attacker would need to have Administrator privileges on the device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-TxcLNZNH | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Firepower Extensible Operating System (FXOS) |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:24:50.182Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20220824 Cisco FXOS Software Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-TxcLNZNH", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-20865", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-06T16:00:03.561463Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-06T16:07:46.975Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Firepower Extensible Operating System (FXOS)", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2022-08-24T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The attacker would need to have Administrator privileges on the device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-25T18:40:16", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20220824 Cisco FXOS Software Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-TxcLNZNH", }, ], source: { advisory: "cisco-sa-fxos-cmdinj-TxcLNZNH", defect: [ [ "CSCwc38361", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2022-08-24T16:00:00", ID: "CVE-2022-20865", STATE: "PUBLIC", TITLE: "Cisco FXOS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Firepower Extensible Operating System (FXOS)", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The attacker would need to have Administrator privileges on the device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-78", }, ], }, ], }, references: { reference_data: [ { name: "20220824 Cisco FXOS Software Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-TxcLNZNH", }, ], }, source: { advisory: "cisco-sa-fxos-cmdinj-TxcLNZNH", defect: [ [ "CSCwc38361", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2022-20865", datePublished: "2022-08-25T18:40:16.485342Z", dateReserved: "2021-11-02T00:00:00", dateUpdated: "2024-11-06T16:07:46.975Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1781
Vulnerability from cvelistv5
Published
2019-05-15 19:45
Modified
2024-11-20 17:20
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108407 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.734Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108407", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1781", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:54:44.395123Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:20:46.849Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-22T13:06:04", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108407", }, ], source: { advisory: "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", defect: [ [ "CSCvh20027", "CSCvh20389", "CSCvi01445", "CSCvi01448", "CSCvi91985", "CSCvi92126", "CSCvi92128", "CSCvi92129", "CSCvi92130", "CSCvi96522", "CSCvi96524", "CSCvi96525", "CSCvi96526", "CSCvi96527", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1781", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", refsource: "BID", url: "http://www.securityfocus.com/bid/108407", }, ], }, source: { advisory: "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", defect: [ [ "CSCvh20027", "CSCvh20389", "CSCvi01445", "CSCvi01448", "CSCvi91985", "CSCvi92126", "CSCvi92128", "CSCvi92129", "CSCvi92130", "CSCvi96522", "CSCvi96524", "CSCvi96525", "CSCvi96526", "CSCvi96527", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1781", datePublished: "2019-05-15T19:45:27.562921Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:20:46.849Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-12696
Vulnerability from cvelistv5
Published
2019-10-02 19:06
Modified
2024-11-19 18:54
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco FireSIGHT System Software |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:24:39.212Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20191002 Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-12696", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-19T17:22:46.375774Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-19T18:54:19.560Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FireSIGHT System Software", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-10-02T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-693", description: "CWE-693", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-02T19:06:47", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20191002 Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass", }, ], source: { advisory: "cisco-sa-20191002-firepwr-bypass", defect: [ [ "CSCvo70545", "CSCvp66222", ], ], discovery: "INTERNAL", }, title: "Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-10-02T16:00:00-0700", ID: "CVE-2019-12696", STATE: "PUBLIC", TITLE: "Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FireSIGHT System Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "5.8", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-693", }, ], }, ], }, references: { reference_data: [ { name: "20191002 Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass", }, ], }, source: { advisory: "cisco-sa-20191002-firepwr-bypass", defect: [ [ "CSCvo70545", "CSCvp66222", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-12696", datePublished: "2019-10-02T19:06:47.817589Z", dateReserved: "2019-06-04T00:00:00", dateUpdated: "2024-11-19T18:54:19.560Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0298
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 15:00
Severity ?
EPSS score ?
Summary
A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet directed to the physical management interface of an affected system. A successful exploit could allow the attacker to cause the process to crash and possibly reload the device, resulting in a denial of service (DoS) condition on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco FXOS Software and UCS Fabric Interconnect unknown |
Version: Cisco FXOS Software and UCS Fabric Interconnect unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:14.834Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0298", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:43:41.574159Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T15:00:01.619Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FXOS Software and UCS Fabric Interconnect unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco FXOS Software and UCS Fabric Interconnect unknown", }, ], }, ], datePublic: "2018-06-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet directed to the physical management interface of an affected system. A successful exploit could allow the attacker to cause the process to crash and possibly reload the device, resulting in a denial of service (DoS) condition on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-21T10:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0298", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FXOS Software and UCS Fabric Interconnect unknown", version: { version_data: [ { version_value: "Cisco FXOS Software and UCS Fabric Interconnect unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet directed to the physical management interface of an affected system. A successful exploit could allow the attacker to cause the process to crash and possibly reload the device, resulting in a denial of service (DoS) condition on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0298", datePublished: "2018-06-21T11:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T15:00:01.619Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0300
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:59
Severity ?
EPSS score ?
Summary
A vulnerability in the process of uploading new application images to Cisco FXOS on the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker using path traversal techniques to create or overwrite arbitrary files on an affected device. The vulnerability is due to insufficient validation during the application image upload process. An attacker could exploit this vulnerability by creating an application image containing malicious code and installing the image on the affected device using the CLI or web-based user interface (web UI). These actions occur prior to signature verification and could allow the attacker to create and execute arbitrary code with root privileges. Note: A missing or invalid signature in the application image will cause the upload process to fail, but does not prevent the exploit. Cisco Bug IDs: CSCvc21901.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepwr-pt | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance unknown |
Version: Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:15.517Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041169", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepwr-pt", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0300", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:42:10.223734Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T14:59:29.449Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance unknown", }, ], }, ], datePublic: "2018-06-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the process of uploading new application images to Cisco FXOS on the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker using path traversal techniques to create or overwrite arbitrary files on an affected device. The vulnerability is due to insufficient validation during the application image upload process. An attacker could exploit this vulnerability by creating an application image containing malicious code and installing the image on the affected device using the CLI or web-based user interface (web UI). These actions occur prior to signature verification and could allow the attacker to create and execute arbitrary code with root privileges. Note: A missing or invalid signature in the application image will cause the upload process to fail, but does not prevent the exploit. Cisco Bug IDs: CSCvc21901.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-23T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041169", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepwr-pt", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0300", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance unknown", version: { version_data: [ { version_value: "Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the process of uploading new application images to Cisco FXOS on the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker using path traversal techniques to create or overwrite arbitrary files on an affected device. The vulnerability is due to insufficient validation during the application image upload process. An attacker could exploit this vulnerability by creating an application image containing malicious code and installing the image on the affected device using the CLI or web-based user interface (web UI). These actions occur prior to signature verification and could allow the attacker to create and execute arbitrary code with root privileges. Note: A missing or invalid signature in the application image will cause the upload process to fail, but does not prevent the exploit. Cisco Bug IDs: CSCvc21901.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-22", }, ], }, ], }, references: { reference_data: [ { name: "1041169", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041169", }, { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepwr-pt", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepwr-pt", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0300", datePublished: "2018-06-21T11:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T14:59:29.449Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20234
Vulnerability from cvelistv5
Published
2023-08-23 18:21
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files.
The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: 9.8.2 Version: 9.8.2.8 Version: 9.8.2.14 Version: 9.8.2.15 Version: 9.8.2.17 Version: 9.8.2.20 Version: 9.8.2.24 Version: 9.8.2.26 Version: 9.8.2.28 Version: 9.8.2.33 Version: 9.8.2.35 Version: 9.8.2.38 Version: 9.8.3.8 Version: 9.8.3.11 Version: 9.8.3.14 Version: 9.8.3.16 Version: 9.8.3.18 Version: 9.8.3.21 Version: 9.8.3 Version: 9.8.3.26 Version: 9.8.3.29 Version: 9.8.4 Version: 9.8.4.3 Version: 9.8.4.7 Version: 9.8.4.8 Version: 9.8.4.10 Version: 9.8.4.12 Version: 9.8.4.15 Version: 9.8.4.17 Version: 9.8.4.25 Version: 9.8.4.20 Version: 9.8.4.22 Version: 9.8.4.26 Version: 9.8.4.29 Version: 9.8.4.32 Version: 9.8.4.34 Version: 9.8.4.35 Version: 9.8.4.39 Version: 9.8.4.40 Version: 9.8.4.41 Version: 9.8.4.43 Version: 9.8.4.44 Version: 9.8.4.45 Version: 9.8.4.46 Version: 9.8.4.48 Version: 9.12.1 Version: 9.12.1.2 Version: 9.12.1.3 Version: 9.12.2 Version: 9.12.2.5 Version: 9.12.2.9 Version: 9.12.3 Version: 9.12.3.2 Version: 9.12.3.7 Version: 9.12.4 Version: 9.12.3.12 Version: 9.12.3.9 Version: 9.12.2.1 Version: 9.12.4.2 Version: 9.12.4.4 Version: 9.12.4.7 Version: 9.12.4.10 Version: 9.12.4.13 Version: 9.12.4.8 Version: 9.12.4.18 Version: 9.12.4.24 Version: 9.12.4.26 Version: 9.12.4.29 Version: 9.12.4.30 Version: 9.12.4.35 Version: 9.12.4.37 Version: 9.12.4.38 Version: 9.12.4.39 Version: 9.12.4.40 Version: 9.12.4.41 Version: 9.12.4.47 Version: 9.12.4.48 Version: 9.12.4.50 Version: 9.12.4.52 Version: 9.12.4.54 Version: 9.12.4.55 Version: 9.12.4.56 Version: 9.14.1 Version: 9.14.1.10 Version: 9.14.1.15 Version: 9.14.1.19 Version: 9.14.1.30 Version: 9.14.2 Version: 9.14.2.4 Version: 9.14.2.8 Version: 9.14.2.13 Version: 9.14.2.15 Version: 9.14.3 Version: 9.14.3.1 Version: 9.14.3.9 Version: 9.14.3.11 Version: 9.14.3.13 Version: 9.14.3.18 Version: 9.14.3.15 Version: 9.14.4 Version: 9.14.4.6 Version: 9.14.4.7 Version: 9.14.4.12 Version: 9.14.4.13 Version: 9.14.4.14 Version: 9.14.4.15 Version: 9.14.4.17 Version: 9.14.4.22 Version: 9.15.1 Version: 9.15.1.7 Version: 9.15.1.10 Version: 9.15.1.15 Version: 9.15.1.16 Version: 9.15.1.17 Version: 9.15.1.1 Version: 9.15.1.21 Version: 9.16.1 Version: 9.16.1.28 Version: 9.16.2 Version: 9.16.2.3 Version: 9.16.2.7 Version: 9.16.2.11 Version: 9.16.2.13 Version: 9.16.2.14 Version: 9.16.3 Version: 9.16.3.3 Version: 9.16.3.14 Version: 9.16.3.15 Version: 9.16.3.19 Version: 9.16.3.23 Version: 9.16.4 Version: 9.16.4.9 Version: 9.17.1 Version: 9.17.1.7 Version: 9.17.1.9 Version: 9.17.1.10 Version: 9.17.1.11 Version: 9.17.1.13 Version: 9.17.1.15 Version: 9.17.1.20 Version: 9.18.1 Version: 9.18.1.3 Version: 9.18.2 Version: 9.18.2.5 Version: 9.18.2.7 Version: 9.18.2.8 Version: 9.19.1 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:35.918Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cisco-sa-fxos-arbitrary-file-BLk6YupL", tags: [ "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Cisco Adaptive Security Appliance (ASA) Software", vendor: "Cisco", versions: [ { status: "affected", version: "9.8.2", }, { status: "affected", version: "9.8.2.8", }, { status: "affected", version: "9.8.2.14", }, { status: "affected", version: "9.8.2.15", }, { status: "affected", version: "9.8.2.17", }, { status: "affected", version: "9.8.2.20", }, { status: "affected", version: "9.8.2.24", }, { status: "affected", version: "9.8.2.26", }, { status: "affected", version: "9.8.2.28", }, { status: "affected", version: "9.8.2.33", }, { status: "affected", version: "9.8.2.35", }, { status: "affected", version: "9.8.2.38", }, { status: "affected", version: "9.8.3.8", }, { status: "affected", version: "9.8.3.11", }, { status: "affected", version: "9.8.3.14", }, { status: "affected", version: "9.8.3.16", }, { status: "affected", version: "9.8.3.18", }, { status: "affected", version: "9.8.3.21", }, { status: "affected", version: "9.8.3", }, { status: "affected", version: "9.8.3.26", }, { status: "affected", version: "9.8.3.29", }, { status: "affected", version: "9.8.4", }, { status: "affected", version: "9.8.4.3", }, { status: "affected", version: "9.8.4.7", }, { status: "affected", version: "9.8.4.8", }, { status: "affected", version: "9.8.4.10", }, { status: "affected", version: "9.8.4.12", }, { status: "affected", version: "9.8.4.15", }, { status: "affected", version: "9.8.4.17", }, { status: "affected", version: "9.8.4.25", }, { status: "affected", version: "9.8.4.20", }, { status: "affected", version: "9.8.4.22", }, { status: "affected", version: "9.8.4.26", }, { status: "affected", version: "9.8.4.29", }, { status: "affected", version: "9.8.4.32", }, { status: "affected", version: "9.8.4.34", }, { status: "affected", version: "9.8.4.35", }, { status: "affected", version: "9.8.4.39", }, { status: "affected", version: "9.8.4.40", }, { status: "affected", version: "9.8.4.41", }, { status: "affected", version: "9.8.4.43", }, { status: "affected", version: "9.8.4.44", }, { status: "affected", version: "9.8.4.45", }, { status: "affected", version: "9.8.4.46", }, { status: "affected", version: "9.8.4.48", }, { status: "affected", version: "9.12.1", }, { status: "affected", version: "9.12.1.2", }, { status: "affected", version: "9.12.1.3", }, { status: "affected", version: "9.12.2", }, { status: "affected", version: "9.12.2.5", }, { status: "affected", version: "9.12.2.9", }, { status: "affected", version: "9.12.3", }, { status: "affected", version: "9.12.3.2", }, { status: "affected", version: "9.12.3.7", }, { status: "affected", version: "9.12.4", }, { status: "affected", version: "9.12.3.12", }, { status: "affected", version: "9.12.3.9", }, { status: "affected", version: "9.12.2.1", }, { status: "affected", version: "9.12.4.2", }, { status: "affected", version: "9.12.4.4", }, { status: "affected", version: "9.12.4.7", }, { status: "affected", version: "9.12.4.10", }, { status: "affected", version: "9.12.4.13", }, { status: "affected", version: "9.12.4.8", }, { status: "affected", version: "9.12.4.18", }, { status: "affected", version: "9.12.4.24", }, { status: "affected", version: "9.12.4.26", }, { status: "affected", version: "9.12.4.29", }, { status: "affected", version: "9.12.4.30", }, { status: "affected", version: "9.12.4.35", }, { status: "affected", version: "9.12.4.37", }, { status: "affected", version: "9.12.4.38", }, { status: "affected", version: "9.12.4.39", }, { status: "affected", version: "9.12.4.40", }, { status: "affected", version: "9.12.4.41", }, { status: "affected", version: "9.12.4.47", }, { status: "affected", version: "9.12.4.48", }, { status: "affected", version: "9.12.4.50", }, { status: "affected", version: "9.12.4.52", }, { status: "affected", version: "9.12.4.54", }, { status: "affected", version: "9.12.4.55", }, { status: "affected", version: "9.12.4.56", }, { status: "affected", version: "9.14.1", }, { status: "affected", version: "9.14.1.10", }, { status: "affected", version: "9.14.1.15", }, { status: "affected", version: "9.14.1.19", }, { status: "affected", version: "9.14.1.30", }, { status: "affected", version: "9.14.2", }, { status: "affected", version: "9.14.2.4", }, { status: "affected", version: "9.14.2.8", }, { status: "affected", version: "9.14.2.13", }, { status: "affected", version: "9.14.2.15", }, { status: "affected", version: "9.14.3", }, { status: "affected", version: "9.14.3.1", }, { status: "affected", version: "9.14.3.9", }, { status: "affected", version: "9.14.3.11", }, { status: "affected", version: "9.14.3.13", }, { status: "affected", version: "9.14.3.18", }, { status: "affected", version: "9.14.3.15", }, { status: "affected", version: "9.14.4", }, { status: "affected", version: "9.14.4.6", }, { status: "affected", version: "9.14.4.7", }, { status: "affected", version: "9.14.4.12", }, { status: "affected", version: "9.14.4.13", }, { status: "affected", version: "9.14.4.14", }, { status: "affected", version: "9.14.4.15", }, { status: "affected", version: "9.14.4.17", }, { status: "affected", version: "9.14.4.22", }, { status: "affected", version: "9.15.1", }, { status: "affected", version: "9.15.1.7", }, { status: "affected", version: "9.15.1.10", }, { status: "affected", version: "9.15.1.15", }, { status: "affected", version: "9.15.1.16", }, { status: "affected", version: "9.15.1.17", }, { status: "affected", version: "9.15.1.1", }, { status: "affected", version: "9.15.1.21", }, { status: "affected", version: "9.16.1", }, { status: "affected", version: "9.16.1.28", }, { status: "affected", version: "9.16.2", }, { status: "affected", version: "9.16.2.3", }, { status: "affected", version: "9.16.2.7", }, { status: "affected", version: "9.16.2.11", }, { status: "affected", version: "9.16.2.13", }, { status: "affected", version: "9.16.2.14", }, { status: "affected", version: "9.16.3", }, { status: "affected", version: "9.16.3.3", }, { status: "affected", version: "9.16.3.14", }, { status: "affected", version: "9.16.3.15", }, { status: "affected", version: "9.16.3.19", }, { status: "affected", version: "9.16.3.23", }, { status: "affected", version: "9.16.4", }, { status: "affected", version: "9.16.4.9", }, { status: "affected", version: "9.17.1", }, { status: "affected", version: "9.17.1.7", }, { status: "affected", version: "9.17.1.9", }, { status: "affected", version: "9.17.1.10", }, { status: "affected", version: "9.17.1.11", }, { status: "affected", version: "9.17.1.13", }, { status: "affected", version: "9.17.1.15", }, { status: "affected", version: "9.17.1.20", }, { status: "affected", version: "9.18.1", }, { status: "affected", version: "9.18.1.3", }, { status: "affected", version: "9.18.2", }, { status: "affected", version: "9.18.2.5", }, { status: "affected", version: "9.18.2.7", }, { status: "affected", version: "9.18.2.8", }, { status: "affected", version: "9.19.1", }, ], }, { product: "Cisco Firepower Threat Defense Software", vendor: "Cisco", versions: [ { status: "affected", version: "6.2.3", }, { status: "affected", version: "6.2.3.1", }, { status: "affected", version: "6.2.3.2", }, { status: "affected", version: "6.2.3.3", }, { status: "affected", version: "6.2.3.4", }, { status: "affected", version: "6.2.3.5", }, { status: "affected", version: "6.2.3.6", }, { status: "affected", version: "6.2.3.7", }, { status: "affected", version: "6.2.3.8", }, { status: "affected", version: "6.2.3.10", }, { status: "affected", version: "6.2.3.11", }, { status: "affected", version: "6.2.3.9", }, { status: "affected", version: "6.2.3.12", }, { status: "affected", version: "6.2.3.13", }, { status: "affected", version: "6.2.3.14", }, { status: "affected", version: "6.2.3.15", }, { status: "affected", version: "6.2.3.16", }, { status: "affected", version: "6.2.3.17", }, { status: "affected", version: "6.2.3.18", }, { status: "affected", version: "6.6.0", }, { status: "affected", version: "6.6.0.1", }, { status: "affected", version: "6.6.1", }, { status: "affected", version: "6.6.3", }, { status: "affected", version: "6.6.4", }, { status: "affected", version: "6.6.5", }, { status: "affected", version: "6.6.5.1", }, { status: "affected", version: "6.6.5.2", }, { status: "affected", version: "6.6.7", }, { status: "affected", version: "6.6.7.1", }, { status: "affected", version: "6.4.0", }, { status: "affected", version: "6.4.0.1", }, { status: "affected", version: "6.4.0.3", }, { status: "affected", version: "6.4.0.2", }, { status: "affected", version: "6.4.0.4", }, { status: "affected", version: "6.4.0.5", }, { status: "affected", version: "6.4.0.6", }, { status: "affected", version: "6.4.0.7", }, { status: "affected", version: "6.4.0.8", }, { status: "affected", version: "6.4.0.9", }, { status: "affected", version: "6.4.0.10", }, { status: "affected", version: "6.4.0.11", }, { status: "affected", version: "6.4.0.12", }, { status: "affected", version: "6.4.0.13", }, { status: "affected", version: "6.4.0.14", }, { status: "affected", version: "6.4.0.15", }, { status: "affected", version: "6.4.0.16", }, { status: "affected", version: "6.7.0", }, { status: "affected", version: "6.7.0.1", }, { status: "affected", version: "6.7.0.2", }, { status: "affected", version: "6.7.0.3", }, { status: "affected", version: "7.0.0", }, { status: "affected", version: "7.0.0.1", }, { status: "affected", version: "7.0.1", }, { status: "affected", version: "7.0.1.1", }, { status: "affected", version: "7.0.2", }, { status: "affected", version: "7.0.2.1", }, { status: "affected", version: "7.0.3", }, { status: "affected", version: "7.0.4", }, { status: "affected", version: "7.0.5", }, { status: "affected", version: "7.1.0", }, { status: "affected", version: "7.1.0.1", }, { status: "affected", version: "7.1.0.2", }, { status: "affected", version: "7.1.0.3", }, { status: "affected", version: "7.2.0", }, { status: "affected", version: "7.2.0.1", }, { status: "affected", version: "7.2.1", }, { status: "affected", version: "7.2.2", }, { status: "affected", version: "7.2.3", }, { status: "affected", version: "7.3.0", }, { status: "affected", version: "7.3.1", }, { status: "affected", version: "7.3.1.1", }, ], }, { product: "Cisco Firepower Extensible Operating System (FXOS)", vendor: "Cisco", versions: [ { status: "affected", version: "2.2.1.63", }, { status: "affected", version: "2.2.1.66", }, { status: "affected", version: "2.2.1.70", }, { status: "affected", version: "2.2.2.17", }, { status: "affected", version: "2.2.2.19", }, { status: "affected", version: "2.2.2.24", }, { status: "affected", version: "2.2.2.26", }, { status: "affected", version: "2.2.2.28", }, { status: "affected", version: "2.2.2.54", }, { status: "affected", version: "2.2.2.60", }, { status: "affected", version: "2.2.2.71", }, { status: "affected", version: "2.2.2.83", }, { status: "affected", version: "2.2.2.86", }, { status: "affected", version: "2.2.2.91", }, { status: "affected", version: "2.2.2.97", }, { status: "affected", version: "2.2.2.101", }, { status: "affected", version: "2.2.2.137", }, { status: "affected", version: "2.2.2.148", }, { status: "affected", version: "2.2.2.149", }, { status: "affected", version: "2.3.1.99", }, { status: "affected", version: "2.3.1.93", }, { status: "affected", version: "2.3.1.91", }, { status: "affected", version: "2.3.1.88", }, { status: "affected", version: "2.3.1.75", }, { status: "affected", version: "2.3.1.73", }, { status: "affected", version: "2.3.1.66", }, { status: "affected", version: "2.3.1.58", }, { status: "affected", version: "2.3.1.130", }, { status: "affected", version: "2.3.1.111", }, { status: "affected", version: "2.3.1.110", }, { status: "affected", version: "2.3.1.144", }, { status: "affected", version: "2.3.1.145", }, { status: "affected", version: "2.3.1.155", }, { status: "affected", version: "2.3.1.166", }, { status: "affected", version: "2.3.1.173", }, { status: "affected", version: "2.3.1.179", }, { status: "affected", version: "2.3.1.180", }, { status: "affected", version: "2.3.1.56", }, { status: "affected", version: "2.3.1.190", }, { status: "affected", version: "2.3.1.215", }, { status: "affected", version: "2.3.1.216", }, { status: "affected", version: "2.3.1.219", }, { status: "affected", version: "2.3.1.230", }, { status: "affected", version: "2.6.1.131", }, { status: "affected", version: "2.6.1.157", }, { status: "affected", version: "2.6.1.166", }, { status: "affected", version: "2.6.1.169", }, { status: "affected", version: "2.6.1.174", }, { status: "affected", version: "2.6.1.187", }, { status: "affected", version: "2.6.1.192", }, { status: "affected", version: "2.6.1.204", }, { status: "affected", version: "2.6.1.214", }, { status: "affected", version: "2.6.1.224", }, { status: "affected", version: "2.6.1.229", }, { status: "affected", version: "2.6.1.230", }, { status: "affected", version: "2.6.1.238", }, { status: "affected", version: "2.6.1.239", }, { status: "affected", version: "2.6.1.254", }, { status: "affected", version: "2.6.1.259", }, { status: "affected", version: "2.8.1.105", }, { status: "affected", version: "2.8.1.125", }, { status: "affected", version: "2.8.1.139", }, { status: "affected", version: "2.8.1.143", }, { status: "affected", version: "2.8.1.152", }, { status: "affected", version: "2.8.1.162", }, { status: "affected", version: "2.8.1.164", }, { status: "affected", version: "2.8.1.172", }, { status: "affected", version: "2.8.1.186", }, { status: "affected", version: "2.8.1.190", }, { status: "affected", version: "2.9.1.131", }, { status: "affected", version: "2.9.1.135", }, { status: "affected", version: "2.9.1.143", }, { status: "affected", version: "2.9.1.150", }, { status: "affected", version: "2.9.1.158", }, { status: "affected", version: "2.10.1.159", }, { status: "affected", version: "2.10.1.166", }, { status: "affected", version: "2.10.1.179", }, { status: "affected", version: "2.10.1.207", }, { status: "affected", version: "2.10.1.234", }, { status: "affected", version: "2.11.1.154", }, { status: "affected", version: "2.11.1.182", }, { status: "affected", version: "2.12.0.31", }, { status: "affected", version: "2.12.0.432", }, { status: "affected", version: "2.12.0.450", }, { status: "affected", version: "2.13.0.198", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files.\r\n\r The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-73", description: "External Control of File Name or Path", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-25T16:58:27.496Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-fxos-arbitrary-file-BLk6YupL", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL", }, ], source: { advisory: "cisco-sa-fxos-arbitrary-file-BLk6YupL", defects: [ "CSCwb91812", "CSCwd35722", "CSCwd05772", "CSCwd35726", ], discovery: "INTERNAL", }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20234", datePublished: "2023-08-23T18:21:02.413Z", dateReserved: "2022-10-27T18:47:50.369Z", dateUpdated: "2024-08-02T09:05:35.918Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1489
Vulnerability from cvelistv5
Published
2021-04-29 17:31
Modified
2024-11-08 23:22
Severity ?
EPSS score ?
Summary
A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to the insufficient management of available filesystem resources. An attacker could exploit this vulnerability by uploading files to the device and exhausting available filesystem resources. A successful exploit could allow the attacker to cause database errors and cause the device to become unresponsive to web-based management. Manual intervention is required to free filesystem resources and return the device to an operational state.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fdm-dos-nFES8xTN | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Firepower Threat Defense Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:11:17.336Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210428 Cisco Firepower Device Manager Software Filesystem Space Exhaustion Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fdm-dos-nFES8xTN", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1489", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-08T20:44:33.506976Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-08T23:22:59.356Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Firepower Threat Defense Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-04-28T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to the insufficient management of available filesystem resources. An attacker could exploit this vulnerability by uploading files to the device and exhausting available filesystem resources. A successful exploit could allow the attacker to cause database errors and cause the device to become unresponsive to web-based management. Manual intervention is required to free filesystem resources and return the device to an operational state.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-29T17:31:10", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210428 Cisco Firepower Device Manager Software Filesystem Space Exhaustion Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fdm-dos-nFES8xTN", }, ], source: { advisory: "cisco-sa-fdm-dos-nFES8xTN", defect: [ [ "CSCvt11547", "CSCvx30735", ], ], discovery: "INTERNAL", }, title: "Cisco Firepower Device Manager Software Filesystem Space Exhaustion Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-04-28T16:00:00", ID: "CVE-2021-1489", STATE: "PUBLIC", TITLE: "Cisco Firepower Device Manager Software Filesystem Space Exhaustion Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Firepower Threat Defense Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to the insufficient management of available filesystem resources. An attacker could exploit this vulnerability by uploading files to the device and exhausting available filesystem resources. A successful exploit could allow the attacker to cause database errors and cause the device to become unresponsive to web-based management. Manual intervention is required to free filesystem resources and return the device to an operational state.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.9", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-400", }, ], }, ], }, references: { reference_data: [ { name: "20210428 Cisco Firepower Device Manager Software Filesystem Space Exhaustion Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fdm-dos-nFES8xTN", }, ], }, source: { advisory: "cisco-sa-fdm-dos-nFES8xTN", defect: [ [ "CSCvt11547", "CSCvx30735", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1489", datePublished: "2021-04-29T17:31:10.090497Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-08T23:22:59.356Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2022-08-10 17:15
Modified
2024-11-21 06:43
Severity ?
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successful exploit could allow the attacker to retrieve the RSA private key. The following conditions may be observed on an affected device: This vulnerability will apply to approximately 5 percent of the RSA keys on a device that is running a vulnerable release of Cisco ASA Software or Cisco FTD Software; not all RSA keys are expected to be affected due to mathematical calculations applied to the RSA key. The RSA key could be valid but have specific characteristics that make it vulnerable to the potential leak of the RSA private key. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. See the Indicators of Compromise section for more information on the detection of this type of RSA key. The RSA key could be malformed and invalid. A malformed RSA key is not functional, and a TLS client connection to a device that is running Cisco ASA Software or Cisco FTD Software that uses the malformed RSA key will result in a TLS signature failure, which means a vulnerable software release created an invalid RSA signature that failed verification. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "107E5744-F632-406D-AAE9-C04BF910D042", versionEndExcluding: "9.16.3.19", versionStartIncluding: "9.16.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "299D4D24-6DF2-47DE-8DDD-71F8796A037A", versionEndExcluding: "9.17.1.13", versionStartIncluding: "9.17.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "AC4CE962-515C-42EF-A209-1B82330D2049", versionEndExcluding: "9.18.2", versionStartIncluding: "9.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "D8E887FA-6D5C-4AAB-BFBF-4239C1822BDF", versionEndExcluding: "7.0.4", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "526BB5E8-D3CB-468B-B55A-C1FB032EB45A", versionEndExcluding: "7.2.0.1", versionStartIncluding: "7.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asa_5506-x:-:*:*:*:*:*:*:*", matchCriteriaId: "763B801D-CA1E-4C56-8B06-3373EA307C7E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5506h-x:-:*:*:*:*:*:*:*", matchCriteriaId: "30AC6907-3091-409F-967D-64A82A0C5A8C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5506w-x:-:*:*:*:*:*:*:*", matchCriteriaId: "D11AF728-8EB0-45EB-A7DD-F2D52B3BB7B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5508-x:-:*:*:*:*:*:*:*", matchCriteriaId: "92AE506A-E710-465B-B795-470FDE0E0ECA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5516-x:-:*:*:*:*:*:*:*", matchCriteriaId: "1E07AF10-FFB2-4AC7-BBE7-199C3EFED81F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "E6F79864-CA70-4192-AC2C-E174DF3F25B2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1020:-:*:*:*:*:*:*:*", matchCriteriaId: "EA8B5AF8-6A57-482A-9442-E857EE7E207B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1030:-:*:*:*:*:*:*:*", matchCriteriaId: "A9929280-2AAC-4B56-A42C-1F6EDE83988E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1040:-:*:*:*:*:*:*:*", matchCriteriaId: "F29B6BC3-D716-4A3D-9679-B7BE81F719C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*", matchCriteriaId: "D23A26EF-5B43-437C-A962-4FC69D8A0FF4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*", matchCriteriaId: "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:secure_firewall_3110:-:*:*:*:*:*:*:*", matchCriteriaId: "87403E0F-659C-4C5B-863D-0274D2828A9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:secure_firewall_3120:-:*:*:*:*:*:*:*", matchCriteriaId: "73D24C57-2311-48E9-879E-124472E98F6F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:secure_firewall_3130:-:*:*:*:*:*:*:*", matchCriteriaId: "BE02D38A-5354-47E6-A46F-06D53F14F5A8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:secure_firewall_3140:-:*:*:*:*:*:*:*", matchCriteriaId: "F191A423-DB18-4F3A-9D31-C3DD8F185C88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successful exploit could allow the attacker to retrieve the RSA private key. The following conditions may be observed on an affected device: This vulnerability will apply to approximately 5 percent of the RSA keys on a device that is running a vulnerable release of Cisco ASA Software or Cisco FTD Software; not all RSA keys are expected to be affected due to mathematical calculations applied to the RSA key. The RSA key could be valid but have specific characteristics that make it vulnerable to the potential leak of the RSA private key. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. See the Indicators of Compromise section for more information on the detection of this type of RSA key. The RSA key could be malformed and invalid. A malformed RSA key is not functional, and a TLS client connection to a device that is running Cisco ASA Software or Cisco FTD Software that uses the malformed RSA key will result in a TLS signature failure, which means a vulnerable software release created an invalid RSA signature that failed verification. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic.", }, { lang: "es", value: "Una vulnerabilidad en el manejo de las claves RSA en los dispositivos que ejecutan el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podría permitir a un atacante remoto no autenticado recuperar una clave privada RSA. Esta vulnerabilidad es debido a un error lógico cuando la clave RSA es almacenada en la memoria de una plataforma de hardware que lleva a cabo criptografía basada en hardware. Un atacante podría explotar esta vulnerabilidad al usar un ataque de canal lateral Lenstra contra el dispositivo objetivo. Una explotación con éxito podría permitir al atacante recuperar la clave privada RSA. Las siguientes condiciones pueden observarse en un dispositivo afectado: Esta vulnerabilidad será aplicada a aproximadamente el 5 por ciento de las claves RSA en un dispositivo que esté ejecutando una versión vulnerable del software Cisco ASA o del software Cisco FTD; no es esperado que todas las claves RSA sean afectadas debido a cálculos matemáticos aplicados a la clave RSA. La clave RSA podría ser válida pero tener características específicas que la hacen vulnerable a una posible filtración de la clave privada RSA. Si un atacante obtiene la clave privada RSA, podría usarla para hacerse pasar por un dispositivo que esté ejecutando el software Cisco ASA o el software Cisco FTD o para descifrar el tráfico del dispositivo. Consulte la sección Indicadores de compromiso para obtener más información sobre la detección de este tipo de clave RSA. La clave RSA podría estar malformada y no ser válida. Una clave RSA malformada no es funcional, y una conexión de cliente TLS a un dispositivo que ejecuta el software Cisco ASA o el software Cisco FTD que usa la clave RSA malformada resultará en un fallo de la firma TLS, lo que significa que una versión de software vulnerable creó una firma RSA no válida que falló en la verificación. Si un atacante obtiene la clave privada RSA, podría usarla para hacerse pasar por un dispositivo que esté ejecutando el software Cisco ASA o el software Cisco FTD o para descifrar el tráfico del dispositivo", }, ], id: "CVE-2022-20866", lastModified: "2024-11-21T06:43:42.867", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.2, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-10T17:15:08.487", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-203", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-203", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-10 10:15
Modified
2025-04-03 20:53
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
References
Impacted products
{ cisaActionDue: "2021-12-24", cisaExploitAdd: "2021-12-10", cisaRequiredAction: "For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.", cisaVulnerabilityName: "Apache Log4j2 Remote Code Execution Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:6bk1602-0aa12-0tp0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BD64FC36-CC7B-4FD7-9845-7EA1DDB0E627", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:6bk1602-0aa12-0tp0:-:*:*:*:*:*:*:*", matchCriteriaId: "CF99FE8F-40D0-48A8-9A40-43119B259535", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:6bk1602-0aa22-0tp0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0012304-B1C8-460A-B891-42EBF96504F5", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:6bk1602-0aa22-0tp0:-:*:*:*:*:*:*:*", matchCriteriaId: "F3F61BCB-64FA-463C-8B95-8868995EDBC0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:6bk1602-0aa32-0tp0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B02BCF56-D9D3-4BF3-85A2-D445E997F5EC", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:6bk1602-0aa32-0tp0:-:*:*:*:*:*:*:*", matchCriteriaId: "B5A189B7-DDBF-4B84-997F-637CEC5FF12B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:6bk1602-0aa42-0tp0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A2DB5BA-1065-467A-8FB6-81B5EC29DC0C", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:6bk1602-0aa42-0tp0:-:*:*:*:*:*:*:*", matchCriteriaId: "035AFD6F-E560-43C8-A283-8D80DAA33025", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:6bk1602-0aa52-0tp0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "809EB87E-561A-4DE5-9FF3-BBEE0FA3706E", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:6bk1602-0aa52-0tp0:-:*:*:*:*:*:*:*", matchCriteriaId: "4594FF76-A1F8-4457-AE90-07D051CD0DCB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", matchCriteriaId: "03FA5E81-F9C0-403E-8A4B-E4284E4E7B72", versionEndExcluding: "2.3.1", versionStartIncluding: "2.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", matchCriteriaId: "AED3D5EC-DAD5-4E5F-8BBD-B4E3349D84FC", versionEndExcluding: "2.12.2", versionStartIncluding: "2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", matchCriteriaId: "D31D423D-FC4D-428A-B863-55AF472B80DC", versionEndExcluding: "2.15.0", versionStartIncluding: "2.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*", matchCriteriaId: "17854E42-7063-4A55-BF2A-4C7074CC2D60", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*", matchCriteriaId: "53F32FB2-6970-4975-8BD0-EAE12E9AD03A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*", matchCriteriaId: "B773ED91-1D39-42E6-9C52-D02210DE1A94", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*", matchCriteriaId: "EF24312D-1A62-482E-8078-7EC24758B710", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E8320869-CBF4-4C92-885C-560C09855BFA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:*", matchCriteriaId: "755BA221-33DD-40A2-A517-8574D042C261", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:capital:*:*:*:*:*:*:*:*", matchCriteriaId: "9AAF12D5-7961-4344-B0CC-BE1C673BFE1F", versionEndExcluding: "2019.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:capital:2019.1:-:*:*:*:*:*:*", matchCriteriaId: "19CB7B44-1877-4739-AECB-3E995ED03FC9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:capital:2019.1:sp1912:*:*:*:*:*:*", matchCriteriaId: "A883D9C2-F2A4-459F-8000-EE288DC0DD17", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:*", matchCriteriaId: "9CD4AC6F-B8D3-4588-B3BD-55C9BAF4AAAC", versionEndExcluding: "10.4.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:3.0:*:*:*:*:*:*:*", matchCriteriaId: "8AFD64AC-0826-48FB-91B0-B8DF5ECC8775", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.0:*:*:*:*:*:*:*", matchCriteriaId: "BB524B33-68E7-46A2-B5CE-BCD9C3194B8B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.1:*:*:*:*:*:*:*", matchCriteriaId: "5F852C6D-44A0-4CCE-83C7-4501CAD73F9F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.2:*:*:*:*:*:*:*", matchCriteriaId: "AA61161C-C2E7-4852-963E-E2D3DFBFDC7B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.0:*:*:*:*:*:*:*", matchCriteriaId: "A76AA04A-BB43-4027-895E-D1EACFCDF41B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.1:*:*:*:*:*:*:*", matchCriteriaId: "2A6B60F3-327B-49B7-B5E4-F1C60896C9BB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_info_center:5.0:*:*:*:*:*:*:*", matchCriteriaId: "4BCF281E-B0A2-49E2-AEF8-8691BDCE08D5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_info_center:5.1:*:*:*:*:*:*:*", matchCriteriaId: "A87EFCC4-4BC1-4FEA-BAA4-8FF221838EBD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:e-car_operation_center:*:*:*:*:*:*:*:*", matchCriteriaId: "B678380B-E95E-4A8B-A49D-D13B62AA454E", versionEndExcluding: "2021-12-13", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energy_engage:3.1:*:*:*:*:*:*:*", matchCriteriaId: "4557476B-0157-44C2-BB50-299E7C7E1E72", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip:8.5:*:*:*:*:*:*:*", matchCriteriaId: "991B2959-5AA3-4B68-A05A-42D9860FAA9D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip:8.6:*:*:*:*:*:*:*", matchCriteriaId: "7E5948A0-CA31-41DF-85B6-1E6D09E5720B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip:8.7:*:*:*:*:*:*:*", matchCriteriaId: "4C08D302-EEAC-45AA-9943-3A5F09E29FAB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip:9.0:*:*:*:*:*:*:*", matchCriteriaId: "D53BA68C-B653-4507-9A2F-177CF456960F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip_prepay:*:*:*:*:*:*:*:*", matchCriteriaId: "536C7527-27E6-41C9-8ED8-564DD0DC4EA0", versionEndExcluding: "3.8.0.12", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:gma-manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0E180527-5C36-4158-B017-5BEDC0412FD6", versionEndExcluding: "8.6.2j-398", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:head-end_system_universal_device_integration_system:*:*:*:*:*:*:*:*", matchCriteriaId: "AFDADA98-1CD0-45DA-9082-BFC383F7DB97", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:industrial_edge_management:*:*:*:*:*:*:*:*", matchCriteriaId: "E33D707F-100E-4DE7-A05B-42467DE75EAC", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:industrial_edge_management_hub:*:*:*:*:*:*:*:*", matchCriteriaId: "DD3EAC80-44BE-41D2-8D57-0EE3DBA1E1B1", versionEndExcluding: "2021-12-13", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:logo\\!_soft_comfort:*:*:*:*:*:*:*:*", matchCriteriaId: "2AC8AB52-F4F4-440D-84F5-2776BFE1957A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*", matchCriteriaId: "6AF6D774-AC8C-49CA-A00B-A2740CA8FA91", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:mindsphere:*:*:*:*:*:*:*:*", matchCriteriaId: "25FADB1B-988D-4DB9-9138-7542AFDEB672", versionEndExcluding: "2021-12-16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:navigator:*:*:*:*:*:*:*:*", matchCriteriaId: "48C6A61B-2198-4B9E-8BCF-824643C81EC3", versionEndExcluding: "2021-12-13", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:nx:*:*:*:*:*:*:*:*", matchCriteriaId: "BEE2F7A1-8281-48F1-8BFB-4FE0D7E1AEF4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*", matchCriteriaId: "C07AFA19-21AE-4C7E-AA95-69599834C0EC", versionEndExcluding: "3.5", versionStartIncluding: "3.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*", matchCriteriaId: "74D1F4AD-9A60-4432-864F-4505B3C60659", versionEndIncluding: "1.1.3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sentron_powermanager:4.1:*:*:*:*:*:*:*", matchCriteriaId: "7ABA5332-8D1E-4129-A557-FCECBAC12827", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sentron_powermanager:4.2:*:*:*:*:*:*:*", matchCriteriaId: "9C3AA865-5570-4C8B-99DE-431AD7B163F1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siguard_dsa:*:*:*:*:*:*:*:*", matchCriteriaId: "9A4B950B-4527-491B-B111-046DB1CCC037", versionEndExcluding: "4.4.1", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*", matchCriteriaId: "83E77D85-0AE8-41D6-AC0C-983A8B73C831", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*", matchCriteriaId: "02B28A44-3708-480D-9D6D-DDF8C21A15EC", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_command:*:*:*:*:*:*:*:*", matchCriteriaId: "2FC0A575-F771-4B44-A0C6-6A5FD98E5134", versionEndIncluding: "4.16.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_control_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "6D1D6B61-1F17-4008-9DFB-EF419777768E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*", matchCriteriaId: "9772EE3F-FFC5-4611-AD9A-8AD8304291BB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:*", matchCriteriaId: "CF524892-278F-4373-A8A3-02A30FA1AFF4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_vantage:*:*:*:*:*:*:*:*", matchCriteriaId: "F30DE588-9479-46AA-8346-EA433EE83A5F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_viewpoint:*:*:*:*:*:*:*:*", matchCriteriaId: "4941EAD6-8759-4C72-ABA6-259C0E838216", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:solid_edge_cam_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "5BF2708F-0BD9-41BF-8CB1-4D06C4EFB777", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:solid_edge_harness_design:*:*:*:*:*:*:*:*", matchCriteriaId: "0762031C-DFF1-4962-AE05-0778B27324B9", versionEndExcluding: "2020", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:solid_edge_harness_design:2020:*:*:*:*:*:*:*", matchCriteriaId: "96271088-1D1B-4378-8ABF-11DAB3BB4DDC", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:solid_edge_harness_design:2020:-:*:*:*:*:*:*", matchCriteriaId: "2595AD24-2DF2-4080-B780-BC03F810B9A9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:solid_edge_harness_design:2020:sp2002:*:*:*:*:*:*", matchCriteriaId: "88096F08-F261-4E3E-9EEB-2AB0225CD6F3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_4:*:*:*:*:*:*:*:*", matchCriteriaId: "044994F7-8127-4F03-AA1A-B2AB41D68AF5", versionEndExcluding: "4.70", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_4:4.70:-:*:*:*:*:*:*", matchCriteriaId: "A6CB3A8D-9577-41FB-8AC4-0DF8DE6A519C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp7:*:*:*:*:*:*", matchCriteriaId: "17B7C211-6339-4AF2-9564-94C7DE52EEB7", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp8:*:*:*:*:*:*", matchCriteriaId: "DBCCBBBA-9A4F-4354-91EE-10A1460BBA3F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_7:*:*:*:*:*:*:*:*", matchCriteriaId: "12F81F6B-E455-4367-ADA4-8A5EC7F4754A", versionEndExcluding: "2.30", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_7:2.30:*:*:*:*:*:*:*", matchCriteriaId: "A5EF509E-3799-4718-B361-EFCBA17AEEF3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_7:2.30:-:*:*:*:*:*:*", matchCriteriaId: "8CA31645-29FC-4432-9BFC-C98A808DB8CF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_7:2.30:sp2:*:*:*:*:*:*", matchCriteriaId: "BB424991-0B18-4FFC-965F-FCF4275F56C5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*", matchCriteriaId: "1B209EFE-77F2-48CD-A880-ABA0A0A81AB1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:*:*:*:*:*:*:*:*", matchCriteriaId: "72D238AB-4A1F-458D-897E-2C93DCD7BA6C", versionEndExcluding: "2019.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:2019.1:*:*:*:*:*:*:*", matchCriteriaId: "9778339A-EA93-4D18-9A03-4EB4CBD25459", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:2019.1:-:*:*:*:*:*:*", matchCriteriaId: "1747F127-AB45-4325-B9A1-F3D12E69FFC8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:2019.1:sp1912:*:*:*:*:*:*", matchCriteriaId: "18BBEF7C-F686-4129-8EE9-0F285CE38845", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:2020.1:-:*:*:*:*:*:*", matchCriteriaId: "264C7817-0CD5-4370-BC39-E1DF3E932E16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:2021.1:-:*:*:*:*:*:*", matchCriteriaId: "C7442C42-D493-46B9-BCC2-2C62EAD5B945", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:xpedition_enterprise:-:*:*:*:*:*:*:*", matchCriteriaId: "AD525494-2807-48EA-AED0-11B9CB5A6A9B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:xpedition_package_integrator:-:*:*:*:*:*:*:*", matchCriteriaId: "1EDCBF98-A857-48BC-B04D-6F36A1975AA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:computer_vision_annotation_tool:-:*:*:*:*:*:*:*", matchCriteriaId: "12A06BF8-E4DC-4389-8A91-8AC7598E0009", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:datacenter_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EAD1E1F3-F06B-4D17-8854-2CDA7E6D872D", versionEndExcluding: "5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:genomics_kernel_library:-:*:*:*:*:*:*:*", matchCriteriaId: "18989EBC-E1FB-473B-83E0-48C8896C2E96", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_sample_browser:-:*:*:*:*:eclipse:*:*", matchCriteriaId: "EDE66B6C-25E5-49AE-B35F-582130502222", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:secure_device_onboard:-:*:*:*:*:*:*:*", matchCriteriaId: "22BEE177-D117-478C-8EAD-9606DEDF9FD5", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:system_studio:-:*:*:*:*:*:*:*", matchCriteriaId: "FC619106-991C-413A-809D-C2410EBA4CDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*", matchCriteriaId: "CA7D45EF-18F7-43C6-9B51-ABAB7B0CA3CD", versionEndExcluding: "10.0.13", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*", matchCriteriaId: "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", matchCriteriaId: "B55E8D50-99B4-47EC-86F9-699B67D473CE", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:brocade_san_navigator:-:*:*:*:*:*:*:*", matchCriteriaId: "25FA7A4D-B0E2-423E-8146-E221AE2D6120", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*", matchCriteriaId: "26FCA75B-4282-4E0F-95B4-640A82C8E91C", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "197D0D80-6702-4B61-B681-AFDBA7D69067", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "CBCC384C-5DF0-41AB-B17B-6E9B6CAE8065", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "F3A48D58-4291-4D3C-9CEA-BF12183468A7", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_storage_node:-:*:*:*:*:*:*:*", matchCriteriaId: "D452B464-1200-4B72-9A89-42DC58486191", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire_enterprise_sds:-:*:*:*:*:*:*:*", matchCriteriaId: "5D18075A-E8D6-48B8-A7FA-54E336A434A2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:advanced_malware_protection_virtual_private_cloud_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "4E52AF19-0158-451B-8E36-02CB6406083F", versionEndExcluding: "3.5.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:automated_subsea_tuning:*:*:*:*:*:*:*:*", matchCriteriaId: "CB21CFB4-4492-4C5D-BD07-FFBE8B5D92B6", versionEndExcluding: "2.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:broadworks:*:*:*:*:*:*:*:*", matchCriteriaId: "97426511-9B48-46F5-AC5C-F9781F1BAE2F", versionEndExcluding: "2021.11_1.162", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*", matchCriteriaId: "82306B9F-AE97-4E29-A8F7-2E5BA52998A7", versionEndExcluding: "3.0.000.115", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*", matchCriteriaId: "4C903C85-DC0F-47D8-B8BE-7A666877B017", versionEndExcluding: "3.1.000.044", versionStartIncluding: "3.1.000.000", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*", matchCriteriaId: "E4C6F9E0-5DCE-431D-AE7E-B680AC1F9332", versionEndExcluding: "3.2.000.009", versionStartIncluding: "3.2.000.000", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloud_connect:*:*:*:*:*:*:*:*", matchCriteriaId: "52CF6199-8028-4076-952B-855984F30129", versionEndExcluding: "12.6\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter:*:*:*:*:*:*:*:*", matchCriteriaId: "622BB8D9-AC81-4C0F-A5C5-C5E51F0BC0D1", versionEndExcluding: "4.10.0.16", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_cost_optimizer:*:*:*:*:*:*:*:*", matchCriteriaId: "38FB3CE1-5F62-4798-A825-4E3DB07E868F", versionEndExcluding: "5.5.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite_admin:*:*:*:*:*:*:*:*", matchCriteriaId: "29CDB878-B085-448E-AB84-25B1E2D024F8", versionEndExcluding: "5.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_workload_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C25FDA96-9490-431F-B8B6-CC2CC272670E", versionEndExcluding: "5.5.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*", matchCriteriaId: "51CD9E4C-9385-435C-AD18-6C36C8DF7B65", versionEndExcluding: "2.9.1.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*", matchCriteriaId: "FC0AC4C1-CB06-4084-BFBB-5B702C384C53", versionEndExcluding: "2.10.0.1", versionStartIncluding: "2.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_mobile_experiences:-:*:*:*:*:*:*:*", matchCriteriaId: "3871EBD2-F270-435A-B98C-A282E1C52693", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:contact_center_domain_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8D4DF34B-E8C2-41C8-90E2-D119B50E4E7E", versionEndExcluding: "12.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:contact_center_management_portal:*:*:*:*:*:*:*:*", matchCriteriaId: "C8EF64DA-73E4-4E5E-8F9A-B837C947722E", versionEndExcluding: "12.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "66E1E4FC-0B6E-4CFA-B003-91912F8785B2", versionEndExcluding: "2.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_data_gateway:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1B2390C3-C319-4F05-8CF0-0D30F9931507", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "C154491E-06C7-48B0-AC1D-89BBDBDB902E", versionEndExcluding: "2.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_controller:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1E98EC48-0CED-4E02-9CCB-06EF751F2BDC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_optimization_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "C569DC2A-CFF6-4E13-A50C-E215A4F96D99", versionEndExcluding: "2.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_optimization_engine:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "258A51AC-6649-4F67-A842-48A7AE4DCEE1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_platform_infrastructure:*:*:*:*:*:*:*:*", matchCriteriaId: "8DC22505-DE11-4A1B-8C06-1E306419B031", versionEndExcluding: "4.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_platform_infrastructure:4.1.0:*:*:*:*:*:*:*", matchCriteriaId: "9E31AC54-B928-48B5-8293-F5F4A7A8C293", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*", matchCriteriaId: "5B8AE870-6FD0-40D2-958B-548E2D7A7B75", versionEndExcluding: "2.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "68E7D83B-B6AC-45B1-89A4-D18D7A6018DD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:customer_experience_cloud_agent:*:*:*:*:*:*:*:*", matchCriteriaId: "17660B09-47AA-42A2-B5FF-8EBD8091C661", versionEndExcluding: "1.12.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:*:*:*:*:*:*:*:*", matchCriteriaId: "FBEF9A82-16AE-437A-B8CF-CC7E9B6C4E44", versionEndExcluding: "4.0.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:data_center_network_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "843147AE-8117-4FE9-AE74-4E1646D55642", versionEndExcluding: "11.3\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:data_center_network_manager:11.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7EB871C9-CA14-4829-AED3-CC2B35E99E92", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*", matchCriteriaId: "4FF8A83D-A282-4661-B133-213A8838FB27", versionEndExcluding: "2.1.2.8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*", matchCriteriaId: "139CDAA5-63E9-4E56-AF72-745BD88E4B49", versionEndExcluding: "2.2.2.8", versionStartIncluding: "2.2.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*", matchCriteriaId: "01FD99C4-BCB1-417E-ADCE-73314AD2E857", versionEndExcluding: "2.2.3.4", versionStartIncluding: "2.2.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_spaces\\:_connector:*:*:*:*:*:*:*:*", matchCriteriaId: "9031BE8A-646A-4581-BDE5-750FB0CE04CB", versionEndExcluding: "2.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*", matchCriteriaId: "15BED3E2-46FF-4E58-8C5D-4D8FE5B0E527", versionEndExcluding: "11.5\\(4\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:enterprise_chat_and_email:*:*:*:*:*:*:*:*", matchCriteriaId: "7C950436-2372-4C4B-9B56-9CB48D843045", versionEndExcluding: "12.0\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0B61F186-D943-4711-B3E0-875BB570B142", versionEndIncluding: "4.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:*:*:*:*:*:*:*:*", matchCriteriaId: "2A285C40-170D-4C95-8031-2C6E4D5FB1D4", versionEndExcluding: "12.6\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "3C0F02B5-AA2A-48B2-AE43-38B45532C563", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:fog_director:-:*:*:*:*:*:*:*", matchCriteriaId: "830BDB28-963F-46C3-8D50-638FDABE7F64", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "54553C65-6BFA-40B1-958D-A4E3289D6B1D", versionEndExcluding: "2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:2.4.0:-:*:*:*:*:*:*", matchCriteriaId: "439948AD-C95D-4FC3-ADD1-C3D241529F12", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*", matchCriteriaId: "9C2002AE-0F3C-4A06-9B9A-F77A9F700EB2", versionEndExcluding: "2.3.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:intersight_virtual_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "596A986D-E7DC-4FC4-A776-6FE87A91D7E4", versionEndExcluding: "1.0.9-361", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:iot_operations_dashboard:-:*:*:*:*:*:*:*", matchCriteriaId: "DD93434E-8E75-469C-B12B-7E2B6EDCAA79", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_assurance_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "78684844-4974-41AD-BBC1-961F60025CD2", versionEndExcluding: "6.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "3A00D235-FC9C-4EB7-A16C-BB0B09802E61", versionEndExcluding: "5.3.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "C60FDD1B-898E-4FCB-BDE2-45A7CBDBAF4F", versionEndExcluding: "5.4.5.2", versionStartIncluding: "5.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "E7A33E5F-BBC7-4917-9C63-900248B546D9", versionEndExcluding: "5.5.4.1", versionStartIncluding: "5.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "12D98A7C-4992-4E58-A6BD-3D8173C8F2B0", versionEndExcluding: "5.6.3.1", versionStartIncluding: "5.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:nexus_dashboard:*:*:*:*:*:*:*:*", matchCriteriaId: "E2DDC1AF-31B5-4F05-B84F-8FD23BE163DA", versionEndExcluding: "2.1.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:nexus_insights:*:*:*:*:*:*:*:*", matchCriteriaId: "A4540CF6-D33E-4D33-8608-11129D6591FA", versionEndExcluding: "6.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:optical_network_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "129A7615-99E7-41F8-8EBC-CEDA10AD89AD", versionEndExcluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:packaged_contact_center_enterprise:*:*:*:*:*:*:*:*", matchCriteriaId: "5F46A7AC-C133-442D-984B-BA278951D0BF", versionEndExcluding: "11.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:packaged_contact_center_enterprise:11.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "A1A75AB6-C3A7-4299-B35A-46A4BCD00816", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:*:*:*:*:*:*:*:*", matchCriteriaId: "0A73E888-C8C2-4AFD-BA60-566D45214BCA", versionEndExcluding: "14.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:prime_service_catalog:*:*:*:*:*:*:*:*", matchCriteriaId: "4B0D0FD0-ABC6-465F-AB8D-FA8788B1B2DD", versionEndExcluding: "12.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "D673F6F7-C42A-4538-96F0-34CB4F0CB080", versionEndExcluding: "20.3.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "FD374819-3CED-4260-90B6-E3C1333EAAD2", versionEndExcluding: "20.4.2.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "D2D89973-94AF-4BE7-8245-275F3FEB30F4", versionEndExcluding: "20.5.1.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "91A9A889-2C2B-4147-8108-C35291761C15", versionEndExcluding: "20.6.2.1", versionStartIncluding: "20.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:*:*:*:*:*:*:*:*", matchCriteriaId: "D0EEA1EC-C63C-4C7D-BFAE-BA4556332242", versionEndExcluding: "3.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central:*:*:*:*:*:*:*:*", matchCriteriaId: "ACE22D97-42FA-4179-99E5-C2EE582DB7FF", versionEndExcluding: "2.0\\(1p\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_director:*:*:*:*:*:*:*:*", matchCriteriaId: "F6B5DB6D-9E7D-4403-8028-D7DA7493716B", versionEndExcluding: "6.8.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:-:*:*:*", matchCriteriaId: "B98D7AD5-0590-43FB-8AC0-376C9C500C15", versionEndExcluding: "11.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*", matchCriteriaId: "D9DA1900-9972-4DFD-BE2E-74DABA1ED9A9", versionEndExcluding: "11.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "42A41C41-A370-4C0E-A49D-AD42B2F3FB5C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:-:*:*:*", matchCriteriaId: "7E958AFF-185D-4D55-B74B-485BEAEC42FD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:session_management:*:*:*", matchCriteriaId: "F770709C-FFB2-4A4E-A2D8-2EAA23F2E87C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su3:*:*:*:*:*:*:*", matchCriteriaId: "B85B81F9-8837-426E-8639-AB0712CD1A96", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:*:*:*:*:*:*:*:*", matchCriteriaId: "C1CCCD27-A247-4720-A2FE-C8ED55D1D0DE", versionEndExcluding: "11.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "34D89C42-AAD9-4B04-9F95-F77681E39553", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:*:*:*:*:*:*:*:*", matchCriteriaId: "897C8893-B0B6-4D6E-8D70-31B421D80B9A", versionEndExcluding: "11.6\\(2\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "91D62A73-21B5-4D16-A07A-69AED2D40CC0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_express:*:*:*:*:*:*:*:*", matchCriteriaId: "B0492049-D3AC-4512-A4BF-C9C26DA72CB0", versionEndExcluding: "12.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:*:*:*:*:*:*:*:*", matchCriteriaId: "3868A8AA-6660-4332-AB0C-089C150D00E7", versionEndExcluding: "11.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:11.6:*:*:*:*:*:*:*", matchCriteriaId: "58BD72D6-4A79-49C9-9652-AB0136A591FA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:12.0:*:*:*:*:*:*:*", matchCriteriaId: "A32761FD-B435-4E51-807C-2B245857F90E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:12.5:*:*:*:*:*:*:*", matchCriteriaId: "154F7F71-53C5-441C-8F5C-0A82CB0DEC43", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*", matchCriteriaId: "65FD3873-2663-4C49-878F-7C65D4B8E455", versionEndExcluding: "11.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:video_surveillance_operations_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0886FB04-24AA-4995-BA53-1E44F94E114E", versionEndExcluding: "7.14.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:virtual_topology_system:*:*:*:*:*:*:*:*", matchCriteriaId: "C61805C1-1F73-462C-A9CA-BB0CA4E57D0B", versionEndExcluding: "2.6.7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5EB39834-0F6D-4BD7-AFEC-DD8BEE46DA50", versionEndExcluding: "3.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0B78DD21-15F2-47A4-8A99-6DB6756920AC", versionEndExcluding: "3.4.4", versionStartIncluding: "3.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:virtualized_voice_browser:*:*:*:*:*:*:*:*", matchCriteriaId: "7C6222EB-36E1-4CD5-BD69-5A921ED5DA6A", versionEndExcluding: "12.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "C200CABD-F91B-49C4-A262-C56370E44B4C", versionEndExcluding: "7.3.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*", matchCriteriaId: "DE22BE9B-374E-43DC-BA91-E3B9699A4C7C", versionEndExcluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:-:*:*:*:*:*:*", matchCriteriaId: "61D1081F-87E8-4E8B-BEBD-0F239E745586", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release1:*:*:*:*:*:*", matchCriteriaId: "8D138973-02B0-4FEC-A646-FF1278DA1EDF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2:*:*:*:*:*:*", matchCriteriaId: "30B55A5B-8C5E-4ECB-9C85-A8A3A3030850", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:*:*:*:*:*:*", matchCriteriaId: "14DBEC10-0641-441C-BE15-8F72C1762DCE", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:-:*:*:*:*:*", matchCriteriaId: "205C1ABA-2A4F-480F-9768-7E3EC43B03F5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch4:*:*:*:*:*:*", matchCriteriaId: "D36FE453-C43F-448B-8A59-668DE95468C0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch5:*:*:*:*:*:*", matchCriteriaId: "E8DF0944-365F-4149-9059-BDFD6B131DC5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_2:*:*:*:*:*:*", matchCriteriaId: "6B37AA08-13C7-4FD0-8402-E344A270C8F7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_3:*:*:*:*:*:*", matchCriteriaId: "2AA56735-5A5E-4D8C-B09D-DBDAC2B5C8E9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release4:*:*:*:*:*:*", matchCriteriaId: "4646849B-8190-4798-833C-F367E28C1881", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*", matchCriteriaId: "4D6CF856-093A-4E89-A71D-50A2887C265B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release1:*:*:*:*:*:*", matchCriteriaId: "B36A9043-0621-43CD-BFCD-66529F937859", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release2:*:*:*:*:*:*", matchCriteriaId: "8842B42E-C412-4356-9F54-DFC53B683D3E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release3:*:*:*:*:*:*", matchCriteriaId: "D25BC647-C569-46E5-AD45-7E315EBEB784", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:workload_optimization_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B468EDA1-CDEF-44D4-9D62-C433CF27F631", versionEndExcluding: "3.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:unified_intelligence_center:*:*:*:*:*:*:*:*", matchCriteriaId: "C90C6CD1-4678-4621-866B-F0CE819C8000", versionEndExcluding: "12.6\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:unified_sip_proxy:*:*:*:*:*:*:*:*", matchCriteriaId: "9E4905E2-2129-469C-8BBD-EDA258815E2B", versionEndExcluding: "10.2.1v2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:unified_workforce_optimization:*:*:*:*:*:*:*:*", matchCriteriaId: "EC86AC6C-7C08-4EB9-A588-A034113E4BB1", versionEndExcluding: "11.5\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fxos:6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "82C8AD48-0130-4C20-ADEC-697668E2293B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:6.3.0:*:*:*:*:*:*:*", matchCriteriaId: "4E75EF7C-8D71-4D70-91F0-74FC99A90CC3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:6.4.0:*:*:*:*:*:*:*", matchCriteriaId: "2DB7EE7D-8CB4-4804-9F9D-F235608E86E1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:6.5.0:*:*:*:*:*:*:*", matchCriteriaId: "77571973-2A94-4E15-AC5B-155679C3C565", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CA405A50-3F31-48ED-9AF1-4B02F5B367DE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:6.7.0:*:*:*:*:*:*:*", matchCriteriaId: "D3753953-04E8-4382-A6EC-CD334DD83CF4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B4A5F89F-1296-4A0F-A36D-082A481F190F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:7.1.0:*:*:*:*:*:*:*", matchCriteriaId: "F50F48AF-44FF-425C-9685-E386F956C901", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:automated_subsea_tuning:02.01.00:*:*:*:*:*:*:*", matchCriteriaId: "A4D28E76-56D4-4C9A-A660-7CD7E0A1AC9F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:broadworks:-:*:*:*:*:*:*:*", matchCriteriaId: "CD975A0E-00A6-475E-9064-1D64E4291499", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite:4.10\\(0.15\\):*:*:*:*:*:*:*", matchCriteriaId: "2E50AC21-DA54-4BC8-A503-1935FD1714C7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite:5.3\\(0\\):*:*:*:*:*:*:*", matchCriteriaId: "4D05E169-4AF1-4127-A917-056EC2CE781B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite:5.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "8AD415A2-422E-4F15-A177-C3696FEAFF0C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(0\\):*:*:*:*:*:*:*", matchCriteriaId: "134443B7-7BA8-4B50-8874-D4BF931BECFD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "73ADF6EA-CD29-4835-8D72-84241D513AFF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.000\\):*:*:*:*:*:*:*", matchCriteriaId: "BAC1A386-04C7-45B2-A883-1CD9AB60C14B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.001\\):*:*:*:*:*:*:*", matchCriteriaId: "3F0F1639-D69E-473A-8926-827CCF73ACC9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.002\\):*:*:*:*:*:*:*", matchCriteriaId: "F4FDF900-E9D6-454A-BF6B-821620CA59F4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.000\\):*:*:*:*:*:*:*", matchCriteriaId: "1859BD43-BA2B-45A5-B523-C6BFD34C7B01", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.001\\):*:*:*:*:*:*:*", matchCriteriaId: "1EBC145C-9A2F-4B76-953E-0F690314511C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.002\\):*:*:*:*:*:*:*", matchCriteriaId: "158B7A53-FEC1-4B42-A1E2-E83E99564B07", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.010\\(000.000\\):*:*:*:*:*:*:*", matchCriteriaId: "3A378971-1A08-4914-B012-8E24DCDEFC68", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.004.000.003:*:*:*:*:*:*:*", matchCriteriaId: "4E5CC012-DC85-481A-B82A-9323C19674DA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.:*:*:*:*:*:*:*", matchCriteriaId: "76CF59ED-685D-46CD-80A2-AEDA4F03FE53", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.000:*:*:*:*:*:*:*", matchCriteriaId: "960B07C0-E205-47E7-B578-46A0AF559D04", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.000.001:*:*:*:*:*:*:*", matchCriteriaId: "A1A194E1-405E-47FA-8CDF-58EB78883ACC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.001.000:*:*:*:*:*:*:*", matchCriteriaId: "2E628231-61FB-40AF-A20B-00F5CB78E63B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.002.000:*:*:*:*:*:*:*", matchCriteriaId: "2EA25E92-2C76-4722-BA06-53F33C0D961C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:7.3:*:*:*:*:*:*:*", matchCriteriaId: "51D2940A-0D03-415B-B72E-1F6862DDAC41", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.000:*:*:*:*:*:*:*", matchCriteriaId: "8B346ADC-00BE-4409-B658-A11351D2A7D4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.001.001:*:*:*:*:*:*:*", matchCriteriaId: "5A0E44A9-C427-493B-868A-8A8DA405E759", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.003:*:*:*:*:*:*:*", matchCriteriaId: "B2B31E7C-0EB3-4996-8859-DF94A3EE20B3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000:*:*:*:*:*:*:*", matchCriteriaId: "3EAB3E03-275F-4942-9396-FC7A22F42C8D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000.000.004:*:*:*:*:*:*:*", matchCriteriaId: "19DAD751-D170-4914-BAB2-6054DFEEF404", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_automation:-:*:*:*:*:*:*:*", matchCriteriaId: "2F429F37-3576-4D8A-9901-359D65EC3CF4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_automation:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F526DEF1-4A3E-4FE1-8153-E9252DAE5B92", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_automation:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "C19679D0-F4DC-4130-AFFD-692E5130531A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_automation:4.1.0:*:*:*:*:*:*:*", matchCriteriaId: "60D2FBF3-D8AB-41F0-B170-9E56FBF7E2F7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_automation:4.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F60324DD-8450-4B14-A7A1-0D5EA5163580", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cx_cloud_agent:001.012:*:*:*:*:*:*:*", matchCriteriaId: "12F6DFD1-273B-4292-A22C-F2BE0DD3FB3F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cyber_vision:4.0.2:*:*:*:*:*:*:*", matchCriteriaId: "13EA024C-97A4-4D33-BC3E-51DB77C51E76", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:4.0.2:*:*:*:*:*:*:*", matchCriteriaId: "85289E35-C7C2-46D0-9BDC-10648DD2C86F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_center:2.2.2.8:*:*:*:*:*:*:*", matchCriteriaId: "17282822-C082-4FBC-B46D-468DCF8EF6B8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_spaces:-:*:*:*:*:*:*:*", matchCriteriaId: "F5463DA6-5D44-4C32-B46C-E8A2ADD7646B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_spaces_connector:-:*:*:*:*:*:*:*", matchCriteriaId: "54A237CF-A439-4114-AF81-D75582F29573", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:emergency_responder:11.5:*:*:*:*:*:*:*", matchCriteriaId: "A37D19BF-E4F5-4AF4-8942-0C3B62C4BF2B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:emergency_responder:11.5\\(4.65000.14\\):*:*:*:*:*:*:*", matchCriteriaId: "EF25688B-6659-4C7C-866D-79AA1166AD7A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:emergency_responder:11.5\\(4.66000.14\\):*:*:*:*:*:*:*", matchCriteriaId: "47B70741-90D9-4676-BF16-8A21E147F532", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:enterprise_chat_and_email:12.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "ED862A1B-E558-4D44-839C-270488E735BB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:enterprise_chat_and_email:12.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2678AF98-1194-4810-9933-5BA50E409F88", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:enterprise_chat_and_email:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "37E7DEBD-9E47-4D08-86BC-D1B013450A98", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:*:*:*:*:*:*:*", matchCriteriaId: "1A935862-18F7-45FE-B647-1A9BA454E304", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:*:*:*:*:*:*:*", matchCriteriaId: "69594997-2568-4C10-A411-69A50BFD175F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:*:*:*:*:*:*:*", matchCriteriaId: "1EC39E2D-C47B-4311-BC7B-130D432549F4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:*:*:*:*:*:*:*", matchCriteriaId: "EE5E6CBE-D82C-4001-87CB-73DF526F0AB1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:*:*:*:*:*:*:*", matchCriteriaId: "460E6456-0E51-45BC-868E-DEEA5E3CD366", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:*:*:*:*:*:*:*", matchCriteriaId: "F7F58659-A318-42A0-83C5-8F09FCD78982", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su1:*:*:*:*:*:*", matchCriteriaId: "D8A49E46-8501-4697-A17A-249A7D9F5A0B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su2:*:*:*:*:*:*", matchCriteriaId: "5D81E7A9-0C2B-4603-91F0-ABF2380DBBA3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.6\\(1\\):-:*:*:*:*:*:*", matchCriteriaId: "4DFCE723-9359-40C7-BA35-B71BDF8E3CF3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es01:*:*:*:*:*:*", matchCriteriaId: "28B1524E-FDCA-4570-86DD-CE396271B232", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es02:*:*:*:*:*:*", matchCriteriaId: "74DC6F28-BFEF-4D89-93D5-10072DAC39C8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es03:*:*:*:*:*:*", matchCriteriaId: "BA1D60D7-1B4A-4EEE-A26C-389D9271E005", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "1D726F07-06F1-4B0A-B010-E607E0C2A280", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0:*:*:*:*:*:*:*", matchCriteriaId: "3ED58B0E-FCC7-48E3-A5C0-6CC54A38BAE3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*", matchCriteriaId: "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0:*:*:*:*:*:*:*", matchCriteriaId: "41E168ED-D664-4749-805E-77644407EAFE", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "DCD69468-8067-4A5D-B2B0-EC510D889AA0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*", matchCriteriaId: "85F22403-B4EE-4303-9C94-915D3E0AC944", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BBCA75A6-0A3E-4393-8884-9F3CE190641E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*", matchCriteriaId: "D619BF54-1BA9-45D0-A876-92D7010088A0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:002.004\\(000.914\\):-:*:*:*:*:*:*", matchCriteriaId: "808F8065-BD3A-4802-83F9-CE132EDB8D34", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:002.006\\(000.156\\):-:*:*:*:*:*:*", matchCriteriaId: "B236B13E-93B9-424E-926C-95D3DBC6CA5D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:002.007\\(000.356\\):-:*:*:*:*:*:*", matchCriteriaId: "8A63CC83-0A6E-4F33-A1BE-214A33B51518", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:003.000\\(000.458\\):-:*:*:*:*:*:*", matchCriteriaId: "37DB7759-6529-46DE-B384-10F060D86A97", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:003.001\\(000.518\\):-:*:*:*:*:*:*", matchCriteriaId: "8C640AD9-146E-488A-B166-A6BB940F97D3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:003.002\\(000.116\\):-:*:*:*:*:*:*", matchCriteriaId: "DAC1FA7E-CB1B-46E5-A248-ABACECFBD6E8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:integrated_management_controller_supervisor:002.003\\(002.000\\):*:*:*:*:*:*:*", matchCriteriaId: "7C3BD5AF-9FC1-494B-A676-CC3D4B8EAC8D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.3.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F477CACA-2AA0-417C-830D-F2D3AE93153A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:intersight_virtual_appliance:1.0.9-343:*:*:*:*:*:*:*", matchCriteriaId: "7E3BE5E1-A6B6-46C7-B93B-8A9F5AEA2731", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:mobility_services_engine:-:*:*:*:*:*:*:*", matchCriteriaId: "04E0BB7B-0716-4DBD-89B9-BA11AAD77C00", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_assurance_engine:6.0\\(2.1912\\):*:*:*:*:*:*:*", matchCriteriaId: "64C98A76-0C31-45E7-882B-35AE0D2C5430", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "379F8D86-BE87-4250-9E85-494D331A0398", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "71F69E51-E59D-4AE3-B242-D6D2CFDB3F46", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "578DA613-8E15-4748-A4B7-646415449609", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "544EFAD6-CE2F-4E1D-9A00-043454B72889", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2E16DF9C-3B64-4220-82B6-6E20C7807BAA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B9CD5B8A-9846-48F1-9495-77081E44CBFC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "68E6CD49-6F71-4E17-B046-FBE91CE91CB7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "0BDD8018-7E77-4C89-917E-ACDC678A7DE2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_insights_for_data_center:6.0\\(2.1914\\):*:*:*:*:*:*:*", matchCriteriaId: "A7D39156-A47D-405E-8C02-CAE7D637F99A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:-:*:*:*:*:*:*:*", matchCriteriaId: "5426FC59-411D-4963-AFEF-5B55F68B8958", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:optical_network_controller:1.1:*:*:*:*:*:*:*", matchCriteriaId: "810E9A92-4302-4396-94D3-3003947DB2A7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:8.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "522C36A5-7520-4368-BD92-9AB577756493", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:8.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "CB2EC4BE-FFAF-4605-8A96-2FEF35975540", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:8.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "CA1D3C2A-E5FA-400C-AC01-27A3E5160477", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:9.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "63B27050-997B-4D54-8E5A-CE9E33904318", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:9.0\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "5ABF05B8-1B8A-4CCF-A1AD-D8602A247718", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:9.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2F74580D-0011-4ED9-9A00-B4CDB6685154", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:12.5\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "17A3C22E-1980-49B6-8985-9FA76A77A836", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:14.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B1AB42DC-CE58-448A-A6B5-56F31B15F4A0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:prime_service_catalog:12.1:*:*:*:*:*:*:*", matchCriteriaId: "9DC32B55-0C76-4669-8EAD-DCC16355E887", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.3:*:*:*:*:*:*:*", matchCriteriaId: "6CDA737F-337E-4C30-B68D-EF908A8D6840", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.4:*:*:*:*:*:*:*", matchCriteriaId: "9DC5A89C-CCCF-49EC-B4FC-AB98ACB79233", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.5:*:*:*:*:*:*:*", matchCriteriaId: "4BA4F513-CBA1-4523-978B-D498CEDAE0CF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.6:*:*:*:*:*:*:*", matchCriteriaId: "6C53C6FD-B98E-4F7E-BA4D-391C90CF9E83", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.6.1:*:*:*:*:*:*:*", matchCriteriaId: "D00F6719-2C73-4D8D-8505-B9922E8A4627", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.7:*:*:*:*:*:*:*", matchCriteriaId: "EFE9210F-39C5-4828-9608-6905C1D378D4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.8:*:*:*:*:*:*:*", matchCriteriaId: "A1CEDCE4-CFD1-434B-B157-D63329CBA24A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:3.1.2:*:*:*:*:*:*:*", matchCriteriaId: "33660EB8-2984-4258-B8AD-141B7065C85E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:3.1.3:*:*:*:*:*:*:*", matchCriteriaId: "0ACA346D-5103-47F0-8BD9-7A8AD9B92E98", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:3.1.4:*:*:*:*:*:*:*", matchCriteriaId: "A38BDF03-23C8-4BB6-A44D-68818962E7CB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:3.1.5:*:*:*:*:*:*:*", matchCriteriaId: "3104C099-FEDA-466B-93CC-D55F058F7CD3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:3.2.1:*:*:*:*:*:*:*", matchCriteriaId: "890EA1C7-5990-4C71-857F-197E6F5B4089", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:21.3:*:*:*:*:*:*:*", matchCriteriaId: "56F21CF4-83FE-4529-9871-0FDD70D3095E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0:*:*:*:*:*:*:*", matchCriteriaId: "B9331834-9EAD-46A1-9BD4-F4027E49D0C3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "0E707E44-12CD-46C3-9124-639D0265432E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "2FEE8482-DB64-4421-B646-9E5F560D1712", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "4385CE6E-6283-4621-BBD9-8E66E2A34843", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "9A6CDBD4-889B-442D-B272-C8E9A1B6AEC0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "FF1E59F9-CF4F-4EFB-872C-5F503A04CCF4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1f\\):*:*:*:*:*:*:*", matchCriteriaId: "1782219F-0C3D-45B7-80C7-D1DAA70D90B1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1g\\):*:*:*:*:*:*:*", matchCriteriaId: "DDAB3BAD-1EC6-4101-A58D-42DA48D04D0C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "8F7AA674-6BC2-490F-8D8A-F575B11F4BE0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "6945C4DE-C070-453E-B641-2F5B9CFA3B6D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "DAB8C7C0-D09B-4232-A88E-57D25AF45457", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.17900.52\\):*:*:*:*:*:*:*", matchCriteriaId: "ACEDB7B4-EBD4-4A37-9EE3-07EE3B46BE44", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18119.2\\):*:*:*:*:*:*:*", matchCriteriaId: "820D579C-AA45-4DC1-945A-748FFCD51CA2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18900.97\\):*:*:*:*:*:*:*", matchCriteriaId: "7B23A9A6-CD04-4D76-BE3F-AFAFBB525F5E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.21900.40\\):*:*:*:*:*:*:*", matchCriteriaId: "A44E6007-7A3A-4AD3-9A65-246C59B73FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.22900.28\\):*:*:*:*:*:*:*", matchCriteriaId: "3D508E51-4075-4E34-BB7C-65AF9D56B49F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager_im_\\&_presence_service:11.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "376D06D5-D68E-4FF0-97E5-CBA2165A05CF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager_im_\\&_presence_service:11.5\\(1.22900.6\\):*:*:*:*:*:*:*", matchCriteriaId: "18ED6B8F-2064-4BBA-A78D-4408F13C724D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_computing_system:006.008\\(001.000\\):*:*:*:*:*:*:*", matchCriteriaId: "94091FE3-AB88-4CF5-8C4C-77B349E716A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "91D62A73-21B5-4D16-A07A-69AED2D40CC0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "53F1314A-9A2C-43DC-8203-E4654EF013CC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0ADE468B-8F0C-490D-BB4C-358D947BA8E4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "32FEE78D-309E-491D-9AB6-98005F1CBF49", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "878D9901-675D-4444-B094-0BA505E7433F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):-:*:*:*:*:*:*", matchCriteriaId: "66E25EE4-AB7B-42BF-A703-0C2E83E83577", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):su1:*:*:*:*:*:*", matchCriteriaId: "D8F35520-F04A-4863-A1BC-0EDD2D1804F7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "EF9855FD-7747-4D9E-9542-703B1EC9A382", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "E07AF386-D8A5-44F5-A418-940C9F88A36A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_management_portal:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "113C77DA-AC22-4D67-9812-8510EFC0A95F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:11.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4BE221AB-A3B0-4CFF-9BC0-777773C2EF63", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:12.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "15941265-1E7E-4C3E-AF1D-027C5E0D3141", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:12.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "54AA2B0C-92A1-4B53-88D7-6E31120F5041", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F9BD7207-85FB-4484-8720-4D11F296AC10", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):-:*:*:*:*:*:*", matchCriteriaId: "62E009C4-BE3E-4A14-91EF-8F667B2220A7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es01:*:*:*:*:*:*", matchCriteriaId: "088512E1-434D-4685-992E-192A98ECAD9A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es02:*:*:*:*:*:*", matchCriteriaId: "50A7BBC6-077C-4182-AA7A-577C4AAC3CD8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(2\\):-:*:*:*:*:*:*", matchCriteriaId: "E0536F45-3A49-4F93-942E-AF679DFC7017", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(000\\):*:*:*:*:*:*:*", matchCriteriaId: "3D54794B-6CD5-46D7-B9E9-62A642143562", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(001\\):*:*:*:*:*:*:*", matchCriteriaId: "BE844DCA-FF52-43F5-BDD9-836A812A8CFF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(000\\):*:*:*:*:*:*:*", matchCriteriaId: "07B261EB-CA63-4796-BD15-A6770FD68B34", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(001\\):*:*:*:*:*:*:*", matchCriteriaId: "29F9067A-B86C-4A6B-ACB7-DB125E04B795", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_workforce_optimization:11.5\\(1\\):sr7:*:*:*:*:*:*", matchCriteriaId: "FAC4CC92-8BA0-4D96-9C48-5E311CDED53F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unity_connection:11.5:*:*:*:*:*:*:*", matchCriteriaId: "8F2437A5-217A-4CD1-9B72-A31BDDC81F42", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unity_connection:11.5\\(1.10000.6\\):*:*:*:*:*:*:*", matchCriteriaId: "9C3CFF0D-BD70-4353-AE2F-6C55F8DE56A2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(1.26\\):*:*:*:*:*:*:*", matchCriteriaId: "2CE47760-0E71-4FCA-97D1-CF0BB71CAC17", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(2.26\\):*:*:*:*:*:*:*", matchCriteriaId: "89B2D4F5-CB86-4B25-8C14-CED59E8A3F22", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(3.025\\):*:*:*:*:*:*:*", matchCriteriaId: "B150B636-6267-4504-940F-DC37ABEFB082", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(4.018\\):*:*:*:*:*:*:*", matchCriteriaId: "D00B9911-A7CA-467E-B7A3-3AF31828D5D9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:virtual_topology_system:2.6.6:*:*:*:*:*:*:*", matchCriteriaId: "B67C08C3-412F-4B7F-B98C-EEAEE77CBE4B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.1.3:*:*:*:*:*:*:*", matchCriteriaId: "6D428C9B-53E1-4D26-BB4D-57FDE02FA613", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "CDB41596-FACF-440A-BB6C-8CAD792EC186", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "D8C88EE2-5702-4E8B-A144-CB485435FD62", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.2.3:*:*:*:*:*:*:*", matchCriteriaId: "1BC62844-C608-4DB1-A1AD-C1B55128C560", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.3:*:*:*:*:*:*:*", matchCriteriaId: "EFF2FFA4-358A-4F33-BC67-A9EF8A30714E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.4:*:*:*:*:*:*:*", matchCriteriaId: "53C0BBDE-795E-4754-BB96-4D6D4B5A804F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.5:*:*:*:*:*:*:*", matchCriteriaId: "7A41E377-16F9-423F-8DC2-F6EDD54E1069", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.6:*:*:*:*:*:*:*", matchCriteriaId: "F0C2789E-255B-45D9-9469-B5B549A01F53", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:*:*:*:*:*:*:*", matchCriteriaId: "EFAFEC61-2128-4BFA-992D-54742BD4911A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F12AF70E-2201-4F5D-A929-A1A057B74252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:snowsoftware:snow_commander:*:*:*:*:*:*:*:*", matchCriteriaId: "A2CBCDC4-02DF-47F4-A01C-7CBCB2FF0163", versionEndExcluding: "8.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:snowsoftware:vm_access_proxy:*:*:*:*:*:*:*:*", matchCriteriaId: "C42D44C8-9894-4183-969B-B38FDA1FEDF9", versionEndExcluding: "3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:bentley:synchro:*:*:*:*:pro:*:*:*", matchCriteriaId: "452D8730-F273-4AB4-9221-E82EC2CAAFD8", versionEndExcluding: "6.2.4.2", versionStartIncluding: "6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:bentley:synchro_4d:*:*:*:*:pro:*:*:*", matchCriteriaId: "F2EF5054-EECB-4489-B27A-AACB96B25B97", versionEndExcluding: "6.4.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:percussion:rhythmyx:*:*:*:*:*:*:*:*", matchCriteriaId: "16E0A04D-30BE-4AB3-85A1-13AF614C425C", versionEndIncluding: "7.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", matchCriteriaId: "E0755E91-2F36-4EC3-8727-E8BF0427E663", versionEndExcluding: "13.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.", }, { lang: "es", value: "Las características JNDI de Apache Log4j2 2.0-beta9 hasta 2.15.0 (excluyendo las versiones de seguridad 2.12.2, 2.12.3 y 2.3.1) utilizadas en la configuración, los mensajes de registro y los parámetros no protegen contra LDAP controlado por un atacante y otros puntos finales relacionados con JNDI. Un atacante que pueda controlar los mensajes de registro o los parámetros de los mensajes de registro puede ejecutar código arbitrario cargado desde servidores LDAP cuando la sustitución de la búsqueda de mensajes está habilitada. A partir de la versión 2.15.0 de log4j, este comportamiento ha sido deshabilitado por defecto. A partir de la versión 2.16.0 (junto con las versiones 2.12.2, 2.12.3 y 2.3.1), esta funcionalidad se ha eliminado por completo. Tenga en cuenta que esta vulnerabilidad es específica de log4j-core y no afecta a log4net, log4cxx u otros proyectos de Apache Logging Services", }, ], id: "CVE-2021-44228", lastModified: "2025-04-03T20:53:22.977", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2021-12-10T10:15:09.143", references: [ { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", "Broken Link", ], url: "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Dec/2", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Jul/11", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Mar/23", }, { source: "security@apache.org", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/1", }, { source: "security@apache.org", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/2", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/3", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/1", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/2", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/14/4", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/15/3", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://github.com/cisagov/log4j-affected-db", }, { source: "security@apache.org", tags: [ "Broken Link", "Product", "US Government Resource", ], url: "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html", }, { source: "security@apache.org", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/", }, { source: "security@apache.org", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/", }, { source: "security@apache.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://logging.apache.org/log4j/2.x/security.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", "Vendor Advisory", ], url: "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211210-0007/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213189", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Broken Link", "Exploit", "Third Party Advisory", ], url: "https://twitter.com/kurtseifried/status/1469345530182455296", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5020", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", "Broken Link", ], url: "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Dec/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Jul/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Mar/23", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/14/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/15/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/cisagov/log4j-affected-db", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Product", "US Government Resource", ], url: "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://logging.apache.org/log4j/2.x/security.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "Vendor Advisory", ], url: "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211210-0007/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213189", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Exploit", "Third Party Advisory", ], url: "https://twitter.com/kurtseifried/status/1469345530182455296", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5020", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, { lang: "en", value: "CWE-400", }, { lang: "en", value: "CWE-502", }, ], source: "security@apache.org", type: "Primary", }, { description: [ { lang: "en", value: "CWE-917", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-23 19:15
Modified
2024-11-21 07:40
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files.
The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:firepower_extensible_operating_system:-:*:*:*:*:*:*:*", matchCriteriaId: "AA31612B-EF1E-4676-8423-285C2125C0CB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "E6F79864-CA70-4192-AC2C-E174DF3F25B2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1020:-:*:*:*:*:*:*:*", matchCriteriaId: "EA8B5AF8-6A57-482A-9442-E857EE7E207B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1030:-:*:*:*:*:*:*:*", matchCriteriaId: "A9929280-2AAC-4B56-A42C-1F6EDE83988E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1040:-:*:*:*:*:*:*:*", matchCriteriaId: "F29B6BC3-D716-4A3D-9679-B7BE81F719C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*", matchCriteriaId: "D23A26EF-5B43-437C-A962-4FC69D8A0FF4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*", matchCriteriaId: "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110_next-generation_firewall:-:*:*:*:*:*:*:*", matchCriteriaId: "2CC4B991-7160-4C32-9A8E-778602FDE349", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120_next-generation_firewall:-:*:*:*:*:*:*:*", matchCriteriaId: "9DB5299D-3948-474C-B977-8FD2A849945D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140_next-generation_firewall:-:*:*:*:*:*:*:*", matchCriteriaId: "161EEC9B-419D-4C88-B546-04931D0037E7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150_next-generation_firewall:-:*:*:*:*:*:*:*", matchCriteriaId: "CDEAEC97-05AC-4E8B-A9A5-14800AAF1EB8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*", matchCriteriaId: "18048A84-BA0F-48EF-AFFB-635FF7F70C66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*", matchCriteriaId: "317DF3DD-C7CD-4CA2-804F-A738E048BEB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*", matchCriteriaId: "C13CF29B-9308-452B-B7E0-9E818B5A6C1E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB527C2-855E-4BB9-BCA7-94BE86100D44", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "E82C1B05-990D-49D2-B80A-C3EDD4082840", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*", matchCriteriaId: "421D91C3-8AB3-45E1-9E55-13ED1A4A623E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*", matchCriteriaId: "2D741945-8B0A-408D-A5FE-D5B38DC6D46A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9308CA67-E949-4338-A890-22B3C4428D70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F3C6CC11-470A-47A4-AAF5-D5580FB78562", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:*:*:*:*:*:*:*", matchCriteriaId: "AA4A2B35-5106-4F43-835A-7F97D2324373", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F7F452-9294-4445-A344-1A76B277C45D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_module:-:*:*:*:*:*:*:*", matchCriteriaId: "3EA604D8-76C0-40B9-8675-02BEEA18E432", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:secure_firewall_3105:-:*:*:*:*:*:*:*", matchCriteriaId: "A5D9FDF8-13BF-425F-9802-1A334065D7C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:secure_firewall_3110:-:*:*:*:*:*:*:*", matchCriteriaId: "87403E0F-659C-4C5B-863D-0274D2828A9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:secure_firewall_3120:-:*:*:*:*:*:*:*", matchCriteriaId: "73D24C57-2311-48E9-879E-124472E98F6F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:secure_firewall_3130:-:*:*:*:*:*:*:*", matchCriteriaId: "BE02D38A-5354-47E6-A46F-06D53F14F5A8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:secure_firewall_3140:-:*:*:*:*:*:*:*", matchCriteriaId: "F191A423-DB18-4F3A-9D31-C3DD8F185C88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files.\r\n\r The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability.", }, ], id: "CVE-2023-20234", lastModified: "2024-11-21T07:40:57.383", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-08-23T19:15:08.277", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-73", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-732", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-04 03:15
Modified
2024-11-21 05:31
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer overflow condition. The vulnerability is due to incorrect bounds checking of values that are parsed from a specific file. An attacker could exploit this vulnerability by supplying a crafted file that, when it is processed, may cause a stack-based buffer overflow. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system with root privileges. An attacker would need to have valid administrative credentials to exploit this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4112 | - | |
| cisco | firepower_4115 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4125 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4145 | - | |
| cisco | firepower_4150 | - | |
| cisco | firepower_9300 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "D8AE065A-F2A7-43E0-97ED-75232A9D2E2A", versionEndIncluding: "2.3.1.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer overflow condition. The vulnerability is due to incorrect bounds checking of values that are parsed from a specific file. An attacker could exploit this vulnerability by supplying a crafted file that, when it is processed, may cause a stack-based buffer overflow. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system with root privileges. An attacker would need to have valid administrative credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en Cisco FXOS Software podría permitir a un atacante local autenticado con credenciales administrativas causar una condición de desbordamiento del búfer. La vulnerabilidad es debido a una comprobación incorrecta de límites de los valores que son analizados desde un archivo específico. Un atacante podría explotar esta vulnerabilidad al suministrar un archivo diseñado que, cuando es procesado, puede causar un desbordamiento del búfer en la región stack de la memoria. Una explotación con éxito podría permitir al atacante ejecutar código arbitrario en el sistema operativo subyacente con privilegios root. Un atacante necesitaría tener credenciales administrativas válidas para explotar esta vulnerabilidad", }, ], id: "CVE-2020-3545", lastModified: "2024-11-21T05:31:17.093", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.2, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-04T03:15:11.043", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-buffer-cSdmfWUt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-buffer-cSdmfWUt", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-26 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "D19586BF-E7B0-4805-82C9-301648FC237F", versionEndExcluding: "2.6.1.187", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "A19CF844-DCAA-46DD-95FC-1BC200E7DE91", versionEndExcluding: "2.7.1.106", versionStartIncluding: "2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EE704FC9-DFEF-48DD-A0D5-919FAF856C6F", versionEndExcluding: "3.2\\(3n\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5C79BC0D-B86C-452B-B6CA-F93E938B707F", versionEndExcluding: "4.0\\(4g\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.2\\):*:*:*:*:hyper-v:*:*", matchCriteriaId: "8CA8CB21-FCD6-43B6-A1F5-904A08351887", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.2\\):*:*:*:*:vsphere:*:*", matchCriteriaId: "B8D38023-2A8F-4A26-AC91-9F76A248872D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*", matchCriteriaId: "7E705638-8D0A-40D6-9A51-4FDB6C03F71E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:*:*:*", matchCriteriaId: "882D7344-E38B-4F44-8CDE-1CCA827F28BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AF1257BF-D534-4899-937F-DCBD033A7D94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(0.140\\):*:*:*:*:*:*:*", matchCriteriaId: "6AB0B748-003C-471F-A911-9DD3079FA250", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(0.146\\):*:*:*:*:*:*:*", matchCriteriaId: "8ED46E9E-2851-4154-9862-E24EDB58AA9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i3\\(0.191\\):*:*:*:*:*:*:*", matchCriteriaId: "306FA9EB-4D35-456D-9EE3-DA1701E431CC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(7.230\\):*:*:*:*:*:*:*", matchCriteriaId: "F92C2920-1313-4141-B460-7FE50D092D01", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "D8BA2854-BE27-45F8-AF6E-CF6C474CF15B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad Cisco Discovery Protocol de Cisco FXOS Software y Cisco NX-OS Software, podría permitir a un atacante adyacente no autenticado ejecutar código arbitrario como root o causar una condición de denegación de servicio (DoS) sobre un dispositivo afectado. La vulnerabilidad se presenta debido a encabezados de paquetes de Cisco Discovery Protocol comprobados insuficiente. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete de Cisco Discovery Protocol diseñado para un dispositivo afectado adyacente de Capa 2. Una explotación con éxito podría permitir al atacante causar un desbordamiento del búfer que podría permitirle ejecutar código arbitrario como root o causar una condición de DoS sobre el dispositivo afectado. Nota: Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe estar en el mismo dominio de difusión que el dispositivo afectado (Capa 2 adyacente). Nota: Esta vulnerabilidad es diferente de las siguientes vulnerabilidades de Cisco Discovery Protocol de Cisco FXOS and NX-OS Software que Cisco anunció el 5 de febrero de 2020: Vulnerabilidad de Denegación de Servicio de Cisco Discovery Protocol de Cisco FXOS, IOS XR y NX-OS Software y Vulnerabilidad de Ejecución de Código Remota de Cisco Discovery Protocol de Cisco NX-OS Software.", }, ], id: "CVE-2020-3172", lastModified: "2024-11-21T05:30:28.670", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-26T17:15:13.343", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-24 20:15
Modified
2024-11-21 05:44
Severity ?
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(3.108\\):*:*:*:*:*:*:*", matchCriteriaId: "1300F966-42F4-4F29-86C6-A11038B17D8B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(3.117\\):*:*:*:*:*:*:*", matchCriteriaId: "D6A2FFB0-D207-4682-AF8E-EE65812FE889", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1BEB5BAE-0BB6-4201-9229-47DE631AAF3A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "4C1BC928-7DB9-499A-8CF4-90C98218E9D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "2A2F42DB-B22B-4880-BA73-D0E0295190DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*", matchCriteriaId: "29B34855-D8D2-4114-80D2-A4D159C62458", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*", matchCriteriaId: "FFB9FDE8-8533-4F65-BF32-4066D042B2F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5F1127D2-12C0-454F-91EF-5EE334070D06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(8\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0E8D1718-F6B6-4AF6-86EE-0DFF5C6F5AEF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(9\\)n1\\(0.823\\):*:*:*:*:*:*:*", matchCriteriaId: "2C25D897-0A4D-4FE8-864A-668CDC229CE1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*", matchCriteriaId: "367C2A49-4C4D-471B-9B34-AFAFA5AE9503", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:unified_computing_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9EF9A844-F4E9-4EBD-A704-CE55BCC7A636", versionEndExcluding: "4.0\\(4i\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_computing_system:*:*:*:*:*:*:*:*", matchCriteriaId: "3721CBFD-3C90-4454-ACB0-57658D848DAE", versionEndExcluding: "4.1\\(2c\\)", versionStartIncluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:r231:*:*:*:*:*:*:*", matchCriteriaId: "EC52EFF8-C5A8-4530-B3F5-03BCC023D6AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad Unidirectional Link Detection (UDLD) del Software Cisco FXOS y el Software Cisco NX-OS, podría permitir a un atacante adyacente no autenticado ejecutar código arbitrario con privilegios administrativos o causar una condición de denegación de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a una comprobación de entrada insuficiente. Un atacante podría explotar esta vulnerabilidad mediante el envío de paquetes de protocolo Cisco UDLD diseñados a un dispositivo afectado directamente conectado. Una explotación con éxito podría permitir al atacante ejecutar código arbitrario con privilegios administrativos o hacer que el proceso de UDLD de Cisco se bloquee y se reinicie varias veces, causando que el dispositivo afectado se recargue y resulte en una condición de DoS. Nota: La función UDLD está deshabilitada por defecto y las condiciones para explotar esta vulnerabilidad son estrictas. El atacante necesita el control total de un dispositivo conectado directamente. Ese dispositivo debe estar conectado a través de un canal de puerto que tenga UDLD habilitado. Para activar la ejecución de código arbitraria, deben existir tanto el canal de puerto habilitado para UDLD como las condiciones específicas del sistema. En ausencia del canal de puerto habilitado para UDLD o de las condiciones del sistema, los intentos de explotar esta vulnerabilidad resultarán en una condición de DoS. Es posible, pero muy poco probable, que un atacante pueda controlar las condiciones necesarias para la explotación. La puntuación CVSS refleja esta posibilidad. Sin embargo, dada la complejidad de la explotación, Cisco ha asignado una calificación de impacto de seguridad media (SIR) a esta vulnerabilidad", }, ], id: "CVE-2021-1368", lastModified: "2024-11-21T05:44:11.723", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4.9, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 4.4, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-24T20:15:13.473", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "psirt@cisco.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could exploit this vulnerability by exceeding the expected length of user input. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61099, CSCvb86743.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 3.1\(1k\)a | |
| cisco | ucs_6120xp | - | |
| cisco | ucs_6140xp | - | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6324 | - | |
| cisco | ucs_6332 | - | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4150 | - | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_9300_security_appliance | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:3.1\\(1k\\)a:*:*:*:*:*:*:*", matchCriteriaId: "0EA36065-8E6E-4B44-9275-6E66D764E752", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*", matchCriteriaId: "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*", matchCriteriaId: "C0246716-64E9-4CCA-9546-A3A40D375E95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "63CFEFD0-F2F2-4220-903C-A11446902C4D", versionEndExcluding: "1.1.4.169", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "2695D838-79D5-4C2F-8B41-0900AABAAE48", versionEndExcluding: "2.0.1.135", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "63CFEFD0-F2F2-4220-903C-A11446902C4D", versionEndExcluding: "1.1.4.169", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "2695D838-79D5-4C2F-8B41-0900AABAAE48", versionEndExcluding: "2.0.1.135", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could exploit this vulnerability by exceeding the expected length of user input. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61099, CSCvb86743.", }, { lang: "es", value: "Una vulnerabilidad en el analizador de la interfaz de línea de comandos de Cisco FXOS y Cisco UCS Fabric Interconnect Software podría permitir que un atacante local autenticado provoque un desbordamiento de búfer en un sistema afectado. Esta vulnerabilidad se debe a la validación de entradas incorrecta en el subsistema del analizador de la interfaz de línea de comandos. Un atacante podría explotar esta vulnerabilidad sobrepasando la longitud esperada de la entrada de usuario. Su explotación con éxito podría permitir que el atacante ejecute código arbitrario con privilegios root en el sistema afectado. Esta vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61099, CSCvb86743.", }, ], id: "CVE-2018-0302", lastModified: "2024-11-21T03:37:56.007", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-21T11:29:00.367", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-ace", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-ace", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4112 | - | |
| cisco | firepower_4115 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4125 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4145 | - | |
| cisco | firepower_4150 | - | |
| cisco | firepower_9300 | - | |
| cisco | nx-os | 6.0\(2\)a3\(1\) | |
| cisco | nx-os | 6.0\(2\)a3\(2\) | |
| cisco | nx-os | 6.0\(2\)a3\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(1\) | |
| cisco | nx-os | 6.0\(2\)a4\(2\) | |
| cisco | nx-os | 6.0\(2\)a4\(3\) | |
| cisco | nx-os | 6.0\(2\)a4\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(5\) | |
| cisco | nx-os | 6.0\(2\)a4\(6\) | |
| cisco | nx-os | 6.0\(2\)a6\(1\) | |
| cisco | nx-os | 6.0\(2\)a6\(1a\) | |
| cisco | nx-os | 6.0\(2\)a6\(2\) | |
| cisco | nx-os | 6.0\(2\)a6\(2a\) | |
| cisco | nx-os | 6.0\(2\)a6\(3\) | |
| cisco | nx-os | 6.0\(2\)a6\(3a\) | |
| cisco | nx-os | 6.0\(2\)a6\(4\) | |
| cisco | nx-os | 6.0\(2\)a6\(4a\) | |
| cisco | nx-os | 6.0\(2\)a6\(5\) | |
| cisco | nx-os | 6.0\(2\)a6\(5a\) | |
| cisco | nx-os | 6.0\(2\)a6\(5b\) | |
| cisco | nx-os | 6.0\(2\)a6\(6\) | |
| cisco | nx-os | 6.0\(2\)a6\(7\) | |
| cisco | nx-os | 6.0\(2\)a6\(8\) | |
| cisco | nx-os | 6.0\(2\)a7\(1\) | |
| cisco | nx-os | 6.0\(2\)a7\(1a\) | |
| cisco | nx-os | 6.0\(2\)a7\(2\) | |
| cisco | nx-os | 6.0\(2\)a7\(2a\) | |
| cisco | nx-os | 6.0\(2\)a8 | |
| cisco | nx-os | 6.0\(2\)a8\(1\) | |
| cisco | nx-os | 6.0\(2\)a8\(2\) | |
| cisco | nx-os | 6.0\(2\)a8\(3\) | |
| cisco | nx-os | 6.0\(2\)a8\(4\) | |
| cisco | nx-os | 6.0\(2\)a8\(4a\) | |
| cisco | nx-os | 6.0\(2\)a8\(5\) | |
| cisco | nx-os | 6.0\(2\)a8\(6\) | |
| cisco | nx-os | 6.0\(2\)a8\(6.213\) | |
| cisco | nx-os | 6.0\(2\)a8\(7\) | |
| cisco | nx-os | 6.0\(2\)a8\(7a\) | |
| cisco | nx-os | 6.0\(2\)a8\(7b\) | |
| cisco | nx-os | 6.0\(2\)a8\(8\) | |
| cisco | nx-os | 6.0\(2\)a8\(9\) | |
| cisco | nx-os | 6.0\(2\)a8\(9.7\) | |
| cisco | nx-os | 6.0\(2\)a8\(10\) | |
| cisco | nx-os | 6.0\(2\)a8\(10a\) | |
| cisco | nx-os | 6.0\(2\)a8\(11\) | |
| cisco | nx-os | 6.0\(2\)a8\(11a\) | |
| cisco | nx-os | 6.0\(2\)a8\(11b\) | |
| cisco | nx-os | 6.0\(2\)u2\(1\) | |
| cisco | nx-os | 6.0\(2\)u2\(2\) | |
| cisco | nx-os | 6.0\(2\)u2\(3\) | |
| cisco | nx-os | 6.0\(2\)u2\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(5\) | |
| cisco | nx-os | 6.0\(2\)u2\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(1\) | |
| cisco | nx-os | 6.0\(2\)u3\(2\) | |
| cisco | nx-os | 6.0\(2\)u3\(3\) | |
| cisco | nx-os | 6.0\(2\)u3\(4\) | |
| cisco | nx-os | 6.0\(2\)u3\(5\) | |
| cisco | nx-os | 6.0\(2\)u3\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(7\) | |
| cisco | nx-os | 6.0\(2\)u3\(8\) | |
| cisco | nx-os | 6.0\(2\)u3\(9\) | |
| cisco | nx-os | 6.0\(2\)u4\(1\) | |
| cisco | nx-os | 6.0\(2\)u4\(2\) | |
| cisco | nx-os | 6.0\(2\)u4\(3\) | |
| cisco | nx-os | 6.0\(2\)u4\(4\) | |
| cisco | nx-os | 6.0\(2\)u5\(1\) | |
| cisco | nx-os | 6.0\(2\)u5\(2\) | |
| cisco | nx-os | 6.0\(2\)u5\(3\) | |
| cisco | nx-os | 6.0\(2\)u5\(4\) | |
| cisco | nx-os | 6.0\(2\)u6 | |
| cisco | nx-os | 6.0\(2\)u6\(0.46\) | |
| cisco | nx-os | 6.0\(2\)u6\(1\) | |
| cisco | nx-os | 6.0\(2\)u6\(1a\) | |
| cisco | nx-os | 6.0\(2\)u6\(2\) | |
| cisco | nx-os | 6.0\(2\)u6\(2a\) | |
| cisco | nx-os | 6.0\(2\)u6\(3\) | |
| cisco | nx-os | 6.0\(2\)u6\(3a\) | |
| cisco | nx-os | 6.0\(2\)u6\(4\) | |
| cisco | nx-os | 6.0\(2\)u6\(4a\) | |
| cisco | nx-os | 6.0\(2\)u6\(5\) | |
| cisco | nx-os | 6.0\(2\)u6\(5a\) | |
| cisco | nx-os | 6.0\(2\)u6\(5b\) | |
| cisco | nx-os | 6.0\(2\)u6\(5c\) | |
| cisco | nx-os | 6.0\(2\)u6\(6\) | |
| cisco | nx-os | 6.0\(2\)u6\(7\) | |
| cisco | nx-os | 6.0\(2\)u6\(8\) | |
| cisco | nx-os | 6.0\(2\)u6\(9\) | |
| cisco | nx-os | 6.0\(2\)u6\(10\) | |
| cisco | nx-os | 6.0\(2\)u6\(10a\) | |
| cisco | nx-os | 6.2\(2\) | |
| cisco | nx-os | 6.2\(2a\) | |
| cisco | nx-os | 6.2\(3\) | |
| cisco | nx-os | 6.2\(3n\) | |
| cisco | nx-os | 6.2\(5\) | |
| cisco | nx-os | 6.2\(5a\) | |
| cisco | nx-os | 6.2\(6\) | |
| cisco | nx-os | 6.2\(6a\) | |
| cisco | nx-os | 6.2\(6b\) | |
| cisco | nx-os | 6.2\(7\) | |
| cisco | nx-os | 6.2\(8\) | |
| cisco | nx-os | 6.2\(8a\) | |
| cisco | nx-os | 6.2\(8b\) | |
| cisco | nx-os | 6.2\(10\) | |
| cisco | nx-os | 6.2\(11b\) | |
| cisco | nx-os | 6.2\(12\) | |
| cisco | nx-os | 6.2\(14\) | |
| cisco | nx-os | 6.2\(14a\) | |
| cisco | nx-os | 6.2\(14b\) | |
| cisco | nx-os | 6.2\(16\) | |
| cisco | nx-os | 6.2\(18\) | |
| cisco | nx-os | 6.2\(20\) | |
| cisco | nx-os | 6.2\(20a\) | |
| cisco | nx-os | 6.2\(22\) | |
| cisco | nx-os | 6.2\(24\) | |
| cisco | nx-os | 6.2\(25\) | |
| cisco | nx-os | 6.2\(27\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)f1 | |
| cisco | nx-os | 7.0\(3\)f2 | |
| cisco | nx-os | 7.0\(3\)f3 | |
| cisco | nx-os | 7.0\(3\)f3\(1\) | |
| cisco | nx-os | 7.0\(3\)f3\(2\) | |
| cisco | nx-os | 7.0\(3\)f3\(3\) | |
| cisco | nx-os | 7.0\(3\)f3\(3a\) | |
| cisco | nx-os | 7.0\(3\)f3\(3b\) | |
| cisco | nx-os | 7.0\(3\)f3\(3c\) | |
| cisco | nx-os | 7.0\(3\)f3\(4\) | |
| cisco | nx-os | 7.0\(3\)f3\(5\) | |
| cisco | nx-os | 7.0\(3\)i2\(1\) | |
| cisco | nx-os | 7.0\(3\)i2\(1a\) | |
| cisco | nx-os | 7.0\(3\)i2\(2\) | |
| cisco | nx-os | 7.0\(3\)i2\(2a\) | |
| cisco | nx-os | 7.0\(3\)i2\(2b\) | |
| cisco | nx-os | 7.0\(3\)i2\(2c\) | |
| cisco | nx-os | 7.0\(3\)i2\(2d\) | |
| cisco | nx-os | 7.0\(3\)i2\(2e\) | |
| cisco | nx-os | 7.0\(3\)i2\(2r\) | |
| cisco | nx-os | 7.0\(3\)i2\(2s\) | |
| cisco | nx-os | 7.0\(3\)i2\(2v\) | |
| cisco | nx-os | 7.0\(3\)i2\(2w\) | |
| cisco | nx-os | 7.0\(3\)i2\(2x\) | |
| cisco | nx-os | 7.0\(3\)i2\(2y\) | |
| cisco | nx-os | 7.0\(3\)i3\(1\) | |
| cisco | nx-os | 7.0\(3\)i4\(1\) | |
| cisco | nx-os | 7.0\(3\)i4\(1t\) | |
| cisco | nx-os | 7.0\(3\)i4\(2\) | |
| cisco | nx-os | 7.0\(3\)i4\(3\) | |
| cisco | nx-os | 7.0\(3\)i4\(4\) | |
| cisco | nx-os | 7.0\(3\)i4\(5\) | |
| cisco | nx-os | 7.0\(3\)i4\(6\) | |
| cisco | nx-os | 7.0\(3\)i4\(6t\) | |
| cisco | nx-os | 7.0\(3\)i4\(7\) | |
| cisco | nx-os | 7.0\(3\)i4\(8\) | |
| cisco | nx-os | 7.0\(3\)i4\(8a\) | |
| cisco | nx-os | 7.0\(3\)i4\(8b\) | |
| cisco | nx-os | 7.0\(3\)i4\(8z\) | |
| cisco | nx-os | 7.0\(3\)i4\(9\) | |
| cisco | nx-os | 7.0\(3\)i5 | |
| cisco | nx-os | 7.0\(3\)i5\(1\) | |
| cisco | nx-os | 7.0\(3\)i5\(2\) | |
| cisco | nx-os | 7.0\(3\)i5\(3\) | |
| cisco | nx-os | 7.0\(3\)i5\(3a\) | |
| cisco | nx-os | 7.0\(3\)i5\(3b\) | |
| cisco | nx-os | 7.0\(3\)i6\(1\) | |
| cisco | nx-os | 7.0\(3\)i6\(2\) | |
| cisco | nx-os | 7.0\(3\)i7 | |
| cisco | nx-os | 7.0\(3\)i7\(1\) | |
| cisco | nx-os | 7.0\(3\)i7\(2\) | |
| cisco | nx-os | 7.0\(3\)i7\(3\) | |
| cisco | nx-os | 7.0\(3\)i7\(3z\) | |
| cisco | nx-os | 7.0\(3\)i7\(4\) | |
| cisco | nx-os | 7.0\(3\)i7\(5\) | |
| cisco | nx-os | 7.0\(3\)i7\(5a\) | |
| cisco | nx-os | 7.0\(3\)i7\(6\) | |
| cisco | nx-os | 7.0\(3\)i7\(6z\) | |
| cisco | nx-os | 7.0\(3\)i7\(7\) | |
| cisco | nx-os | 7.0\(3\)i7\(8\) | |
| cisco | nx-os | 7.0\(3\)ia7\(1\) | |
| cisco | nx-os | 7.0\(3\)ia7\(2\) | |
| cisco | nx-os | 7.0\(3\)ic4\(4\) | |
| cisco | nx-os | 7.0\(3\)im3\(1\) | |
| cisco | nx-os | 7.0\(3\)im3\(2\) | |
| cisco | nx-os | 7.0\(3\)im3\(2a\) | |
| cisco | nx-os | 7.0\(3\)im3\(2b\) | |
| cisco | nx-os | 7.0\(3\)im3\(3\) | |
| cisco | nx-os | 7.0\(3\)im7\(2\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1a\) | |
| cisco | nx-os | 7.0\(5\)n1\(1\) | |
| cisco | nx-os | 7.0\(5\)n1\(1a\) | |
| cisco | nx-os | 7.0\(6\)n1\(1\) | |
| cisco | nx-os | 7.0\(6\)n1\(2s\) | |
| cisco | nx-os | 7.0\(6\)n1\(3s\) | |
| cisco | nx-os | 7.0\(6\)n1\(4s\) | |
| cisco | nx-os | 7.0\(7\)n1\(1\) | |
| cisco | nx-os | 7.0\(7\)n1\(1a\) | |
| cisco | nx-os | 7.0\(7\)n1\(1b\) | |
| cisco | nx-os | 7.0\(8\)n1\(1\) | |
| cisco | nx-os | 7.0\(8\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1\) | |
| cisco | nx-os | 7.1\(0\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1b\) | |
| cisco | nx-os | 7.1\(0.1\) | |
| cisco | nx-os | 7.1\(1\)n1\(1\) | |
| cisco | nx-os | 7.1\(1\)n1\(1a\) | |
| cisco | nx-os | 7.1\(2\)n1\(1\) | |
| cisco | nx-os | 7.1\(2\)n1\(1a\) | |
| cisco | nx-os | 7.1\(3\)n1\(1\) | |
| cisco | nx-os | 7.1\(3\)n1\(2\) | |
| cisco | nx-os | 7.1\(3\)n1\(2a\) | |
| cisco | nx-os | 7.1\(3\)n1\(3\) | |
| cisco | nx-os | 7.1\(3\)n1\(4\) | |
| cisco | nx-os | 7.1\(3\)n1\(5\) | |
| cisco | nx-os | 7.1\(4\)n1\(1\) | |
| cisco | nx-os | 7.1\(4\)n1\(1a\) | |
| cisco | nx-os | 7.1\(4\)n1\(1c\) | |
| cisco | nx-os | 7.1\(4\)n1\(1d\) | |
| cisco | nx-os | 7.1\(5\)n1\(1\) | |
| cisco | nx-os | 7.1\(5\)n1\(1b\) | |
| cisco | nx-os | 7.2\(0\)d1\(1\) | |
| cisco | nx-os | 7.2\(0\)n1\(1\) | |
| cisco | nx-os | 7.2\(1\)d\(1\) | |
| cisco | nx-os | 7.2\(1\)n1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(2\) | |
| cisco | nx-os | 7.2\(2\)d1\(3\) | |
| cisco | nx-os | 7.2\(2\)d1\(4\) | |
| cisco | nx-os | 7.3\(0\)d1\(1\) | |
| cisco | nx-os | 7.3\(0\)dx\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1a\) | |
| cisco | nx-os | 7.3\(0\)n1\(1b\) | |
| cisco | nx-os | 7.3\(1\)d1\(1\) | |
| cisco | nx-os | 7.3\(1\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1d\) | |
| cisco | nx-os | 7.3\(2\)d1\(2\) | |
| cisco | nx-os | 7.3\(2\)d1\(3\) | |
| cisco | nx-os | 7.3\(2\)d1\(3a\) | |
| cisco | nx-os | 7.3\(2\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)n1\(1b\) | |
| cisco | nx-os | 7.3\(2\)n1\(1c\) | |
| cisco | nx-os | 7.3\(3\)d1\(1\) | |
| cisco | nx-os | 7.3\(3\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)d1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1a\) | |
| cisco | nx-os | 7.3\(5\)d1\(1\) | |
| cisco | nx-os | 7.3\(5\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1a\) | |
| cisco | nx-os | 7.3\(7\)n1\(1\) | |
| cisco | nx-os | 7.3\(7\)n1\(1a\) | |
| cisco | nx-os | 7.3\(7\)n1\(1b\) | |
| cisco | nx-os | 8.0\(1\) | |
| cisco | nx-os | 8.1\(1\) | |
| cisco | nx-os | 8.1\(1a\) | |
| cisco | nx-os | 8.1\(1b\) | |
| cisco | nx-os | 8.1\(2\) | |
| cisco | nx-os | 8.1\(2a\) | |
| cisco | nx-os | 8.2\(1\) | |
| cisco | nx-os | 8.2\(2\) | |
| cisco | nx-os | 8.2\(3\) | |
| cisco | nx-os | 8.2\(4\) | |
| cisco | nx-os | 8.2\(5\) | |
| cisco | nx-os | 8.3\(1\) | |
| cisco | nx-os | 8.3\(2\) | |
| cisco | nx-os | 8.4\(1\) | |
| cisco | nx-os | 8.4\(1a\) | |
| cisco | nx-os | 9.2\(1\) | |
| cisco | nx-os | 9.2\(2\) | |
| cisco | nx-os | 9.2\(2t\) | |
| cisco | nx-os | 9.2\(2v\) | |
| cisco | nx-os | 9.2\(3\) | |
| cisco | nx-os | 9.2\(3y\) | |
| cisco | nx-os | 9.3\(1\) | |
| cisco | nx-os | 9.3\(1z\) | |
| cisco | nx-os | 9.3\(2\) | |
| cisco | nx-os | 9.3\(3\) | |
| cisco | mds_9100 | - | |
| cisco | mds_9200 | - | |
| cisco | mds_9500 | - | |
| cisco | mds_9700 | - | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_3064-t | - | |
| cisco | nexus_31108pc-v | - | |
| cisco | nexus_31108tc-v | - | |
| cisco | nexus_31128pq | - | |
| cisco | nexus_3132c-z | - | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3132q-v | - | |
| cisco | nexus_3132q-xl | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3172pq-xl | - | |
| cisco | nexus_3172tq | - | |
| cisco | nexus_3172tq-32t | - | |
| cisco | nexus_3172tq-xl | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3264c-e | - | |
| cisco | nexus_3264q | - | |
| cisco | nexus_3408-s | - | |
| cisco | nexus_34180yc | - | |
| cisco | nexus_3432d-s | - | |
| cisco | nexus_3464c | - | |
| cisco | nexus_3524 | - | |
| cisco | nexus_3524-x | - | |
| cisco | nexus_3524-xl | - | |
| cisco | nexus_3548 | - | |
| cisco | nexus_3548-x | - | |
| cisco | nexus_3548-xl | - | |
| cisco | nexus_36180yc-r | - | |
| cisco | nexus_3636c-r | - | |
| cisco | nexus_5548p | - | |
| cisco | nexus_5548up | - | |
| cisco | nexus_5596t | - | |
| cisco | nexus_5596up | - | |
| cisco | nexus_56128p | - | |
| cisco | nexus_5624q | - | |
| cisco | nexus_5648q | - | |
| cisco | nexus_5672up | - | |
| cisco | nexus_5696q | - | |
| cisco | nexus_6001 | - | |
| cisco | nexus_6004 | - | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nexus_9000v | - | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92300yc | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_92348gc-x | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93108tc-fx | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180lc-ex | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93180yc-fx | - | |
| cisco | nexus_93216tc-fx2 | - | |
| cisco | nexus_93240yc-fx2 | - | |
| cisco | nexus_9332c | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_93360yc-fx2 | - | |
| cisco | nexus_9336c-fx2 | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9348gc-fxp | - | |
| cisco | nexus_9364c | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6300 | - | |
| cisco | ucs_6324 | - | |
| cisco | ucs_64108 | - | |
| cisco | ucs_6454 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "AECBA131-0D2F-466D-847B-60F72199C90E", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "B3A7CA3B-47C2-4721-B8A9-14C2C02969E0", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AF658ED7-F77C-405B-B06A-74B46FBDAD98", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "4F0FDDF2-912C-4900-B0B7-20AF5D2F1B52", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "7295EC54-FA19-4658-8510-3C072804D9E4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B31E39D5-147B-4965-ACB6-34F1244143F2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3D672928-6AE8-488B-A2A5-257074BAB2D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "0C928C35-4E24-4DBE-ADEA-D449B88ECB6B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "E64D8992-CA79-4ADF-BF3B-A76E944EC740", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "11A35378-54EB-422F-B0DD-211B214803D7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "1E46D326-665C-4DB7-89A0-0F1B987D4A18", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "73B9FE4E-0C82-4511-9A4A-DCBFEB93DE87", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "BB8F0200-7BCA-49E9-98E0-D825630D77FF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "61FCA143-FDAB-472D-B9E1-F7CB4041BBE1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "61F736DD-44FE-4A20-AF89-4B29725608A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8844860D-427F-4B01-980A-59B082F26034", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "CCA96B43-0793-4784-A971-DD442EBFF6BE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "B13305C9-008F-488A-ADC7-0724AFB313DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "50DFAF49-0688-4A5A-9023-E2543164D89C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "46376F5C-2CF0-46F1-ADCF-870065A24D12", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "5EB6C0E3-9B92-4768-93BB-8B8626EB164A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5b\\):*:*:*:*:*:*:*", matchCriteriaId: "F4EA572E-5F4F-45F1-B7A1-346F723C2BDD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "A6EA3CBB-EAF7-4837-96AF-0258220C4A5A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "5E6FB730-84CD-496D-9140-BC9375548D14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "BD712B88-298A-4488-A053-67CB45190F57", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4ED5F397-D3E6-4A4A-BF38-6B295A6AB9BE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "11D98EBD-9D82-492E-A3A6-62D95404D5C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "56D91C38-76AB-47F5-BDDE-E940D87C34F8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "EF78015A-5C28-4FD2-915E-EC343201A9D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8:*:*:*:*:*:*:*", matchCriteriaId: "9DCBF1FE-C124-4DBA-B127-D484D5C9110C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "31308B18-062C-4DB8-9241-F15661C06398", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "ED17D340-9C18-4B1E-BA15-CAE2ADAAD38E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "310856A9-CA62-4C1A-A4C9-B6EECC36F496", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "3D295366-662E-4C8E-9758-3DB801E0ABA8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "F09360A9-3FB1-465F-977E-643942D01FE8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "6A97A6BE-A27A-4D53-AB63-2A2631F20EAB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "3F034BF4-31E6-46FB-B082-EA22FFE51AAB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(6.213\\):*:*:*:*:*:*:*", matchCriteriaId: "17B9D603-75C0-4241-BD4B-3C891A2C5BD7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "063BB311-EC8D-43E5-9B9D-56C96121EB9A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7a\\):*:*:*:*:*:*:*", matchCriteriaId: "003AAC03-306E-4D12-B4C7-7ECA4ED88884", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7b\\):*:*:*:*:*:*:*", matchCriteriaId: "EB0DAA33-3841-4C14-A137-93E1810CC866", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "ACD5B480-2780-48EB-B361-4EF4833D97E3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "B0500999-E48F-4FE1-9B92-C1E179651CE5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9.7\\):*:*:*:*:*:*:*", matchCriteriaId: "98CFE9BB-7BFE-4782-B602-2C6A1392693F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "629488D4-D8A4-4152-A4D3-E951F199C6DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10a\\):*:*:*:*:*:*:*", matchCriteriaId: "2D8F0A63-8229-46E8-94A6-CDBB1E8F91E5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11\\):*:*:*:*:*:*:*", matchCriteriaId: "FAD3C773-0B71-4FF2-9DCD-2875CFDE3308", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11a\\):*:*:*:*:*:*:*", matchCriteriaId: "B07F6A0D-82C3-4C2C-9715-3D07083E6F56", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11b\\):*:*:*:*:*:*:*", matchCriteriaId: "03901678-2CCB-4ED5-AF04-D8469BF12804", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "618861BD-8FEE-4EF8-BFFB-A5BCBA8EA3EB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "6459DD6B-6DC1-4C14-A8E7-4503ED5F69BD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "DA600413-FC70-4776-99DF-180C96D4FD24", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "ECC9066F-3082-48A0-BA52-9ED9420EA47A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "78611E25-E33E-4C88-A681-97B5A2A01B51", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "780B04ED-412E-441F-8717-D8F9257F5699", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FC6A3647-2AF0-4D45-BCC9-24618B43ACBF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "AD2AABBD-8680-4615-A4E2-B607CB1B0979", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "693F444B-FA34-489C-BB45-E9185DE47816", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "13669043-3F12-4439-812F-6DE35F70B159", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "58A8BDE0-2F73-4E0C-B73A-918DB3352067", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "5CC4DC15-3045-4CE3-A7B5-4E6ED35BF51F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "625BE6B1-12A7-4A8A-A816-E82C026E0457", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "4EAC2920-462B-44F0-8E93-7875C2F74592", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "35957A41-D8F2-4BC1-986B-C3E271327D64", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "10BFAE68-01C5-4EF8-8B86-F470092E9034", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "6D02FC11-EB21-45CD-A070-89C4862240BC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8C67AE59-380A-402B-9B2A-F595E001637B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "4301927C-7A6D-4DA9-9470-9182E7FB234A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C71ED401-6786-4AAE-A98F-BE4732256A7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "E2B5EC76-A4A7-41C0-9F37-5EC85FD1EB5C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "66BC7FC9-1167-41C5-9B0E-7D68400F3C39", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "A6EB46CC-2939-4326-8CB9-504D7C7EF05E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6:*:*:*:*:*:*:*", matchCriteriaId: "0CDB1D59-C964-4D30-B55E-08E68562300C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(0.46\\):*:*:*:*:*:*:*", matchCriteriaId: "62C7EA58-2F17-41B2-8955-CADE8B7D2FED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "8845147E-D3B1-41B9-BBD2-77B2823F3AD0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "8F7B2F23-F532-40D2-884E-D86785B33296", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1FC4F349-9E1C-4DD8-BC07-6CB67053BCDF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "D498C133-AA11-49C4-B065-F27CE776D318", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "08032AAC-F094-4717-A56F-89289FBD1F3B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "C5ADD4D3-206C-4609-AB2A-F6945D56627B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "07645F73-AC79-4BB8-A98E-1740F7D6EC5D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "9DC56869-4665-49D1-89F2-8ED97727BD94", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "147D1A4A-6404-47E3-B1A6-4C001C8DD9E0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "1162691A-6C92-448A-8F1B-2DEFB623F1ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5b\\):*:*:*:*:*:*:*", matchCriteriaId: "57524BA3-CF08-4F0F-95C9-F1417B4B83E0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5c\\):*:*:*:*:*:*:*", matchCriteriaId: "D0E214C2-24CF-43EC-BC27-2E6AA77254DF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "EB0D74A0-C4B2-46EC-A9FF-562A997E3150", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "817A45B4-7C79-4D1A-B889-18A937CF8361", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "155F3CB7-A85B-4897-A4E2-F485FDF44AD4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "9D34CAB5-0832-45B1-B13F-49B763AFB74F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "7C0DB182-F37A-4230-BD6F-461C3195FAF4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10a\\):*:*:*:*:*:*:*", matchCriteriaId: "065A0E6C-E0BD-4BD1-97EB-723EC4BDFA60", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "2FDE8EF9-47CF-451D-9570-3D369D74D44F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "55A760CE-5E63-4A6B-8DA3-A473BC3900E3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "0C857C0F-B023-4CF7-9916-6735C40425F9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(3n\\):*:*:*:*:*:*:*", matchCriteriaId: "DD503699-A02E-4A62-827F-0906C94448EF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "D4C558C0-ECA4-408D-A5DF-2A175E48EAE2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "C4947F0C-B1F5-4BA0-A6F0-F08C25554E68", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "0E738E86-B75F-48BF-9E76-C7DD470F3688", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6a\\):*:*:*:*:*:*:*", matchCriteriaId: "11E66F3E-9482-4F30-8480-F036F3C68B61", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*", matchCriteriaId: "68C6090F-0B05-46F0-8A67-928FE1C36D5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "07863B2B-D780-4641-BADE-A5AFFAD95E57", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "FBD345BD-83EF-4913-A0F3-74E52AD76BBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "46B2B97B-DDB7-4208-BF1A-D10C8A075A14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*", matchCriteriaId: "317C8BE8-84DA-43D5-AE93-7E7DCDE6883E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "ED7B1216-4C4F-4A23-9474-23876649ABF3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(11b\\):*:*:*:*:*:*:*", matchCriteriaId: "CF349FDA-DFEC-45AA-A236-F0C8D0B3AD83", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*", matchCriteriaId: "57892CBB-8C95-4E56-90F8-B77BBBDC03FB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14\\):*:*:*:*:*:*:*", matchCriteriaId: "A555382D-9D35-4931-B3B0-DD4D956AB7AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14a\\):*:*:*:*:*:*:*", matchCriteriaId: "65CCE422-71DB-4500-AC91-9FB4DD5924A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14b\\):*:*:*:*:*:*:*", matchCriteriaId: "C37B944B-CFB6-41F6-B4ED-049BEB3732E7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(16\\):*:*:*:*:*:*:*", matchCriteriaId: "985752BE-AC65-47BC-97F5-36C2E44E55D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(18\\):*:*:*:*:*:*:*", matchCriteriaId: "BEC60C3C-8689-47EC-B944-F0FB9D38E4F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(20\\):*:*:*:*:*:*:*", matchCriteriaId: "C6A61F7E-9929-48F5-85BA-72E744AF30B2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(20a\\):*:*:*:*:*:*:*", matchCriteriaId: "DA24A851-F051-41A8-A33E-7296AD199306", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(22\\):*:*:*:*:*:*:*", matchCriteriaId: "52E6911E-3DD8-4FCC-A1B5-613098B25337", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(24\\):*:*:*:*:*:*:*", matchCriteriaId: "FEA235F0-95C4-471A-BBD6-EDB723E6E7CE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(25\\):*:*:*:*:*:*:*", matchCriteriaId: "0B86774A-900E-4A02-B671-C13C18965358", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(27\\):*:*:*:*:*:*:*", matchCriteriaId: "D23ADF50-748F-4795-B564-6D934B95F8D2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FD613D8F-099C-43A1-BD29-A98250E1334A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "576B74DF-9527-4931-B1A3-8FEE1DB1AD99", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f1:*:*:*:*:*:*:*", matchCriteriaId: "26AAAA6C-70FB-4562-AE8B-1BCB9A0DDA49", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2:*:*:*:*:*:*:*", matchCriteriaId: "B4243B6B-7DC5-46D9-A918-5D2BD74561F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3:*:*:*:*:*:*:*", matchCriteriaId: "1BFF2221-DCA4-4217-8199-76EFC43DD639", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D5DD2941-AD1E-4C13-8DAA-C5524B96AAB1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "45A37F82-44B3-426C-A344-9054599BB426", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "907A3DEC-27F8-4D0A-9EE4-4681B6D9BADB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "53378B5F-4A5B-425D-B8BE-455FAF924551", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3b\\):*:*:*:*:*:*:*", matchCriteriaId: "F2CB77FE-97B4-439F-BED0-59688252E87D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3c\\):*:*:*:*:*:*:*", matchCriteriaId: "A8F6C744-6501-4FAD-AF4F-12D3EA8F5BE4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "076216C6-C115-4C7C-A9E3-46A3986DA2AB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "A819AE96-3933-4AD2-AF30-36E199393E01", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7C8C0FF6-E9E5-4191-8C21-E8CB3F6BF7D7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "D2BA7EF9-FDA1-4A2D-88B2-67042367C90C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "A2FBF6CB-DE31-453D-BF47-89D0766D3020", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "046E260B-F842-41BA-914B-ACD7B71AB62F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "AAF537FC-B681-4F52-9324-9A4AC29651AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2c\\):*:*:*:*:*:*:*", matchCriteriaId: "A6B2E736-F9D2-453A-9998-38800CC875F4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2d\\):*:*:*:*:*:*:*", matchCriteriaId: "3E8CEAC9-1C53-46A6-A18A-2A970D587C0F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2e\\):*:*:*:*:*:*:*", matchCriteriaId: "851E1B4E-40C4-4639-8FC6-C9DEC6FB2744", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2r\\):*:*:*:*:*:*:*", matchCriteriaId: "2C24518B-D2D5-471A-BB19-B839792607D0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2s\\):*:*:*:*:*:*:*", matchCriteriaId: "8D93FA53-ADC0-4031-B693-84111E1EEDC2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2v\\):*:*:*:*:*:*:*", matchCriteriaId: "2B3E4490-6DD8-44BE-A681-105F526AE6E9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2w\\):*:*:*:*:*:*:*", matchCriteriaId: "E02F54C2-C551-4FC4-A6FF-737CFD465D37", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2x\\):*:*:*:*:*:*:*", matchCriteriaId: "77C98C47-688B-404B-A6CD-96AD5C0FD7F6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2y\\):*:*:*:*:*:*:*", matchCriteriaId: "3D20DDF8-145B-443D-8D92-404F574929F0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DBAC49A1-91FC-4D55-BD74-42C918CCFDC9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4142F873-0492-4ACC-88F9-3A243128D0EC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1t\\):*:*:*:*:*:*:*", matchCriteriaId: "CAEFC7FE-718E-4544-A86B-3243C2C14EDC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "A9CD31FC-C2D0-4B29-90D5-7C3CB218DF9A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "30A500F4-1899-4F96-98E3-9330146A7963", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "FE52C974-3930-4AC9-907B-8E6B325D6A1E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "FAD07DE9-5C98-4A63-A741-8E69E9F125D2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "F0DA113F-3706-4FF3-88F9-5D3CD48F8CE5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6t\\):*:*:*:*:*:*:*", matchCriteriaId: "5D1D8118-6E39-44B5-ABD7-B7ED3A80766D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "6A35B6DA-BF07-4579-8D6A-65CD8E052482", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "EF0B3DB8-8121-4FDC-8A11-42AB619101EC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8b\\):*:*:*:*:*:*:*", matchCriteriaId: "70830AB5-C86B-4726-A982-6F104910153E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8z\\):*:*:*:*:*:*:*", matchCriteriaId: "87EB3AE2-8A92-4B16-8A22-A0F5B55D12E4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "E0904B27-2FA3-4B8D-9706-98B0376B5FC8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5:*:*:*:*:*:*:*", matchCriteriaId: "D9B7B5DE-1177-466F-B6AD-9641EAC0E113", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B1D86994-83EE-4D09-B79A-70CB22C077C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1BEB5BAE-0BB6-4201-9229-47DE631AAF3A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "654694A7-394C-4843-9197-91FC00445E40", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "1798EAC2-026C-4757-860F-D7417A2BA881", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3b\\):*:*:*:*:*:*:*", matchCriteriaId: "FD83DA54-DF65-4837-90AD-837F75412E69", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "00953B63-7DBB-4A67-B41D-321C2ECDE79A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "83B2E7F6-9641-4B55-8B7D-6B0E020DD4A9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7:*:*:*:*:*:*:*", matchCriteriaId: "5DEBF467-C2E2-4ED9-8E8A-02E062E734D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C9388C2C-75F4-487F-A7D8-4E17FD39A166", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "80B54786-DA2A-4E2D-9835-6A7939931928", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "7688EC58-4647-4A08-9E86-A71EA7C41B88", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3z\\):*:*:*:*:*:*:*", matchCriteriaId: "6E7DA901-990A-4388-9B72-943E77269B4E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "D5AD2254-158D-4BEE-B36C-242813F4BA37", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "4480D800-595F-44CB-85ED-7E17A34A5BEF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "BF7AB4C3-54E0-4445-974C-4AE337B7B7DA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "AD015889-3893-4781-B18D-6125A9B6CE39", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6z\\):*:*:*:*:*:*:*", matchCriteriaId: "4E355839-76C1-4D48-9892-53EEADD2B629", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "89541F84-0C10-4757-8D25-80FC4464EC23", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "371AEAF3-39CA-4837-BA5A-D80826933C9B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ia7\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C474B035-BFDC-4617-9285-D10C970342A6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ia7\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "D9D9DD45-8C38-4753-9168-0E5BF96146DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ic4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "259F3DCA-D218-4CF1-9CB4-23ECB070719F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C55F18EF-F751-400F-88DD-76ADD2B60BE7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "AE1D0444-6A5E-4252-B761-28FEFAEE8BAF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "578691EB-19D3-4B75-9783-B6D4F0FE1CEA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "2C89EAEB-1944-4082-B1AF-CEAC39BE762A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "DD8BA29C-7F6E-492A-8EB1-A2D6391C5120", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im7\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "32EB01A2-9A00-4EFF-80F0-D192C79B1489", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "63949081-E2F3-4EB4-BABC-270AAB19EE78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "58292522-F486-410D-AD99-DFD6EC0AA9B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "A462729A-720F-4180-96DD-713A70CEF494", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "BEB59A4B-3FCA-47F9-A4DB-D2B8ABAFB54D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "A07ACF87-C694-41DB-B4BD-23CE72E32EED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C83C312B-0B0E-4A02-A9EE-F864EFBE60CB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(2s\\):*:*:*:*:*:*:*", matchCriteriaId: "832DE1DB-0D1C-4C24-8E2D-D182205C94B0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(3s\\):*:*:*:*:*:*:*", matchCriteriaId: "BD36EDD5-4408-4BD0-A75A-AFFD5BF44D38", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(4s\\):*:*:*:*:*:*:*", matchCriteriaId: "D0FBFB9B-703D-42F8-93BA-969AB7284106", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "E47E0A4D-4033-43A8-9A50-E1A2BD7B419C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "4C95519E-7536-4EF7-8222-D4089500F826", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "71F56568-57E6-4C1C-AC8A-D96E097E449E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F631EAC6-1D33-485E-9E00-8572FA015C26", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "25CEAE9E-DD9B-41E2-BC39-3332F428B489", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DE199525-4C2D-48C2-A76C-BD14BF2851F9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "E3644F66-F964-4D50-A6E0-EE8784490BD2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "72AD166D-7CBF-4A4D-A376-907DDA1BB504", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "FC9BC24B-BEB3-4D55-93C8-8334B8BC0BC0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9A20D72B-E2C6-47B6-A54D-FA435F29D7F2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "6C801D4A-E604-49CA-8D14-13622E85C563", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "77D9EEFA-D652-45D2-8AF5-8A72825E7ED0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "EC78BEB7-47D1-4544-BC40-AB5D73B93D78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "1AEB91EC-E548-4C53-920F-C4871BC464B8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "0282F963-2C1F-44F7-A0D0-4929685051AA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "A1F519D0-64BC-4862-8894-4F6C248253C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "94A247A8-E918-4757-9ADE-251B027CD307", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "195CD630-4949-4B52-B9FF-94F3DEFB47AD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "225E5070-B635-4752-B771-0E721C96C2AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9103A92E-C9F3-401B-AE30-66466210ADED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "9E5CD729-234E-43C0-A6A3-A3E0983A6605", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "4A30E576-56F8-4EBA-AADE-C70655DE6E79", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "74415A0A-A3F4-43BB-B609-B6641771D655", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B5ED7424-EB12-4C21-97C8-082156716C9C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "16359104-2DB6-41D6-97A8-8CA1C3AB5688", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "6BF973CD-3315-4D86-8F89-05DC97C736AB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "E485E99D-F421-487D-86E7-A2D119623D47", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)d\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2622260B-F77B-4510-9B9D-078B994BBE64", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "94AA886F-7BD1-4699-B1D3-E495EFCA2812", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2768DEF1-3DFA-4683-9D8D-C5915D8E7365", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3CD05045-E867-4B7E-ACE4-7B6EA69971AF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "FF9B10D1-29C0-4B16-813A-B535C4C64E47", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "84551391-3A13-42EC-855F-FBB3453F65D4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7FD733DD-EC40-48EC-A8A6-AE09657EEFC1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)dx\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "18CE33FF-6C81-4B38-8C47-6DEBD4D4223C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "569B3CE7-CA06-4636-8043-7ED7635195A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "41A683FE-68AF-43E4-B846-2E82ACDD5E4C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "2C8B149C-D842-496A-BE21-41920F95139C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4A7B0A8C-ED8F-411C-843F-B801CBBBB6C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "8D72F0B8-D229-4995-A053-62FA6591DCBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FADC755B-3AB3-43D6-8495-1FABCBD548E9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "42D84BD8-D76B-422E-9E46-4A667A981FAD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "03607526-7F9E-43F5-94ED-3ED0B4D29DF5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8890C4B8-2E5C-46D6-80DE-6B5256FA1CAD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "2F8A3FFE-D017-43F7-B481-AF25B8B2BE6F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D8025943-EA09-47E6-9109-7DAF078F8F26", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "1A727000-44CC-461C-A7D6-0B9A99CB974A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "105B6601-D756-4B76-9554-5B6E027A5E8E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "98FC292D-27D3-40CF-98C5-AF47686FC134", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0EE35B51-2D13-4A8B-BFF5-0596DBDCD261", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0C23B353-3500-4FA4-90CE-624A29B1048F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "69FE85C9-A0AC-4FD4-A6EE-F0868B69503B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "9B1340D1-8EE8-484F-979A-AB9E34D35EB3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "29002523-6405-4198-A5E5-630A4B661767", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AF1257BF-D534-4899-937F-DCBD033A7D94", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "86E5CF27-5661-41DF-B339-740718760AC6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "6AE0D110-D8D7-4D50-A599-618A5120EDD7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9ACD2D0D-7A38-4FCD-9E24-5588BACF8DA6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "586E9024-C983-4CFF-9A3F-A39256E09910", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "B2B7951C-8376-49C3-BF50-E6B65909A739", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9C83E090-7C99-465A-A477-C2949B137720", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AB556839-151C-492E-B4C3-C024276D5AB1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "3A8D89C0-8C65-487B-9F2D-FFE31AE5BBCC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "409A92B8-F9A5-401E-B77F-177C48B22F23", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "298709C4-69BF-48BA-A317-4251B5461A0D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "0EF15089-A16E-47CC-AB52-78AB85F681BF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "3FB0B238-4F3A-4569-89B0-ED80533D87C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "CF90B861-F48B-45DF-ACB8-F91030106181", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "CAB301FC-988F-4FC3-A097-E926E541F098", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "6CFA19E0-0121-4422-83AF-94039520A0F8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "03201B37-841C-432F-8643-352833381373", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "A6B8E31F-6B33-43E0-9585-5736D54FE876", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3C828C0E-99E6-4DEF-9EB3-672DEB61F479", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2636B1F1-8C40-44A4-B96B-C84EC244685E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "D0A868C7-1060-4A48-819E-013F435F08D1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DD96C7AE-EECC-43F4-9132-1E7F8047C701", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1D43B9D6-0991-4370-9369-C0A1EDBF6627", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2t\\):*:*:*:*:*:*:*", matchCriteriaId: "6EB58108-78E4-4208-A549-C86B37422828", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2v\\):*:*:*:*:*:*:*", matchCriteriaId: "46427F06-FAB1-4AB8-A6BF-3EE10608B4D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "5FB6ADC7-97AC-4DD8-8F1B-448A63D8BE97", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(3y\\):*:*:*:*:*:*:*", matchCriteriaId: "AA0623C0-E021-4DA0-926A-4466DDBC0BA6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9A589031-946F-4016-AFC9-92FB033420D0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(1z\\):*:*:*:*:*:*:*", matchCriteriaId: "F62AE0F2-812F-450E-BE9D-01A3AD15028E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "20FF2A5A-CB80-4F58-856D-724AACB0864C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "9FF50BFC-2DB3-4954-BC59-8B3D27D418E0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B4F21A73-278B-4CEC-A887-E4FB53C6AA94", versionEndExcluding: "3.2\\(3o\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "00B4CC8B-AA85-43E5-962A-0F0E003D95FF", versionEndExcluding: "4.0\\(4i\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EB2E352F-4A19-4612-970B-12978D869A09", versionEndExcluding: "4.1\\(1c\\)", versionStartIncluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.", }, { lang: "es", value: "Una vulnerabilidad en el componente Cisco Fabric Services de Cisco FXOS Software y Cisco NX-OS Software, podría permitir a un atacante no autenticado causar bloqueos en el proceso, lo que podría resultar en una condición de denegación de servicio (DoS) en un dispositivo afectado. El vector de ataque es dependiente de la configuración y podría ser remoto o adyacente. Para obtener más información sobre el vector de ataque, consulte la sección Detalles de este aviso. La vulnerabilidad es debido a un manejo insuficiente de errores cuando el software afectado analiza los mensajes de Cisco Fabric Services. Un atacante podría explotar esta vulnerabilidad mediante el envío de mensajes maliciosos de Cisco Fabric Services hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar una recarga de un dispositivo afectado, lo que podría resultar en una condición DoS", }, ], id: "CVE-2020-3517", lastModified: "2024-11-21T05:31:14.100", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-27T16:15:12.550", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-13 19:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108350 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot | Vendor Advisory | |
| psirt@cisco.com | https://www.kb.cert.org/vuls/id/400865 | Third Party Advisory, US Government Resource | |
| psirt@cisco.com | https://www.us-cert.gov/ics/advisories/icsa-20-072-03 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108350 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/400865 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-072-03 | Third Party Advisory, US Government Resource |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:asa_5500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "524E28A1-ABD9-416B-804C-EFFD7F822DE5", versionEndExcluding: "1.1.15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asa_5506-x:-:*:*:*:*:*:*:*", matchCriteriaId: "763B801D-CA1E-4C56-8B06-3373EA307C7E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5506h-x:-:*:*:*:*:*:*:*", matchCriteriaId: "30AC6907-3091-409F-967D-64A82A0C5A8C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5506w-x:-:*:*:*:*:*:*:*", matchCriteriaId: "D11AF728-8EB0-45EB-A7DD-F2D52B3BB7B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5508-x:-:*:*:*:*:*:*:*", matchCriteriaId: "92AE506A-E710-465B-B795-470FDE0E0ECA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5516-x:-:*:*:*:*:*:*:*", matchCriteriaId: "1E07AF10-FFB2-4AC7-BBE7-199C3EFED81F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_2100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "32B7016C-C909-4F30-A80E-E30E9C2FB607", versionEndExcluding: "2.6.1.134", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0B8DB36E-D0AC-4FFC-8FDB-C5520689013A", versionEndExcluding: "1.0.18", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E924AE61-94D5-4A68-A586-CA7119487F67", versionEndExcluding: "1.0.18", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ons_15454_mstp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F8A7F11-B920-4C5B-B3CA-D29740FFE891", versionEndExcluding: "11.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ons_15454_mstp:-:*:*:*:*:*:*:*", matchCriteriaId: "BEBE1DDE-6C69-45EC-A666-D9596E8721DA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:analog_voice_network_interface_modules_firmware:*:*:*:*:*:*:4000_series_isrs:*", matchCriteriaId: "00BCB49E-E2D2-4374-8D48-A287FC538F4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nim-2bri-nt\\/te:-:*:*:*:*:*:*:*", matchCriteriaId: "637D7CA3-89CD-418A-BF87-0935A7805173", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2fox:-:*:*:*:*:*:*:*", matchCriteriaId: "4CBE2B16-B9AD-4ED2-AE18-7087C478FEEC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2fxs:-:*:*:*:*:*:*:*", matchCriteriaId: "D94B415B-08E2-4845-BD11-7EBCD08215E0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2fxs\\/4fxo:-:*:*:*:*:*:*:*", matchCriteriaId: "784ECC2E-F4AC-4430-9F33-9B1DBD89692F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2fxs\\/4fxop:-:*:*:*:*:*:*:*", matchCriteriaId: "8A34FAE4-7B2A-47BF-AB0A-5FAF8E8920CE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2fxsp:-:*:*:*:*:*:*:*", matchCriteriaId: "3FADBF85-52F4-468C-A44C-5107484757EA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-4bri-nt\\/te:-:*:*:*:*:*:*:*", matchCriteriaId: "90E418C4-F91B-4E0D-B1DC-2B099D991F80", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-4e\\/m:-:*:*:*:*:*:*:*", matchCriteriaId: "E22A4B07-04DF-4AF2-B2A9-E4430C4F3A64", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-4fxo:-:*:*:*:*:*:*:*", matchCriteriaId: "DFDCD640-E1BB-48F8-BEB4-85AAF7099FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-4fxs:-:*:*:*:*:*:*:*", matchCriteriaId: "893147FC-1AD0-441C-B031-6C432ED2FFD8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-4fxsp:-:*:*:*:*:*:*:*", matchCriteriaId: "DE30FCF9-DFF6-419C-8DCA-0B695E3FADE7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:integrated_services_router_t1\\/e1_voice_and_wan_network_interface_modules_firmware:*:*:*:*:*:*:4000_series:*", matchCriteriaId: "239EC4DE-5E2C-44D7-9C32-BFCD854670AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nim-1ce1t1-pri:-:*:*:*:*:*:*:*", matchCriteriaId: "F2956624-92FC-43D7-A038-15071A90E0B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-1mft-t1\\/e1:-:*:*:*:*:*:*:*", matchCriteriaId: "988125C4-DB88-438F-8F6D-0992424081A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2ce1t1-pri:-:*:*:*:*:*:*:*", matchCriteriaId: "AD9B34B9-78EC-49AE-B342-F2BAD63CD50C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2mft-t1\\/e1:-:*:*:*:*:*:*:*", matchCriteriaId: "5D258F96-93A5-455E-9542-2C95B3D31455", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-4mft-t1\\/e1:-:*:*:*:*:*:*:*", matchCriteriaId: "B443FC34-767F-45B4-8516-A1A8B6C8D917", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-8ce1t1-pri:-:*:*:*:*:*:*:*", matchCriteriaId: "08C3403A-3943-4A69-A536-3FA6DEDFF21B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-8mft-t1\\/e1:-:*:*:*:*:*:*:*", matchCriteriaId: "7259F6BC-BA31-47E4-BFA6-647068A946CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:supervisor_a\\+_firmware:*:*:*:*:*:*:nexus_9500:*", matchCriteriaId: "3F825D9C-25C6-4F76-A7EE-F61A548A0CE1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-sup-a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "360B9A25-5272-487A-AF1A-CE2FDFD6F23C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:supervisor_b\\+_firmware:*:*:*:*:*:*:nexus_9500:*", matchCriteriaId: "77C59A0F-F256-42C3-A3E1-71F02614F55A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-sup-b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "3ADE8708-95D4-4D30-85ED-BE870410F3B6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:15454-m-wse-k9_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7F99FC1A-2738-468B-BD01-4F715A1B7809", versionEndExcluding: "11.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:15454-m-wse-k9:-:*:*:*:*:*:*:*", matchCriteriaId: "90242967-37AB-4124-87DE-D826A3895BE7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "EB99D062-EE0C-4695-AA4D-2DCE3E2B15AF", versionEndExcluding: "16.12.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:cbr-8_converged_broadband_router:-:*:*:*:*:*:*:*", matchCriteriaId: "D6CCBE67-E509-43EC-9AFB-8A9B6A115126", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "39C9F8C2-9E34-4027-9112-42AEC0B84F7C", versionEndExcluding: "16.3.9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "76843179-3569-4556-9F4C-6543B8A8E1DE", versionEndExcluding: "16.6.7", versionStartIncluding: "16.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "1B526102-9DDC-4E23-B582-DEF7EA35E42C", versionEndExcluding: "16.9.4", versionStartIncluding: "16.7.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "F50DDAE4-2C87-4B8B-9BCB-2FD32A6976D6", versionEndExcluding: "16.12.1", versionStartIncluding: "16.10.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nim-1ge-cu-sfp:-:*:*:*:*:*:*:*", matchCriteriaId: "C56A1D02-3061-40C5-AD87-0BEA869838F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2ge-cu-sfp:-:*:*:*:*:*:*:*", matchCriteriaId: "1F98C767-8E9F-4B01-A09E-359A496B2B3A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:sm-x-pvdm-1000:-:*:*:*:*:*:*:*", matchCriteriaId: "0FCAA286-6B36-4EB7-9AE5-CA082D125E78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:sm-x-pvdm-2000:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B1C2CF-0EF1-428F-8FB8-D45E4C6CB340", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:sm-x-pvdm-3000:-:*:*:*:*:*:*:*", matchCriteriaId: "450EA21E-68E0-4617-85A9-9C39B96E12ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:sm-x-pvdm-500:-:*:*:*:*:*:*:*", matchCriteriaId: "17B65497-2EAC-4B9E-9D05-58A0B6D1F399", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "35726753-BAA4-479F-AF9C-F4D012881F83", versionEndExcluding: "15.6\\(3\\)m7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "7A3FBAE1-F786-4799-AF70-6E7B5DC19BB9", versionEndIncluding: "15.7\\(3\\)m5", versionStartIncluding: "15.7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "72240B45-0D8E-4EA6-8208-068BF6EF8B30", versionEndExcluding: "15.8\\(3\\)m3", versionStartIncluding: "15.8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "B7F56D01-F647-452D-A564-4198A893BC70", versionEndExcluding: "15.9\\(3\\)m", versionStartIncluding: "15.9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:1120_connected_grid_router:-:*:*:*:*:*:*:*", matchCriteriaId: "6835F8AD-B55D-4B57-B3B5-0095E309B2B3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1240_connected_grid_router:-:*:*:*:*:*:*:*", matchCriteriaId: "1AB6ACAE-8C89-48F6-95BA-DE32F4F81FE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:industrial_security_appliances_3000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "83AA5C75-B959-4167-906C-BE9C84C7E676", versionEndExcluding: "1.0.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:industrial_security_appliances_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "6FBBA8E7-14B2-4869-8ED4-72F120E547FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:integrated_services_router_4200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CB084F19-E475-41FA-A72F-23D4D6913523", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "6C8AED7C-DDA3-4C29-BB95-6518C02C551A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:integrated_services_router_4300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C49E8AE0-745B-459C-AAD9-D41690D48DDE", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "9421DBEF-AE42-4234-B49F-FCC34B804D7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "5419CB9F-241F-4431-914F-2659BE27BEA5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:integrated_services_router_4400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC5D8FF8-60F8-4F89-A488-F815D0FB00E1", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "5720462A-BE6B-4E84-A1A1-01E80BBA86AD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:44461_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "697BEF89-6D9B-4870-BE85-9090152F3E6E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "818CEFA6-208C-43C3-8E43-474A93ADCF21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "13C3D17D-DD95-49CA-918A-A0F5289B0C3D", versionEndExcluding: "15.6\\(3\\)m6b", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "DA254534-247F-47BA-B146-0E3B7E9F9269", versionEndIncluding: "15.7\\(3\\)m4b", versionStartIncluding: "15.7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "E0F05F3A-A38F-4922-AE54-BE1BC64C4B7C", versionEndExcluding: "15.8\\(3\\)m2a", versionStartIncluding: "15.8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:809_industrial_integrated_services_routers:-:*:*:*:*:*:*:*", matchCriteriaId: "3C996F3B-0333-4B9A-B3E7-F50E64B0AAB3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:829_industrial_integrated_services_routers:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05CC9-8D04-4DE0-A854-375192B4D46C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:asr_1000_series_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64C3BBBB-4349-4D2B-9944-84BE03407650", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*", matchCriteriaId: "3C5C1005-0C12-4EDA-BC4A-B52201C4F516", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1000_series:-:*:*:*:*:*:*:*", matchCriteriaId: "76B7C13F-46C5-460A-A6C9-3837A28A0CE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr1000-2t\\+20x1ge:-:*:*:*:*:*:*:*", matchCriteriaId: "77D24BB4-6357-4BFC-A4CB-B33ECDEB3BEE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr1000-6tge:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1F849A-05BA-4CA2-96AA-F8DFD5E725A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr1000-esp200:-:*:*:*:*:*:*:*", matchCriteriaId: "AB060D83-2924-4D1D-9FEE-F8087FA8976D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr1000-mip100:-:*:*:*:*:*:*:*", matchCriteriaId: "8CF4D0E5-FF09-4919-B603-B42DB535386C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr1000-rp3:-:*:*:*:*:*:*:*", matchCriteriaId: "22C36989-4353-4B81-8B0F-FC6322C1C179", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:asr_1001_firmware:16.0.0:*:*:*:*:*:*:*", matchCriteriaId: "A267A86B-144D-46C3-9F63-95606106A5B1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*", matchCriteriaId: "7594E307-AC80-41EC-AE94-07E664A7D701", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*", matchCriteriaId: "09C913FF-63D5-43FB-8B39-598EF436BA5A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*", matchCriteriaId: "CD2794BD-C8CE-46EF-9857-1723FCF04E46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "C807F789-3038-42C3-B5EB-6CD628EBF718", versionEndExcluding: "16.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:a900-rsp2a-128:-:*:*:*:*:*:*:*", matchCriteriaId: "DED2353D-A508-4764-975F-57F9DACD91FA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a900-rsp2a-64:-:*:*:*:*:*:*:*", matchCriteriaId: "9EBA765C-B6F0-4D4D-8933-06E655084AF4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a900-rsp3c-200:-:*:*:*:*:*:*:*", matchCriteriaId: "CC6F34E1-7DE4-459B-AF41-D973201ADC49", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a900-rsp3c-400\\/w:-:*:*:*:*:*:*:*", matchCriteriaId: "D8DAC3AF-FEFC-4B14-A7BE-7008E65FD012", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-10sz-pd:-:*:*:*:*:*:*:*", matchCriteriaId: "7FCA2DB2-AE09-4A99-90C9-60AE0CD9A035", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-12cz-a:-:*:*:*:*:*:*:*", matchCriteriaId: "11B83BED-5A49-4CF0-9827-AA291D01F60E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-12cz-d:-:*:*:*:*:*:*:*", matchCriteriaId: "2C1E8937-51D9-43E6-876E-5D39AD3D32C4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-12sz-a:-:*:*:*:*:*:*:*", matchCriteriaId: "2CA7AE63-99B9-4F28-8670-639A9B31E494", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-12sz-d:-:*:*:*:*:*:*:*", matchCriteriaId: "E858B4AB-49B1-4F1C-8722-6E6911194924", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-12sz-im-cc:-:*:*:*:*:*:*:*", matchCriteriaId: "577D1BF2-5180-4301-941C-3C0ADDD23AA6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-24sz-m:-:*:*:*:*:*:*:*", matchCriteriaId: "9FE70CCD-6062-45D8-8566-7C9E237E030F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-24tz-im:-:*:*:*:*:*:*:*", matchCriteriaId: "5EA3A897-ED4E-417F-BA6C-C1A825A210F6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-24tz-m:-:*:*:*:*:*:*:*", matchCriteriaId: "375F9E12-A61B-4FD3-AE07-D4E686EB112A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-4sz-a:-:*:*:*:*:*:*:*", matchCriteriaId: "D724F932-4548-429D-8CAA-E82C3435A194", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-4sz-d:-:*:*:*:*:*:*:*", matchCriteriaId: "0BCC94C3-9EEF-4600-BE82-8AEDEB0F1446", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-24p:-:*:*:*:*:*:*:*", matchCriteriaId: "16088337-C057-4271-B5C7-74FE1573B0F0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-24t:-:*:*:*:*:*:*:*", matchCriteriaId: "A69B8AFD-17F5-4809-BDB9-3337BA52BC58", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-24u:-:*:*:*:*:*:*:*", matchCriteriaId: "6A628A7B-FE58-4881-B705-C3BCBED6F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-24ux:-:*:*:*:*:*:*:*", matchCriteriaId: "0A9C769E-ED9C-4F06-928D-CC7FFBA54EC7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-48p:-:*:*:*:*:*:*:*", matchCriteriaId: "C5B19A31-99E3-4141-9FE8-7A5FD16FAE5C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-48t:-:*:*:*:*:*:*:*", matchCriteriaId: "DB1DFCD7-F14A-4530-8E36-55FE0EE1E7C7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-48u:-:*:*:*:*:*:*:*", matchCriteriaId: "84C89BB9-D62D-4E36-8BFD-D583F383120D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-48un:-:*:*:*:*:*:*:*", matchCriteriaId: "88262B7E-8C2F-49FE-9F58-8A1C78285A93", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-48uxm:-:*:*:*:*:*:*:*", matchCriteriaId: "C6109DBC-5489-4FF9-B940-E174126488AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:*:*:*:*:*:*:*", matchCriteriaId: "5EA59279-3504-417D-9E86-E5886EE198BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:cbr-ccap-lc-40g-r:-:*:*:*:*:*:*:*", matchCriteriaId: "C44B33A5-DB73-4A3B-AA5B-97B8493AD28B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:cbr-lc-8d31-16u31:-:*:*:*:*:*:*:*", matchCriteriaId: "CAB82552-DD9D-45C9-8296-B4C8D510FFA1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "82AF763B-9299-4EDC-B42D-B83736839CA1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:a99-16x100ge-x-se:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EA89F6-14B5-4EC7-BAEB-E783FF1982AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a99-32x100ge-cm:-:*:*:*:*:*:*:*", matchCriteriaId: "E5BF29D2-7C65-4724-B6AE-249BB22725CE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a99-32x100ge-tr:-:*:*:*:*:*:*:*", matchCriteriaId: "D55DC09B-CF82-4461-8886-BE90451BFF9E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a99-rp3-se:-:*:*:*:*:*:*:*", matchCriteriaId: "F393681D-7EC1-46D5-BAFB-786528E259B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a99-rp3-tr:-:*:*:*:*:*:*:*", matchCriteriaId: "ABE8CE5B-09CF-4138-9495-7223FFA64443", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a9k-16x100ge-cm:-:*:*:*:*:*:*:*", matchCriteriaId: "15AEC57E-7851-4C8D-AB02-A932C3929F26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a9k-16x100ge-tr:-:*:*:*:*:*:*:*", matchCriteriaId: "B14DB778-9B07-4AFF-8BF3-4631B23501BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a9k-rsp5-se:-:*:*:*:*:*:*:*", matchCriteriaId: "326F9936-57E7-4E8F-9C51-093788454A3A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a9k-rsp5-tr:-:*:*:*:*:*:*:*", matchCriteriaId: "884F1D0A-8A6F-45E4-9AC7-A8603AB8AE4E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:network_convergence_system_1002:-:*:*:*:*:*:*:*", matchCriteriaId: "7D54F012-3136-4CA8-B119-FD7446EC96C6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "0514874D-C8F0-496E-9B04-FA699B339EEE", versionEndExcluding: "15.5\\(1\\)sy4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:c6800-16p10g-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F508C81E-D31B-44BA-82C8-FEDA00324B8B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6800-32p10g-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "05A9E0CA-BB70-4F74-BAD6-BE80669D1699", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6800-8p10g-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "4CAE1989-0E75-414E-BCB3-E0057F1492E7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6800-8p40g-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A1BA05-615E-4304-992D-6EEA176D852F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6800-sup6t-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "D883A807-6909-4087-892B-1E505521EA7A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6816-x-le:-:*:*:*:*:*:*:*", matchCriteriaId: "DE2D76C8-552A-44C2-9C30-0CF31F6BC719", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6824-x-le-40g:-:*:*:*:*:*:*:*", matchCriteriaId: "649A1287-A03D-48B8-ADFA-26F175366C91", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6832-x-le:-:*:*:*:*:*:*:*", matchCriteriaId: "8776111D-894D-4EEB-8ADD-A9AC26AE30D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6840-x-le-40g:-:*:*:*:*:*:*:*", matchCriteriaId: "975D2EC3-3499-48FD-87F2-4BAD1CDB0E4C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "27ACCA11-D39B-468E-9C3C-BBF110ED3581", versionEndExcluding: "16.9.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "5BB36C23-9303-4E3D-8C4A-B2E2150CF3FE", versionEndExcluding: "16.12.1", versionStartIncluding: "16.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:c9500-12q:-:*:*:*:*:*:*:*", matchCriteriaId: "0B37D793-0EE3-49CA-98B2-3E1F3D561A9F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9500-16x:-:*:*:*:*:*:*:*", matchCriteriaId: "03F5F6FA-9499-4232-A80A-494CE287A87A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9500-24q:-:*:*:*:*:*:*:*", matchCriteriaId: "58918BAA-7070-4901-B1C8-344E8A4DBEE9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9500-24y4c:-:*:*:*:*:*:*:*", matchCriteriaId: "08B9D533-FCF5-4B35-A0D2-2EA1E4A907AE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9500-32c:-:*:*:*:*:*:*:*", matchCriteriaId: "C809A939-105E-471E-A150-859015641989", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9500-32qc:-:*:*:*:*:*:*:*", matchCriteriaId: "B2C657B7-172E-4E85-8027-4B5563F2CE14", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9500-40x:-:*:*:*:*:*:*:*", matchCriteriaId: "0B42926F-0841-4D40-BABE-852893C6020F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9500-48y4c:-:*:*:*:*:*:*:*", matchCriteriaId: "381144D6-7CDE-46E6-ADE7-76372740F283", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9800-40_wireless_controller_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "902D1451-9E2E-4BC3-8B61-D87C142F4485", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9800-40_wireless_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "8E283C34-43AE-49A5-A72B-32DEA185ABD3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9800-80_wireless_controller_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "59CD23DF-9B9D-459F-A3BF-F2D53FBDAF71", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9800-80_wireless_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "ADB3AF13-5324-42CD-8EDB-6F730BF46214", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ic3000-k9_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "13174CD9-8564-4041-93EC-8E8D7F4F3443", versionEndExcluding: "1.0.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ic3000-k9:-:*:*:*:*:*:*:*", matchCriteriaId: "B443B2C3-E3C1-4ADF-BF9B-164D00318B08", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "0D5DCCAC-A8CC-40B5-AA01-6D46CB9B7053", versionEndExcluding: "8.4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ds-x9334-k9:-:*:*:*:*:*:*:*", matchCriteriaId: "ECE54217-EF6D-4191-9267-113041B14A08", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ncs2k-mr-mxp-k9_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6DE58C19-66CD-45DD-BF5C-C333A30AA096", versionEndExcluding: "11.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ncs2k-mr-mxp-k9:-:*:*:*:*:*:*:*", matchCriteriaId: "6EFF3999-1FF6-42C0-BE62-3FA227297264", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:7.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E90BEFD1-AAA5-4D39-A180-4B5ED3427AFC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nc55-24h12f-se:-:*:*:*:*:*:*:*", matchCriteriaId: "966F7DF8-1F20-4A74-B633-8B5AEE63C193", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nc55-36x100g-a-se:-:*:*:*:*:*:*:*", matchCriteriaId: "46EA0E17-C399-4DA0-A550-F5469CC82F3F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nc55-36x100g-s:-:*:*:*:*:*:*:*", matchCriteriaId: "41C4BF85-7077-463B-8E52-F67949849123", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nc55-5504-fc:-:*:*:*:*:*:*:*", matchCriteriaId: "F9102353-A21A-41C2-AA0B-9B00F66B693E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nc55-5516-fc:-:*:*:*:*:*:*:*", matchCriteriaId: "1536A363-E423-42DD-928B-FC6E91264371", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nc55-6x200-dwdm-s:-:*:*:*:*:*:*:*", matchCriteriaId: "AB4F5CA4-BBD2-4DC9-8F99-9CC1B2A90BF2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nc55-mod-a-s:-:*:*:*:*:*:*:*", matchCriteriaId: "A2442B13-F163-4219-AED9-7FA4CCD1A8D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-5501:-:*:*:*:*:*:*:*", matchCriteriaId: "7617BA24-6474-49CF-B78D-0056D3F8385B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-5501-se:-:*:*:*:*:*:*:*", matchCriteriaId: "C3DCE7D6-0E78-4CF3-BF7A-6A4945ADD4F1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-5502:-:*:*:*:*:*:*:*", matchCriteriaId: "344675F6-9045-492D-9577-E0CE333AD6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-5502-se:-:*:*:*:*:*:*:*", matchCriteriaId: "BC7F2221-B5BE-408C-BA84-9776469EE2D5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a1-24h:-:*:*:*:*:*:*:*", matchCriteriaId: "D8D61548-61B4-4B53-8574-9DB92B00A627", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a1-36h-s:-:*:*:*:*:*:*:*", matchCriteriaId: "4FF08FAF-67DD-4361-947A-40D5938DB8BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a1-36h-se:-:*:*:*:*:*:*:*", matchCriteriaId: "1CE2AD36-5D52-4489-AAC1-A7AC1B3D2581", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a2-mod-hd-s:-:*:*:*:*:*:*:*", matchCriteriaId: "A95FEA95-703B-44E0-A7CA-9E38B2EB1980", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a2-mod-hx-s:-:*:*:*:*:*:*:*", matchCriteriaId: "2D37BF94-9D5F-4A88-8115-3A88FF144845", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a2-mod-s:-:*:*:*:*:*:*:*", matchCriteriaId: "C33F0D81-1314-440B-9FC2-56D76CA4CD79", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a2-mod-se-h-s:-:*:*:*:*:*:*:*", matchCriteriaId: "8E50806D-115D-4903-A5B2-62654FFDD9F5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a2-mod-se-s:-:*:*:*:*:*:*:*", matchCriteriaId: "15AE071E-0CEF-4305-A92D-9F4C324BD4ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:network_convergence_system_5001:-:*:*:*:*:*:*:*", matchCriteriaId: "3E007368-04AF-49C7-892F-ED2BB1E4EA61", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:network_convergence_system_5002:-:*:*:*:*:*:*:*", matchCriteriaId: "9DBEF775-EC98-4391-BAD2-61870A7DEE88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "68A586A3-0291-4BA3-9211-6EE0BBB7F39C", versionEndExcluding: "9.3\\(2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n3k-c31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "5AEB8547-3FA8-42F5-8106-57B0F994BEC5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n3k-c31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "E4D2069C-23A2-4113-B674-024D36E40BDD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n3k-c3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "572F9105-9B6C-4460-8B49-14812AC3DC28", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n3k-c3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "6C5CF4C9-3B75-4DC5-BC38-8A2B87FEAE01", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "FE8EFEE8-FC8D-480C-917E-24C3B8D56E29", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "7482F9FB-CA6A-4CA2-B6FB-FD0DCDF603ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "6487A95B-0D04-4ABA-B491-8A935694AFD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F2E84307-41BC-4F85-BC9A-FF02178765F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "55A31452-5B60-4273-BA38-8FA684DED953", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "3C3FCA39-927B-4C89-A58B-E6859ED8176A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "D7B464B3-DE25-4980-ABC3-10D7C79C12E6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "214472EB-424C-48B7-8EF3-7B679A5042BF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "0D5DCCAC-A8CC-40B5-AA01-6D46CB9B7053", versionEndExcluding: "8.4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ds-x9648-1536k9:-:*:*:*:*:*:*:*", matchCriteriaId: "57E3CF0C-5AD0-4A30-9335-4945CBC04A60", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n3k-c3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "6C5CF4C9-3B75-4DC5-BC38-8A2B87FEAE01", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*", matchCriteriaId: "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-sup3e:-:*:*:*:*:*:*:*", matchCriteriaId: "F33AB95C-62FC-48EC-84AB-5EFA5C061F3B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "D409BDF3-9F35-4D94-9DF0-7B58A519A005", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:sm-x-1t3\\/e3_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "98B12A01-8EF8-4DDE-9A40-51A9BC7D42AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:sm-x-1t3\\/e3:-:*:*:*:*:*:*:*", matchCriteriaId: "696AFE49-10E1-4C56-93D3-F4118B3E01AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:encs_5100_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AD6741CC-EEA4-4DC8-A21B-DB84B861316B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*", matchCriteriaId: "678F3A32-372A-441E-8115-95181FBAF628", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:encs_5400_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EF426F3E-4474-43C7-84F5-EF61957E5004", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*", matchCriteriaId: "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform.", }, { lang: "es", value: "Una vulnerabilidad en la lógica que maneja el control de acceso de uno de los componentes de hardware en la implementación Secure Boot de propiedad de Cisco, podría permitir que un atacante local autenticado escriba una imagen de firmware modificada en el componente. Esta vulnerabilidad afecta a varios productos de Cisco que admiten la funcionalidad de Secure Boot basada en hardware. La vulnerabilidad se genera por una comprobación incorrecta en el área de código que administra las actualizaciones en las instalaciones de Field Programmable Gate Array (FPGA) parte de la implementación del hardware Secure Boot. Un atacante con privilegios elevados y acceso al sistema operativo subyacente que se ejecuta en el dispositivo afectado podría explotar esta vulnerabilidad al escribir una imagen de firmware modificada en el FPGA. Una explotación exitosa podría hacer que el dispositivo se vuelva inutilizable (y requiera un reemplazo de hardware) o permitir la manipulación del proceso de comprobación de Secure Boot, que en algunas circunstancias puede permitir al atacante instalar y arrancar una imagen de software malicioso. Un atacante deberá cumplir todas las condiciones siguientes para intentar explotar esta vulnerabilidad: Tener acceso administrativo privilegiado al dispositivo. Poder acceder al sistema operativo subyacente que se ejecuta en el dispositivo; Esto se puede lograr mediante el uso de un mecanismo documentado de soporte o mediante la explotación de otra vulnerabilidad que proporcionaría a un atacante con dicho acceso. Desarrollar o tener acceso a un exploit específico de la plataforma. Un atacante que busque explotar esta vulnerabilidad en múltiples plataformas afectadas necesitará investigar cada una de esas plataformas y después desarrollar una vulnerabilidad específica de la plataforma. Si bien el proceso de investigación se podría realizar en diferentes plataformas, es poco probable que una vulnerabilidad desarrollada para una plataforma de hardware determinada opere en una plataforma de hardware diferente.", }, ], id: "CVE-2019-1649", lastModified: "2024-11-21T04:37:00.627", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-13T19:29:01.520", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108350", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/400865", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-072-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108350", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/400865", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-072-03", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-667", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108394 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108394 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "AF1D583A-2AB3-4E66-9DE9-24AD9CE0C850", versionEndExcluding: "2.4.1.101", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E762B981-6AC3-41E2-9FF5-DBA9616EA75C", versionEndExcluding: "6.2\\(25\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "86770ECC-BC1D-42BC-A65B-FCE598491BEE", versionEndExcluding: "8.1\\(1b\\)", versionStartIncluding: "7.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "F4863FC5-6578-48DE-838D-E5D2EEFF27B1", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "92B576CF-5EAD-4830-A7B7-ACC434349691", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EA0C7252-4931-47EF-9AFD-0CE05C786613", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "02E6779A-5759-4A83-B884-1B47FC124A22", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de los programas FXOS y NX-OS de Cisco podría permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con elevados privilegios. Un atacante necesitaría credenciales de administrador para aprovechar esta vulnerabilidad.", }, ], id: "CVE-2019-1779", lastModified: "2024-11-21T04:37:21.570", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 3.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T20:29:01.320", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108394", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108394", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB", versionEndExcluding: "4.0\\(1a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E762B981-6AC3-41E2-9FF5-DBA9616EA75C", versionEndExcluding: "6.2\\(25\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "BC0041E4-EBDC-465A-B593-E7C353EF0D8F", versionEndExcluding: "8.3\\(2\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "92B576CF-5EAD-4830-A7B7-ACC434349691", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EA0C7252-4931-47EF-9AFD-0CE05C786613", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B8882184-A5B1-4F67-B942-FDEE2FFD43F4", versionEndExcluding: "8.2\\(3\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C4F8E70D-012F-4465-AC5B-D31563BE219A", versionEndExcluding: "2.2.2.91", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "5C2C8263-BA5C-41D0-ABD9-42925B94BF84", versionEndExcluding: "2.3.1.130", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "564D0A43-37E4-477A-8ADD-5D2FC8092142", versionEndExcluding: "2.4.1.222", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFCC3C2-3483-4BD0-AF71-23574D0849B1", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de los programas FXOS y NX-OS de Cisco podría permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con elevados privilegios . Un atacante necesitaría credenciales de administrador para aprovechar esta vulnerabilidad.", }, ], id: "CVE-2019-1782", lastModified: "2024-11-21T04:37:22.043", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T20:29:01.463", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108407", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108407", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:31
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:-:*:*:*:*:*:*:*", matchCriteriaId: "CDB194AF-51E8-4379-B416-34049BF03754", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000_virtual_edge:-:*:*:*:*:*:*:*", matchCriteriaId: "BF29010C-8712-4464-A233-14CF024AA6DB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*", matchCriteriaId: "7E705638-8D0A-40D6-9A51-4FDB6C03F71E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "00B4CC8B-AA85-43E5-962A-0F0E003D95FF", versionEndExcluding: "4.0\\(4i\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de administración local (local-mgmt) de Cisco UCS Manager Software, podría permitir a un atacante local autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a un manejo inapropiado de los parámetros de comando de la CLI. Un atacante podría explotar esta vulnerabilidad mediante la ejecución de comandos específicos en la CLI local-mgmt en un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar que los procesos internos del sistema presenten un fallo para finalizar apropiadamente, lo que podría resultar en una acumulación de procesos atascados y conllevar a una lentitud en el acceso a la CLI de UCS Manager y la Interfaz de Usuario web. Un ataque sostenido puede resultar en un reinicio de los procesos internos de UCS Manager y una pérdida temporal de acceso a la CLI de UCS Manager y la Interfaz de Usuario web", }, ], id: "CVE-2020-3504", lastModified: "2024-11-21T05:31:12.453", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-27T16:15:12.487", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-664", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-21 19:15
Modified
2024-11-21 06:43
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "05FF8791-FAEC-4E4C-8CF2-8AF41E461E82", versionEndIncluding: "9.16.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "86E0342A-7459-4A0E-B046-AB2F1F04D5FA", versionEndIncluding: "9.17.1.9", versionStartIncluding: "9.17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*", matchCriteriaId: "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*", matchCriteriaId: "08F0F160-DAD2-48D4-B7B2-4818B2526F35", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*", matchCriteriaId: "977D597B-F6DE-4438-AB02-06BE64D71EBE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*", matchCriteriaId: "EB71EB29-0115-4307-A9F7-262394FD9FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*", matchCriteriaId: "57179F60-E330-4FF0-9664-B1E4637FF210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*", matchCriteriaId: "5535C936-391B-4619-AA03-B35265FC15D7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*", matchCriteriaId: "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*", matchCriteriaId: "16AE20C2-C77E-4E04-BF13-A48696E52426", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_for_nexus_1000v:-:*:*:*:*:*:*:*", matchCriteriaId: "A198A68E-78A8-477F-B6D4-79AAB2C7BE22", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "E8D80E3B-DD36-45E8-9F7F-38111B7FF5E2", versionEndIncluding: "7.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "23670904-7E82-4434-A011-2462A56AB56E", versionEndIncluding: "7.1.0.1", versionStartIncluding: "7.1.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully.", }, { lang: "es", value: "Una vulnerabilidad en la implementación del protocolo Datagram TLS (DTLS) en el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podría permitir a un atacante remoto no autenticado causar un alto uso de la CPU, resultando en una condición de denegación de servicio (DoS). Esta vulnerabilidad es debido al procesamiento subóptimo que es producido cuando es establecido un túnel DTLS como parte de una conexión VPN SSL AnyConnect. Un atacante podría aprovechar esta vulnerabilidad mediante el envío de un flujo constante de tráfico DTLS diseñado a un dispositivo afectado. Una explotación con éxito podría permitir al atacante agotar los recursos del dispositivo de encabezado VPN afectado. Esto podría causar que los túneles DTLS existentes dejaran de pasar tráfico e impedir que se establecieran nuevos túneles DTLS, resultando en una condición de DoS. Nota: Cuando el tráfico de ataque es detenido, el dispositivo es recuperado con elegancia", }, ], id: "CVE-2022-20795", lastModified: "2024-11-21T06:43:34.283", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-21T19:15:08.740", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-345", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-345", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-10-02 19:15
Modified
2024-11-21 04:23
Severity ?
Summary
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "4627DAB3-AEC2-4E64-A787-B2A59388422C", versionEndExcluding: "6.4.0.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_9300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "758D00BF-FE5B-4B90-8337-63E7832ABBF7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4115_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E47E6035-3C82-4540-A582-0F6A3205AC8D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4125_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A7F8C83C-935A-46A6-882F-0622E92568AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4145_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "265955A5-3285-4697-8E37-4D8F75C05E41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4110_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B6417E0C-87B6-4C3B-B8A5-FC1C232E188E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4120_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C24A01DF-056B-456B-ACC7-D5C2940996B3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4140_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "24679CC8-00D9-4DD7-A47B-F8DEB7E2A735", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4150_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "769776E9-4463-4F32-88FE-FA69C96D2070", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.", }, { lang: "es", value: "Múltiples vulnerabilidades en la funcionalidad de múltiples instancias del Software Cisco Firepower Threat Defense (FTD), podrían permitir a un atacante local autenticado escapar del contenedor para su instancia FTD y ejecutar comandos con privilegios de root en el espacio de nombres del host. Estas vulnerabilidades son debido a protecciones insuficientes en el sistema de archivos subyacente. Un atacante podría explotar estas vulnerabilidades mediante la modificación de archivos críticos en el sistema de archivos subyacente. Una explotación con éxito podría permitir al atacante ejecutar comandos con privilegios de root dentro del espacio de nombres del host. Esto podría permitir al atacante afectar otras instancias de FTD en ejecución.", }, ], id: "CVE-2019-12675", lastModified: "2024-11-21T04:23:20.060", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.5, impactScore: 6, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-02T19:15:12.203", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-216", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-116", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-16 02:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108358 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108358 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "FDA0B4D7-BFD0-474C-AAB9-7A9244CC0E08", versionEndExcluding: "8.1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*", matchCriteriaId: "E81D2CC1-376A-4D87-88EA-6E1831741EC6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "458C07FB-06EE-4081-8B4C-D16962FF9035", versionEndExcluding: "7.0\\(3\\)i4\\(8\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "12F279A5-D64B-49E7-81CC-F2462EEF9628", versionEndExcluding: "7.0\\(3\\)i7\\(2\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5E88418C-0BC4-4D90-A14D-0B89F8399AA5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*", matchCriteriaId: "19F88FB2-1A75-4166-A4F5-039D67EAA1D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*", matchCriteriaId: "A01B0559-5632-4658-AA3A-221DD28D963F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*", matchCriteriaId: "082A5A44-DC9A-4B48-8F28-1D0EC7F82410", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*", matchCriteriaId: "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "D5E693D2-F1D5-4D22-885B-AE853221ABA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*", matchCriteriaId: "C63F63AD-94EC-4A6D-92AF-7FBF6275746A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*", matchCriteriaId: "490EAB88-A0F3-4A88-9A81-B414CE78B34B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "04A26215-DEB3-4337-AFE0-5E23C760060D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "6B8F7177-147E-47C0-ADFB-4CD0768D52CD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "06A72F9F-773A-463D-8BEB-6B316DF21CFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "8FC94E7D-84AF-4D2A-85A7-264CED2D107B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "BC0082AD-1EFB-4AFE-9974-EAAB926553F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAAE41-AD17-4F69-9029-8DD90D824E6F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E142C18F-9FB5-4D96-866A-141D7D16CAF7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8EFC116A-627F-4E05-B631-651D161217C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "90F30A43-9E4F-4A03-8060-A38B0925DBD2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "426B8E00-3C78-4C2B-9C0F-257875EE0335", versionEndExcluding: "7.0\\(3\\)f3\\(1\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "91595E9E-BF7A-4438-9D25-05AB29DD16ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "4818B000-7022-445A-8B0F-6B2E937AAEA3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "BEE867E4-9EE8-4A06-A51B-627C228EF0A2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "1734D373-CA79-447E-96A7-EDA4D3F9C924", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "2163BE9A-89E8-4585-9AD5-A1C764533F10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "569B5384-B93C-4FEF-88E7-3155ACE94F4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "3E7646FC-74C9-4188-9FDB-2C91D8D559D1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "90F30A43-9E4F-4A03-8060-A38B0925DBD2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "934E7941-C773-4032-944B-4AC57FB11D23", versionEndExcluding: "7.1\\(5\\)n1\\(1b\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "0F06C25C-4E7C-4485-9774-84FE72396BE2", versionEndExcluding: "7.3\\(4\\)n1\\(1a\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*", matchCriteriaId: "367C2A49-4C4D-471B-9B34-AFAFA5AE9503", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "074FE258-CE05-48CB-896C-AEACDF645093", versionEndExcluding: "7.2\\(0\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B16DD0F7-0DF2-4423-B0AA-04C3BBDEA757", versionEndExcluding: "8.1\\(1\\)", versionStartIncluding: "8.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "489A59F2-D44D-44ED-844C-E0EF83A23C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "79689D81-D8F0-4FB1-9B8F-62407474A042", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "D01E7A7E-7111-4C89-8EBD-080B0A3E069C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "83003054-E458-4405-BA7F-A5EA415D296A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*", matchCriteriaId: "F58B1C42-9150-48C9-9203-A2466FC61261", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "0AD5DA69-09D9-436A-8FC1-A46626DE2789", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*", matchCriteriaId: "E0A9CD4D-4659-402D-BDF8-E5EF86449641", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*", matchCriteriaId: "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*", matchCriteriaId: "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "9D753638-4BE8-4BF5-A083-F8360003869D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*", matchCriteriaId: "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*", matchCriteriaId: "9B875911-E742-427B-AE07-C8A5955DEA62", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*", matchCriteriaId: "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "5D0E31D5-9F1D-46EC-824F-352A0098944B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "E8AD0767-C42B-4BAC-B90C-F4412B661D7A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "D409BDF3-9F35-4D94-9DF0-7B58A519A005", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*", matchCriteriaId: "993AFE99-DFC3-4D92-90C8-D3A6495547BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*", matchCriteriaId: "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "108DB6B5-CB29-477F-84FC-52116F295878", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*", matchCriteriaId: "42ABB93D-2C3A-4029-B545-B638B6C7788E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "998DF854-FA86-4C76-8B50-44E90FBF6B48", versionEndExcluding: "2.6.1.131", versionStartIncluding: "2.6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C4F8E70D-012F-4465-AC5B-D31563BE219A", versionEndExcluding: "2.2.2.91", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "5C2C8263-BA5C-41D0-ABD9-42925B94BF84", versionEndExcluding: "2.3.1.130", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "564D0A43-37E4-477A-8ADD-5D2FC8092142", versionEndExcluding: "2.4.1.222", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F3C6CC11-470A-47A4-AAF5-D5580FB78562", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:*:*:*:*:*:*:*", matchCriteriaId: "AA4A2B35-5106-4F43-835A-7F97D2324373", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F7F452-9294-4445-A344-1A76B277C45D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_module:-:*:*:*:*:*:*:*", matchCriteriaId: "3EA604D8-76C0-40B9-8675-02BEEA18E432", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "9904E827-0F28-4776-A3B5-7E4F3FB524C8", versionEndExcluding: "14.0\\(2c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A497D055-0061-425D-A209-C8919C708B4E", versionEndExcluding: "14.1\\(1i\\)", versionStartIncluding: "14.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5E88418C-0BC4-4D90-A14D-0B89F8399AA5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*", matchCriteriaId: "19F88FB2-1A75-4166-A4F5-039D67EAA1D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*", matchCriteriaId: "A01B0559-5632-4658-AA3A-221DD28D963F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*", matchCriteriaId: "082A5A44-DC9A-4B48-8F28-1D0EC7F82410", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*", matchCriteriaId: "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "D5E693D2-F1D5-4D22-885B-AE853221ABA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*", matchCriteriaId: "C63F63AD-94EC-4A6D-92AF-7FBF6275746A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*", matchCriteriaId: "490EAB88-A0F3-4A88-9A81-B414CE78B34B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "04A26215-DEB3-4337-AFE0-5E23C760060D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "6B8F7177-147E-47C0-ADFB-4CD0768D52CD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "06A72F9F-773A-463D-8BEB-6B316DF21CFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "8FC94E7D-84AF-4D2A-85A7-264CED2D107B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "BC0082AD-1EFB-4AFE-9974-EAAB926553F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAAE41-AD17-4F69-9029-8DD90D824E6F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "90F30A43-9E4F-4A03-8060-A38B0925DBD2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D627F011-5AEC-4BA5-9B61-D50DD3CC4DE6", versionEndExcluding: "6.0\\(2\\)a8\\(4\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "12F279A5-D64B-49E7-81CC-F2462EEF9628", versionEndExcluding: "7.0\\(3\\)i7\\(2\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "59B48D7E-BD70-4971-B508-1DAD4841C5CE", versionEndExcluding: "5.2\\(1\\)sv3\\(4.1a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:hyper-v:*:*", matchCriteriaId: "69E1B4D2-4200-4C05-9E64-57A18823AF38", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "9A5FFC5B-6F90-4E8F-9AE2-B4DA4C7A144B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.", }, { lang: "es", value: "Una vulnerabilidad en el procesador de paquetes de entrada del Protocolo de administración de red simple (SNMP) de los programas FXOS y NX-OS de Cisco podría permitir que un atacante remoto no autenticado provoque que la aplicación SNMP pierda memoria en el sistema, lo que podría hacer que un dispositivo afectado se reinicie inesperadamente . La vulnerabilidad se debe a un manejo incorrecto de errores al procesar paquetes SNMP entrantes. Un atacante podría aprovechar esta vulnerabilidad enviando múltiples paquetes SNMP diseñados a un dispositivo afectado. Un aprovechamiento exitoso podría permitir que el atacante haga que la aplicación SNMP pierda memoria del sistema debido a una condición de error manejada incorrectamente durante el procesamiento del paquete. Con el tiempo, esta pérdida de memoria podría hacer que la aplicación SNMP se reinicie varias veces, lo que lleva a un reinicio a nivel del sistema y una condición de denegación de servicio (DoS).", }, ], id: "CVE-2019-1858", lastModified: "2024-11-21T04:37:32.763", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-16T02:29:00.670", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108358", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108358", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 21:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108479 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108479 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "8F9D7D11-A8C6-4AAD-97DA-C5E5F9681F09", versionEndExcluding: "8.2\\(3\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*", matchCriteriaId: "E81D2CC1-376A-4D87-88EA-6E1831741EC6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "458C07FB-06EE-4081-8B4C-D16962FF9035", versionEndExcluding: "7.0\\(3\\)i4\\(8\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C4692FD8-8B7E-4418-A6E2-51A34117FFCD", versionEndExcluding: "7.3\\(3\\)i7\\(3\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5E88418C-0BC4-4D90-A14D-0B89F8399AA5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*", matchCriteriaId: "19F88FB2-1A75-4166-A4F5-039D67EAA1D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*", matchCriteriaId: "A01B0559-5632-4658-AA3A-221DD28D963F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*", matchCriteriaId: "082A5A44-DC9A-4B48-8F28-1D0EC7F82410", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*", matchCriteriaId: "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "D5E693D2-F1D5-4D22-885B-AE853221ABA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*", matchCriteriaId: "C63F63AD-94EC-4A6D-92AF-7FBF6275746A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*", matchCriteriaId: "490EAB88-A0F3-4A88-9A81-B414CE78B34B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "04A26215-DEB3-4337-AFE0-5E23C760060D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "6B8F7177-147E-47C0-ADFB-4CD0768D52CD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "06A72F9F-773A-463D-8BEB-6B316DF21CFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "8FC94E7D-84AF-4D2A-85A7-264CED2D107B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "BC0082AD-1EFB-4AFE-9974-EAAB926553F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAAE41-AD17-4F69-9029-8DD90D824E6F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E142C18F-9FB5-4D96-866A-141D7D16CAF7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8EFC116A-627F-4E05-B631-651D161217C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "90F30A43-9E4F-4A03-8060-A38B0925DBD2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "F809C85E-BC8C-4650-B7C9-7A15315AE2BD", versionEndExcluding: "7.0\\(3\\)i4\\(8\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C4692FD8-8B7E-4418-A6E2-51A34117FFCD", versionEndExcluding: "7.3\\(3\\)i7\\(3\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "91595E9E-BF7A-4438-9D25-05AB29DD16ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "4818B000-7022-445A-8B0F-6B2E937AAEA3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "BEE867E4-9EE8-4A06-A51B-627C228EF0A2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "1734D373-CA79-447E-96A7-EDA4D3F9C924", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "2163BE9A-89E8-4585-9AD5-A1C764533F10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "569B5384-B93C-4FEF-88E7-3155ACE94F4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "3E7646FC-74C9-4188-9FDB-2C91D8D559D1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "90F30A43-9E4F-4A03-8060-A38B0925DBD2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EA0C7252-4931-47EF-9AFD-0CE05C786613", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*", matchCriteriaId: "367C2A49-4C4D-471B-9B34-AFAFA5AE9503", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B8882184-A5B1-4F67-B942-FDEE2FFD43F4", versionEndExcluding: "8.2\\(3\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "489A59F2-D44D-44ED-844C-E0EF83A23C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "79689D81-D8F0-4FB1-9B8F-62407474A042", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "D01E7A7E-7111-4C89-8EBD-080B0A3E069C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "83003054-E458-4405-BA7F-A5EA415D296A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*", matchCriteriaId: "F58B1C42-9150-48C9-9203-A2466FC61261", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "0AD5DA69-09D9-436A-8FC1-A46626DE2789", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*", matchCriteriaId: "E0A9CD4D-4659-402D-BDF8-E5EF86449641", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*", matchCriteriaId: "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*", matchCriteriaId: "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "9D753638-4BE8-4BF5-A083-F8360003869D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*", matchCriteriaId: "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*", matchCriteriaId: "9B875911-E742-427B-AE07-C8A5955DEA62", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*", matchCriteriaId: "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "5D0E31D5-9F1D-46EC-824F-352A0098944B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "E8AD0767-C42B-4BAC-B90C-F4412B661D7A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "D409BDF3-9F35-4D94-9DF0-7B58A519A005", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*", matchCriteriaId: "993AFE99-DFC3-4D92-90C8-D3A6495547BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*", matchCriteriaId: "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "108DB6B5-CB29-477F-84FC-52116F295878", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*", matchCriteriaId: "42ABB93D-2C3A-4029-B545-B638B6C7788E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "19B38FA2-5F5C-45D3-9F03-1020AD03C0C7", versionEndExcluding: "3.2\\(3a\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "4E21FF51-A716-40AE-A9F3-BBAC2CF3A87D", versionEndExcluding: "4.0\\(1a\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "4356AAFD-C447-485B-8F9C-281A076C4BE4", versionEndExcluding: "2.0.1.201", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "4C3732BD-8732-4EE4-B915-92A040A6795B", versionEndExcluding: "2.2.2.54", versionStartIncluding: "2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "8D256B7B-1043-4D2B-9E2F-AA25637B29D6", versionEndExcluding: "2.3.1.73", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "FF89AAA7-02D6-486A-9AF6-8977E756115D", versionEndExcluding: "2.4.1.101", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F3C6CC11-470A-47A4-AAF5-D5580FB78562", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:*:*:*:*:*:*:*", matchCriteriaId: "AA4A2B35-5106-4F43-835A-7F97D2324373", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F7F452-9294-4445-A344-1A76B277C45D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_modules:-:*:*:*:*:*:*:*", matchCriteriaId: "5036DB7B-137C-413E-B328-8E7E5A84D5D8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "DDF06979-4813-49A4-920D-D3B280B2456C", versionEndExcluding: "5.2\\(1\\)sv3\\(4.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "9A5FFC5B-6F90-4E8F-9AE2-B4DA4C7A144B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "0E9D6862-7F78-47D2-B273-8EE4EAE216F5", versionEndExcluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:hyper-v:*:*", matchCriteriaId: "69E1B4D2-4200-4C05-9E64-57A18823AF38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de los programas FXOS y NX-OS de Cisco podría permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con elevados privilegios. Un atacante necesitaría credenciales de administrador para aprovechar esta vulnerabilidad.", }, ], id: "CVE-2019-1795", lastModified: "2024-11-21T04:37:23.847", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T21:29:03.367", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108479", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108479", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-05 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "6793CE39-88B6-42DF-A586-43BC656F00DD", versionEndIncluding: "2.3.1.173", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "B5CD86FB-4B86-470E-A1F8-3F3EBC66F0F3", versionEndExcluding: "2.6.1.187", versionStartIncluding: "2.6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "A19CF844-DCAA-46DD-95FC-1BC200E7DE91", versionEndExcluding: "2.7.1.106", versionStartIncluding: "2.7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:2.4:*:*:*:*:*:*:*", matchCriteriaId: "35E2BDED-6263-4948-89A3-5D867D52BD48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:5.2.5:*:*:*:*:*:*:*", matchCriteriaId: "A0B5C0F4-1BEC-4B54-ABF0-948CFF80E5E0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*", matchCriteriaId: "E67F538A-3E1A-4749-BB8D-4F8043653B6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*", matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*", matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*", matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*", matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*", matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*", matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*", matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*", matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*", matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*", matchCriteriaId: "4B051AF4-592A-4201-9DD3-8683C1847A00", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*", matchCriteriaId: "86E05C3F-4095-4B9C-8C11-E32567EB14AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*", matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*", matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*", matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*", matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*", matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*", matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*", matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*", matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*", matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*", matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*", matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*", matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-12z20g-sys-a:-:*:*:*:*:*:*:*", matchCriteriaId: "D5494B4B-0BB4-48AE-8B0D-04DE649F9313", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-12z20g-sys-d:-:*:*:*:*:*:*:*", matchCriteriaId: "B3A0C835-6C98-4AB6-89FF-C27117BB6B12", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-24z8q2c-sys:-:*:*:*:*:*:*:*", matchCriteriaId: "395F25CD-FDF5-48D7-A048-A6B4F4779EC9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-28z4c-sys-a:-:*:*:*:*:*:*:*", matchCriteriaId: "2E926BBC-F5C5-4D02-8A62-F1A5DE3C54DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-28z4c-sys-d:-:*:*:*:*:*:*:*", matchCriteriaId: "EFB1323A-C472-4EA1-A969-1D1C10AB0CE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-acc-sys:-:*:*:*:*:*:*:*", matchCriteriaId: "124CE49C-1C2B-40A5-8F59-7A223766E12F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-a:-:*:*:*:*:*:*:*", matchCriteriaId: "A83F3D33-0674-4F74-AEA9-BC824D8536F5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-d:-:*:*:*:*:*:*:*", matchCriteriaId: "784A450D-8DCA-43E5-8044-A9F2363FB006", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-a:-:*:*:*:*:*:*:*", matchCriteriaId: "92E88ED4-C2AF-407C-A395-3D7806D68758", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-d:-:*:*:*:*:*:*:*", matchCriteriaId: "2DA11E43-F821-45F6-A2DB-E1EBC8BDE68B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540x-acc-sys:-:*:*:*:*:*:*:*", matchCriteriaId: "871D84C5-71EE-4B82-A48C-A1CC68DA332A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*", matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*", matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*", matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*", matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*", matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*", matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*", matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "0B529456-23DB-4917-A316-4CFC6AEC9964", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*", matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*", matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "82AF763B-9299-4EDC-B42D-B83736839CA1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*", matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "55812D67-23B2-4EE1-8DEF-B1386551D825", versionEndExcluding: "6.2\\(29\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "2516465F-34B9-4E24-B65B-3952DAEF25FD", versionEndExcluding: "8.4\\(1a\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "33FD38EF-3B47-4739-BF0B-FC50D8520DBC", versionEndExcluding: "5.2\\(1\\)sv5\\(1.3\\)", versionStartIncluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:vsphere:*:*", matchCriteriaId: "707970E0-8B5F-4C9D-A1C2-6AF4286CFE2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "4832A094-92DB-402F-AF05-34B3A7C7CA0E", versionEndIncluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:hyper-v:*:*", matchCriteriaId: "69E1B4D2-4200-4C05-9E64-57A18823AF38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "2FE8F16B-D59C-43C7-BECA-3D62B609AB94", versionEndExcluding: "5.2\\(1\\)sv3\\(4.1b\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vsphere:*:*", matchCriteriaId: "30E0EDCF-CF41-4DEA-85E6-C39F49B03F31", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "1D562562-099B-47D6-8A27-592960AEDB5C", versionEndExcluding: "9.3\\(2\\)", versionStartIncluding: "7.0\\(3\\)f2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CBBBECB4-431D-42AE-9A15-E1B8C7186EE2", versionEndExcluding: "7.0\\(3\\)i7\\(8\\)", versionStartIncluding: "7.0\\(3\\)i", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "80E4C5F7-050A-40D8-B087-5F7597B97EEA", versionEndExcluding: "7.3\\(6\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B7D74A33-E46C-4A26-AEFF-A9064415F89E", versionEndExcluding: "6.2\\(24\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "DA088812-07C5-47BF-9CB1-66D2E4E6D27C", versionEndExcluding: "7.3\\(5\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A8934F95-3C91-4499-ACA3-8C22DA785ED5", versionEndExcluding: "8.2\\(5\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "66360174-9C40-4147-A94C-8007021C55A5", versionEndExcluding: "8.4\\(2\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "97BA8B03-822E-4544-89A0-23608D635DA7", versionEndExcluding: "13.2\\(9b\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7A415FC0-EC1A-4172-B88E-5AC3BEE291BE", versionEndExcluding: "14.2\\(1j\\)", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C8BA5E06-2264-4292-93E5-D32A2D81600E", versionEndExcluding: "3.2\\(3m\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5C79BC0D-B86C-452B-B6CA-F93E938B707F", versionEndExcluding: "4.0\\(4g\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", }, { lang: "es", value: "Una vulnerabilidad en la implementación de Cisco Discovery Protocol para Cisco FXOS Software, Cisco IOS XR Software y Cisco NX-OS Software, podría permitir a un atacante adyacente no autenticado causar una recarga de un dispositivo afectado, resultando en una condición de denegación de servicio (DoS). La vulnerabilidad es debido a una falta de comprobación cuando el software afectado procesa los mensajes de Cisco Discovery Protocol. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete malicioso de Cisco Discovery Protocol hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante agotar la memoria del sistema, causando que el dispositivo se recargue. Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe encontrarse en el mismo dominio de difusión que el dispositivo afectado (Capa 2 adyacente).", }, ], id: "CVE-2020-3120", lastModified: "2024-11-21T05:30:22.057", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-05T18:15:11.063", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet directed to the physical management interface of an affected system. A successful exploit could allow the attacker to cause the process to crash and possibly reload the device, resulting in a denial of service (DoS) condition on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96B9E0CF-5926-4DDB-9298-BADDD33B66D0", versionEndExcluding: "3.1\\(3a\\)a", versionStartIncluding: "3.0\\(2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*", matchCriteriaId: "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*", matchCriteriaId: "C0246716-64E9-4CCA-9546-A3A40D375E95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "63CFEFD0-F2F2-4220-903C-A11446902C4D", versionEndExcluding: "1.1.4.169", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "2695D838-79D5-4C2F-8B41-0900AABAAE48", versionEndExcluding: "2.0.1.135", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet directed to the physical management interface of an affected system. A successful exploit could allow the attacker to cause the process to crash and possibly reload the device, resulting in a denial of service (DoS) condition on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz web de Cisco FXOS y Cisco UCS Fabric Interconnect Software podría permitir que un atacante remoto sin autenticar provoque un desbordamiento de búfer en un sistema afectado. Esta vulnerabilidad se debe a la incompleta validación de entradas en la interfaz web. Un atacante podría explotar esta vulnerabilidad enviando un paquete HTTP o HTTPS directamente a la interfaz de gestión física de un sistema afectado. Su explotación con éxito podría permitir que el atacante haga que el proceso se cierre inesperadamente y, posiblemente, que se reinicie el dispositivo, provocando una denegación de servicio (DoS) en el sistema afectado. esta vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799.", }, ], id: "CVE-2018-0298", lastModified: "2024-11-21T03:37:55.500", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-21T11:29:00.240", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-04-19 20:29
Modified
2024-11-21 03:37
Severity ?
Summary
Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerabilities are due to logical errors during traffic inspection. An attacker could exploit these vulnerabilities by sending a high volume of malicious traffic across an affected device. An exploit could allow the attacker to cause a deadlock condition, resulting in a reload of an affected device. These vulnerabilities affect Cisco ASA Software and Cisco FTD Software configured for Application Layer Protocol Inspection running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/103934 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1040722 | Broken Link, Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01 | Third Party Advisory, US Government Resource | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/103934 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040722 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "64116F5B-671C-46DB-A78D-AB14AAF946FD", versionEndIncluding: "6.1.0.7", versionStartIncluding: "6.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "BC8A9EB8-D0BF-453B-BB21-5EE5D8E29728", versionEndExcluding: "6.2.0.5", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "F78E5B29-1033-4151-A1C2-063D590C0B34", versionEndExcluding: "6.2.2.2", versionStartIncluding: "6.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "1FA3D6C9-26CC-4E6C-A71A-C50119CC434B", versionEndExcluding: "9.6.4.6", versionStartIncluding: "9.6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "EC4174F9-9031-437E-82DE-F58F35594ED0", versionEndExcluding: "9.7.1.24", versionStartIncluding: "9.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "5F0EB447-BAF2-4ED2-BE4A-02F7FE9E35EE", versionEndExcluding: "9.8.2.24", versionStartIncluding: "9.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "B68B0C20-2628-4355-A48F-619E755305DD", versionEndExcluding: "9.9.1.4", versionStartIncluding: "9.9.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:adaptive_security_virtual_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "E785C602-BE11-4FFC-A2A7-EC520E220C0F", vulnerable: false, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense_virtual:-:*:*:*:*:*:*:*", matchCriteriaId: "A38E373E-438F-44F6-AABF-2C57142507EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7604:-:*:*:*:*:*:*:*", matchCriteriaId: "65973B50-2AA1-4B83-925A-8DB2D4720ADB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7606-s:-:*:*:*:*:*:*:*", matchCriteriaId: "25DD80A8-F664-4C30-A89F-C2299CCACB7E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7609-s:-:*:*:*:*:*:*:*", matchCriteriaId: "385DBA44-E84B-4752-8E8E-170EF13784D7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7613-s:-:*:*:*:*:*:*:*", matchCriteriaId: "A1E30F72-0218-496D-BFAD-CED0AAC5E58E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa-5505:-:*:*:*:*:*:*:*", matchCriteriaId: "42EACCF8-8E5F-4227-9B09-9F3B40462B29", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa-5506-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4916B846-AEAD-4C06-9705-048627F27236", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa-5506h-x:-:*:*:*:*:*:*:*", matchCriteriaId: "931B9C8E-6AD7-4E05-8E48-27D3931DC8BB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa-5512-x:-:*:*:*:*:*:*:*", matchCriteriaId: "B202C089-E348-42E0-8818-BB3874B28AFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa-5515-x:-:*:*:*:*:*:*:*", matchCriteriaId: "F449766B-F279-41B3-B0D6-049EF05B8DCE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa-5520:-:*:*:*:*:*:*:*", matchCriteriaId: "7293B424-1022-4013-8A5F-5A023D3DB181", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa-5540:-:*:*:*:*:*:*:*", matchCriteriaId: "A5FF447F-AE88-4B08-BDE8-26B642BEA80C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa-5545-x:-:*:*:*:*:*:*:*", matchCriteriaId: "0EF47542-3C2E-4BDB-823F-9A901312C634", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa-5555-x:-:*:*:*:*:*:*:*", matchCriteriaId: "A567EFB6-9A19-4BC0-8EE2-6E2219D09961", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa-5585-x:-:*:*:*:*:*:*:*", matchCriteriaId: "70928713-E277-4707-9A8A-3438D1760ECE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5506-x:-:*:*:*:*:*:*:*", matchCriteriaId: "763B801D-CA1E-4C56-8B06-3373EA307C7E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5506w-x:-:*:*:*:*:*:*:*", matchCriteriaId: "D11AF728-8EB0-45EB-A7DD-F2D52B3BB7B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5508-x:-:*:*:*:*:*:*:*", matchCriteriaId: "92AE506A-E710-465B-B795-470FDE0E0ECA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*", matchCriteriaId: "B091B9BA-D4CA-435B-8D66-602B45F0E0BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5516-x:-:*:*:*:*:*:*:*", matchCriteriaId: "1E07AF10-FFB2-4AC7-BBE7-199C3EFED81F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*", matchCriteriaId: "EB71EB29-0115-4307-A9F7-262394FD9FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*", matchCriteriaId: "E6287D95-F564-44B7-A0F9-91396D7C2C4E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*", matchCriteriaId: "5535C936-391B-4619-AA03-B35265FC15D7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*", matchCriteriaId: "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_6500-e:-:*:*:*:*:*:*:*", matchCriteriaId: "15B48565-92C7-4AE1-AE3A-6FF7DD010745", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_6503-e:-:*:*:*:*:*:*:*", matchCriteriaId: "F202892E-2E58-4D77-B983-38AFA51CDBC6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_6504-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7F57DF3E-4069-4EF0-917E-84CDDFCEBEEF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_6506-e:-:*:*:*:*:*:*:*", matchCriteriaId: "0BE25114-ABBC-47A0-9C20-E8D40D721313", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_6509-e:-:*:*:*:*:*:*:*", matchCriteriaId: "FADD5F49-2817-40EC-861C-C922825708BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_6509-neb-a:-:*:*:*:*:*:*:*", matchCriteriaId: "E628F9C4-98C6-4A95-AF81-F1E6A56E8648", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_6509-v-e:-:*:*:*:*:*:*:*", matchCriteriaId: "4AFF899C-1EB3-46D8-9003-EA36A68C90B3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_6513:-:*:*:*:*:*:*:*", matchCriteriaId: "E6463491-F63E-44CB-A1D4-C029BE7D3D3D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_6513-e:-:*:*:*:*:*:*:*", matchCriteriaId: "D8668D34-096B-4FC3-B9B1-0ECFD6265778", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:isa-3000-2c2f:-:*:*:*:*:*:*:*", matchCriteriaId: "646795EF-D545-44FE-ADD9-E950783CF976", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:isa-3000-4c:-:*:*:*:*:*:*:*", matchCriteriaId: "A81184F2-631A-46FA-AB96-2B2D20FBEC8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerabilities are due to logical errors during traffic inspection. An attacker could exploit these vulnerabilities by sending a high volume of malicious traffic across an affected device. An exploit could allow the attacker to cause a deadlock condition, resulting in a reload of an affected device. These vulnerabilities affect Cisco ASA Software and Cisco FTD Software configured for Application Layer Protocol Inspection running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456.", }, { lang: "es", value: "Múltiples vulnerabilidades en la característica Application Layer Protocol de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podrían permitir que un atacante remoto no autenticado desencadene una recarga del dispositivo afectado, lo que resulta en una denegación de servicio (DoS). Las vulnerabilidades se deben a errores de lógica durante la inspección de tráfico. Un atacante podría explotar estas vulnerabilidades enviando un gran volumen de tráfico malicioso a través de un dispositivo afectado. Su explotación podría permitir que el atacante provoque una condición de deadlock, lo que resulta en la recarga del dispositivo afectado. Estas vulnerabilidades afectan a las versiones de Cisco ASA Software y Cisco FTD Software configuradas para la inspección de Application Layer Protocol en los siguientes productos de Cisco: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module y FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456.", }, ], id: "CVE-2018-0240", lastModified: "2024-11-21T03:37:47.810", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-04-19T20:29:00.817", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103934", }, { source: "psirt@cisco.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040722", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103934", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040722", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-10-02 19:15
Modified
2024-11-21 04:23
Severity ?
Summary
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "4627DAB3-AEC2-4E64-A787-B2A59388422C", versionEndExcluding: "6.4.0.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_9300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "758D00BF-FE5B-4B90-8337-63E7832ABBF7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4115_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E47E6035-3C82-4540-A582-0F6A3205AC8D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4125_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A7F8C83C-935A-46A6-882F-0622E92568AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4145_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "265955A5-3285-4697-8E37-4D8F75C05E41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4110_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B6417E0C-87B6-4C3B-B8A5-FC1C232E188E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4120_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C24A01DF-056B-456B-ACC7-D5C2940996B3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4140_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "24679CC8-00D9-4DD7-A47B-F8DEB7E2A735", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4150_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "769776E9-4463-4F32-88FE-FA69C96D2070", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.", }, { lang: "es", value: "Múltiples vulnerabilidades en la funcionalidad de múltiples instancias del Software Cisco Firepower Threat Defense (FTD), podrían permitir a un atacante local autenticado escapar del contenedor para su instancia FTD y ejecutar comandos con privilegios de root en el espacio de nombres del host. Estas vulnerabilidades son debido a protecciones insuficientes en el sistema de archivos subyacente. Un atacante podría explotar estas vulnerabilidades mediante la modificación de archivos críticos en el sistema de archivos subyacente. Una explotación con éxito podría permitir al atacante ejecutar comandos con privilegios de root dentro del espacio de nombres del host. Esto podría permitir al atacante afectar otras instancias de FTD en ejecución.", }, ], id: "CVE-2019-12674", lastModified: "2024-11-21T04:23:19.917", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.5, impactScore: 6, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-02T19:15:12.123", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-216", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-116", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-23 20:15
Modified
2024-11-21 07:40
Severity ?
6.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Summary
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6536_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "834E1736-9E8D-476A-ADA9-EB81BEB8DC6C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6536:-:*:*:*:*:*:*:*", matchCriteriaId: "0C36A364-DBC0-44DA-9DB0-6CC8E9D074BF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_64108_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9CF884E9-68AA-44F7-A551-F7D7DF2378DB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6454_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "085034AF-4825-4E06-BCBD-6F0D80959A26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6200_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2BD99394-5B1B-49FB-9085-3D92E4DBF1A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*", matchCriteriaId: "A0B96E5C-CC27-4020-93CE-413B95DCABB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6248up_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0AE37430-9711-443E-BF69-CAAEDD2A0E45", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6296up_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9E325ADE-5098-4C1B-82FB-CB04DDB68A2A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "192B4BF0-A6E4-4241-8E30-48CAE65203F1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6324_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "63D87F40-279D-46BD-9A1E-B980E9DDD24D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6332_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "148B3732-6F6C-4865-8FCC-A215883BEEC9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6332-16up_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "027A27D8-DD06-420A-BCDC-553641F5CC83", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "FC22C69D-7B86-4ED8-87AA-D259D026CA6B", versionEndExcluding: "2.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*", matchCriteriaId: "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*", matchCriteriaId: "18048A84-BA0F-48EF-AFFB-635FF7F70C66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*", matchCriteriaId: "317DF3DD-C7CD-4CA2-804F-A738E048BEB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*", matchCriteriaId: "C13CF29B-9308-452B-B7E0-9E818B5A6C1E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB527C2-855E-4BB9-BCA7-94BE86100D44", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "E82C1B05-990D-49D2-B80A-C3EDD4082840", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*", matchCriteriaId: "421D91C3-8AB3-45E1-9E55-13ED1A4A623E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*", matchCriteriaId: "2D741945-8B0A-408D-A5FE-D5B38DC6D46A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9308CA67-E949-4338-A890-22B3C4428D70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials.", }, ], id: "CVE-2023-20016", lastModified: "2024-11-21T07:40:20.983", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-23T20:15:13.407", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-321", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-330", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-21 19:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F28E6085-8E83-4A6F-9C6A-6B8D5F0BE334", versionEndExcluding: "2.4.1.266", versionStartIncluding: "2.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "B6DCD71B-89A0-4D38-89F8-DB358145FDA0", versionEndExcluding: "2.6.1.204", versionStartIncluding: "2.6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "C2E8A64D-C8E2-4030-8616-D47741E43E3A", versionEndExcluding: "2.7.1.131", versionStartIncluding: "2.7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5C931A1B-3465-4CD6-A62A-BFA0180A917E", versionEndExcluding: "2.8.1.125", versionStartIncluding: "2.8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*", matchCriteriaId: "18048A84-BA0F-48EF-AFFB-635FF7F70C66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*", matchCriteriaId: "317DF3DD-C7CD-4CA2-804F-A738E048BEB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*", matchCriteriaId: "C13CF29B-9308-452B-B7E0-9E818B5A6C1E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB527C2-855E-4BB9-BCA7-94BE86100D44", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "E82C1B05-990D-49D2-B80A-C3EDD4082840", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*", matchCriteriaId: "421D91C3-8AB3-45E1-9E55-13ED1A4A623E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*", matchCriteriaId: "2D741945-8B0A-408D-A5FE-D5B38DC6D46A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9308CA67-E949-4338-A890-22B3C4428D70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "44064024-9A8B-4443-9AF7-B28CD3C643F0", versionEndExcluding: "9.8.4.29", versionStartIncluding: "9.8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "86B181C5-34C2-4BD5-B012-841B978A26C4", versionEndExcluding: "9.9.2.80", versionStartIncluding: "9.9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "8CCF1EAA-45F3-4155-B8DA-F34213C911F7", versionEndExcluding: "9.10.1.40", versionStartIncluding: "9.10", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "922DEE7A-F3E4-4DE1-AAB0-71F92C208EA0", versionEndExcluding: "9.12.4.3", versionStartIncluding: "9.12", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "F21E8FD7-6BBB-4D7B-B21A-D5D57630800A", versionEndExcluding: "9.13.1.13", versionStartIncluding: "9.13", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "E6F79864-CA70-4192-AC2C-E174DF3F25B2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*", matchCriteriaId: "D23A26EF-5B43-437C-A962-4FC69D8A0FF4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "DAE7D15F-6771-421C-94A9-89280283DEF8", versionEndExcluding: "6.3.0.6", versionStartIncluding: "6.2.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "706422EE-ACF8-46AA-A946-27BA302BD180", versionEndExcluding: "6.4.0.9", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "38DCBF6C-AA34-4A5B-B2B1-57684DD5BB42", versionEndExcluding: "6.5.0.5", versionStartIncluding: "6.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "E6F79864-CA70-4192-AC2C-E174DF3F25B2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*", matchCriteriaId: "D23A26EF-5B43-437C-A962-4FC69D8A0FF4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de Cisco FXOS Software, podría permitir a un atacante local autenticado inyectar comandos arbitrarios que son ejecutados con privilegios root. La vulnerabilidad es debido a una comprobación insuficiente de la entrada de los comandos suministrados por el usuario. Un atacante podría explotar esta vulnerabilidad mediante la autenticación en un dispositivo y enviar una entrada diseñada hacia el comando afectado. Una explotación con éxito podría permitir a un atacante ejecutar comandos en el sistema operativo subyacente con privilegios root", }, ], id: "CVE-2020-3457", lastModified: "2024-11-21T05:31:06.517", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-21T19:15:16.357", references: [ { source: "psirt@cisco.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3B77DE7C-8F8A-4474-BA11-401B6A07C18E", versionEndExcluding: "7.1\\(5\\)n1\\(1\\)", versionStartIncluding: "7.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "4F5FF890-017A-4F2B-9253-8149FA484066", versionEndExcluding: "7.3\\(3\\)n1\\(1\\)", versionStartIncluding: "7.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0:*:*:*:*:*:*:*", matchCriteriaId: "991285C8-2BD5-4C84-8DA0-4C500B519267", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0:*:*:*:*:*:*:*", matchCriteriaId: "02DD5791-E4D3-475C-84B0-E642ACFC5EB6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*", matchCriteriaId: "5EE85C54-276F-462E-808A-23D3E54D31BD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "4F2B1E07-8519-4F58-9048-81ABA12E01DC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "627E5170-669E-41CB-BEA7-9DA6C6C4FF44", versionEndExcluding: "6.2\\(20\\)", versionStartIncluding: "6.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "20B60929-1E25-49F2-9C11-7A613E6CE1E7", versionEndExcluding: "7.2\\(2\\)d1\\(3\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "9223B362-B27F-49FF-AFB2-8F39C43C4510", versionEndExcluding: "7.3\\(2\\)d1\\(1\\)", versionStartIncluding: "7.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C06BC203-6A1D-4427-B368-46CDE4110F2E", versionEndExcluding: "8.1\\(2\\)", versionStartIncluding: "8.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "18F3A094-63D1-45B8-B0D2-D84BAD19BB8A", versionEndExcluding: "8.2\\(1\\)", versionStartIncluding: "8.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.0:*:*:*:*:*:*:*", matchCriteriaId: "2B36B056-C068-4413-B648-1D1D6026B823", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "93C9AFED-1347-4B0E-B031-AF5EA891B9BD", versionEndExcluding: "7.0\\(3\\)i3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "15C899EF-A64F-4FD8-851C-1D4E2929BAF4", versionEndExcluding: "7.0\\(3\\)i7\\(1\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0FD46BDD-4755-46DD-9F83-B2B589B09417", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0603E231-14E0-4224-898F-ED61641F7403", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "FE3EB1F2-F964-4D4E-BDE7-8E6805105152", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "5219768E-0988-4F66-8D53-23EAD5819F35", versionEndExcluding: "7.0\\(3\\)i7\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "38AC6D08-C547-44A3-AC77-A63DB58E4889", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9D4C48-4D01-4761-B2D8-F16E90F78560", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D75479AD-9847-497C-9438-AA82D91B6F71", versionEndExcluding: "7.3\\(3\\)n1\\(1\\)", versionStartIncluding: "6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*", matchCriteriaId: "51EAD169-9036-496E-B740-45D79546F6D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*", matchCriteriaId: "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "DEE82469-C112-4BF3-848B-ACDA7000B235", versionEndExcluding: "8.1\\(1a\\)", versionStartIncluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "1EB1DA63-8A73-4BBC-AD53-469B0559A112", versionEndExcluding: "2.2\\(8g\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFF9D209-A6D9-4502-A1EC-E9FE1457A547", versionEndExcluding: "3.1\\(2f\\)", versionStartIncluding: "2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*", matchCriteriaId: "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*", matchCriteriaId: "C0246716-64E9-4CCA-9546-A3A40D375E95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "2A5AB957-E691-4088-AB25-33AB9C88F73F", versionEndExcluding: "2.0.1.153", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "6B56E81C-0822-4B76-8F24-9A85A5DD84A6", versionEndExcluding: "2.2.2.14", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "86A5F522-BA5D-4CF2-B166-9D84ECF33F4E", versionEndExcluding: "2.0.1.152", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "6B56E81C-0822-4B76-8F24-9A85A5DD84A6", versionEndExcluding: "2.2.2.14", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007.", }, { lang: "es", value: "Una vulnerabilidad en el subsistema Cisco Discovery Protocol (anteriormente conocido como CDP) de los dispositivos que ejecutan, o se basan en, Cisco NX-OS Software podría permitir que un atacante adyacente sin autenticar cree una condición de denegación de servicio (DoS). La vulnerabilidad se debe a un error a la hora de validar adecuadamente ciertos campos en un mensaje Cisco Discovery Protocol antes de procesarlo. Un atacante que pueda enviar un mensaje Cisco Discovery Protocol destinado a desencadenar este problema podría provocar una condición de denegación de servicio (DoS) en un dispositivo afectado mientras el dispositivo se reinicia. La vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000 y CSCve41007.", }, ], id: "CVE-2018-0331", lastModified: "2024-11-21T03:37:59.720", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-21T11:29:00.773", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-21 19:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into a specific file that is then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device which would be executed at each boot and maintain persistence across reboots.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5E2D2653-311F-4D73-8331-2F7FC8462F30", versionEndExcluding: "2.4.1.268", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "22DB1993-7E30-4E53-9572-38D226656C8F", versionEndExcluding: "2.6.1.214", versionStartIncluding: "2.6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "C2E8A64D-C8E2-4030-8616-D47741E43E3A", versionEndExcluding: "2.7.1.131", versionStartIncluding: "2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*", matchCriteriaId: "18048A84-BA0F-48EF-AFFB-635FF7F70C66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*", matchCriteriaId: "317DF3DD-C7CD-4CA2-804F-A738E048BEB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*", matchCriteriaId: "C13CF29B-9308-452B-B7E0-9E818B5A6C1E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB527C2-855E-4BB9-BCA7-94BE86100D44", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "E82C1B05-990D-49D2-B80A-C3EDD4082840", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*", matchCriteriaId: "421D91C3-8AB3-45E1-9E55-13ED1A4A623E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*", matchCriteriaId: "2D741945-8B0A-408D-A5FE-D5B38DC6D46A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9308CA67-E949-4338-A890-22B3C4428D70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into a specific file that is then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device which would be executed at each boot and maintain persistence across reboots.", }, { lang: "es", value: "Una vulnerabilidad en el proceso de arranque seguro de Cisco FXOS Software, podría permitir a un atacante local autenticado omitir los mecanismos de arranque seguro. La vulnerabilidad es debido a unas protecciones insuficientes del proceso de arranque seguro. Un atacante podría explotar esta vulnerabilidad al inyectar código en un archivo específico al que luego se hace referencia durante el proceso de arranque del dispositivo. Una explotación con éxito podría permitir a un atacante romper la cadena de confianza e inyectar código en el proceso de arranque del dispositivo que podría ser ejecutado en cada arranque y mantendría la persistencia entre los reinicios", }, ], id: "CVE-2020-3455", lastModified: "2024-11-21T05:31:06.197", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-21T19:15:16.170", references: [ { source: "psirt@cisco.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbp-XTuPkYTn", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbp-XTuPkYTn", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-693", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-28 19:15
Modified
2024-11-21 04:37
Severity ?
7.7 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "55812D67-23B2-4EE1-8DEF-B1386551D825", versionEndExcluding: "6.2\\(29\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E912DD93-695F-43A2-9F85-01B2C338A914", versionEndExcluding: "8.4", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*", matchCriteriaId: "E81D2CC1-376A-4D87-88EA-6E1831741EC6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "11A70947-97A8-4CC4-A656-1ABE64CA698F", versionEndExcluding: "13.2\\(7k\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "78F357E2-8074-420D-B06E-94D5076415AD", versionEndExcluding: "14.0\\(2c\\)", versionStartIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A497D055-0061-425D-A209-C8919C708B4E", versionEndExcluding: "14.1\\(1i\\)", versionStartIncluding: "14.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A49B703F-71AC-4D71-B20B-B373A1F20F2D", versionEndExcluding: "9.2\\(3\\)", versionStartIncluding: "7.0\\(3\\)f", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "91595E9E-BF7A-4438-9D25-05AB29DD16ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "4818B000-7022-445A-8B0F-6B2E937AAEA3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "BEE867E4-9EE8-4A06-A51B-627C228EF0A2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "1734D373-CA79-447E-96A7-EDA4D3F9C924", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "2163BE9A-89E8-4585-9AD5-A1C764533F10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "569B5384-B93C-4FEF-88E7-3155ACE94F4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "3E7646FC-74C9-4188-9FDB-2C91D8D559D1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "90F30A43-9E4F-4A03-8060-A38B0925DBD2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "934E7941-C773-4032-944B-4AC57FB11D23", versionEndExcluding: "7.1\\(5\\)n1\\(1b\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "DF45649B-78F2-41C0-B74C-A917858C10C3", versionEndExcluding: "7.3\\(5\\)n1\\(1\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*", matchCriteriaId: "367C2A49-4C4D-471B-9B34-AFAFA5AE9503", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "074FE258-CE05-48CB-896C-AEACDF645093", versionEndExcluding: "7.2\\(0\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B8882184-A5B1-4F67-B942-FDEE2FFD43F4", versionEndExcluding: "8.2\\(3\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "DFAE6700-E2D9-486F-9113-CEAA6B47DE1F", versionEndExcluding: "8.3\\(2\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "489A59F2-D44D-44ED-844C-E0EF83A23C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "79689D81-D8F0-4FB1-9B8F-62407474A042", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "D01E7A7E-7111-4C89-8EBD-080B0A3E069C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "83003054-E458-4405-BA7F-A5EA415D296A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*", matchCriteriaId: "F58B1C42-9150-48C9-9203-A2466FC61261", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "0AD5DA69-09D9-436A-8FC1-A46626DE2789", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*", matchCriteriaId: "E0A9CD4D-4659-402D-BDF8-E5EF86449641", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*", matchCriteriaId: "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*", matchCriteriaId: "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "9D753638-4BE8-4BF5-A083-F8360003869D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*", matchCriteriaId: "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*", matchCriteriaId: "9B875911-E742-427B-AE07-C8A5955DEA62", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*", matchCriteriaId: "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "5D0E31D5-9F1D-46EC-824F-352A0098944B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "E8AD0767-C42B-4BAC-B90C-F4412B661D7A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "D409BDF3-9F35-4D94-9DF0-7B58A519A005", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*", matchCriteriaId: "993AFE99-DFC3-4D92-90C8-D3A6495547BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*", matchCriteriaId: "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "108DB6B5-CB29-477F-84FC-52116F295878", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*", matchCriteriaId: "42ABB93D-2C3A-4029-B545-B638B6C7788E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C4F8E70D-012F-4465-AC5B-D31563BE219A", versionEndExcluding: "2.2.2.91", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "5C2C8263-BA5C-41D0-ABD9-42925B94BF84", versionEndExcluding: "2.3.1.130", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "564D0A43-37E4-477A-8ADD-5D2FC8092142", versionEndExcluding: "2.4.1.222", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F3C6CC11-470A-47A4-AAF5-D5580FB78562", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:*:*:*:*:*:*:*", matchCriteriaId: "AA4A2B35-5106-4F43-835A-7F97D2324373", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F7F452-9294-4445-A344-1A76B277C45D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_module:-:*:*:*:*:*:*:*", matchCriteriaId: "3EA604D8-76C0-40B9-8675-02BEEA18E432", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "11A70947-97A8-4CC4-A656-1ABE64CA698F", versionEndExcluding: "13.2\\(7k\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "78F357E2-8074-420D-B06E-94D5076415AD", versionEndExcluding: "14.0\\(2c\\)", versionStartIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "5F3D4DA7-351B-4C4A-8C84-BBF0A2718974", versionEndIncluding: "14.1\\(1i\\)", versionStartIncluding: "14.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5E88418C-0BC4-4D90-A14D-0B89F8399AA5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*", matchCriteriaId: "19F88FB2-1A75-4166-A4F5-039D67EAA1D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*", matchCriteriaId: "A01B0559-5632-4658-AA3A-221DD28D963F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*", matchCriteriaId: "082A5A44-DC9A-4B48-8F28-1D0EC7F82410", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*", matchCriteriaId: "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "D5E693D2-F1D5-4D22-885B-AE853221ABA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*", matchCriteriaId: "C63F63AD-94EC-4A6D-92AF-7FBF6275746A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*", matchCriteriaId: "490EAB88-A0F3-4A88-9A81-B414CE78B34B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "04A26215-DEB3-4337-AFE0-5E23C760060D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "6B8F7177-147E-47C0-ADFB-4CD0768D52CD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "06A72F9F-773A-463D-8BEB-6B316DF21CFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "8FC94E7D-84AF-4D2A-85A7-264CED2D107B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "BC0082AD-1EFB-4AFE-9974-EAAB926553F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAAE41-AD17-4F69-9029-8DD90D824E6F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "90F30A43-9E4F-4A03-8060-A38B0925DBD2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "59B48D7E-BD70-4971-B508-1DAD4841C5CE", versionEndExcluding: "5.2\\(1\\)sv3\\(4.1a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v_switch:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "85E02290-E7D0-462F-A44A-30F22FFB2945", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "0E9D6862-7F78-47D2-B273-8EE4EAE216F5", versionEndExcluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v_switch:-:*:*:*:*:hyper-v:*:*", matchCriteriaId: "C4AB692D-309B-4A86-9558-C30C54DCCB2C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D83BFFF5-37F1-4446-AD4A-1266AD6ABBD7", versionEndExcluding: "5.2\\(1\\)sv5\\(1.2\\)", versionStartIncluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000_virtual_edge:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "5481E367-6692-48A3-8475-5299C5EE0822", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFCC3C2-3483-4BD0-AF71-23574D0849B1", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E1392CDF-115C-431A-AF9B-8414F9307163", versionEndExcluding: "7.0\\(3\\)i7\\(6\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF64A744-B207-4EAB-B395-1E477AE7E730", versionEndExcluding: "9.2\\(3\\)", versionStartIncluding: "9.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-c92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "F8397775-5A75-4710-9044-B56E1CEE20A1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "C71319A9-5B95-410A-BDDB-C47639B8E464", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "7B573EF4-2ABE-4ABE-A8D6-D8E14AD29E73", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F2E84307-41BC-4F85-BC9A-FF02178765F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "55A31452-5B60-4273-BA38-8FA684DED953", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "3C3FCA39-927B-4C89-A58B-E6859ED8176A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "6B8F7177-147E-47C0-ADFB-4CD0768D52CD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "BC0082AD-1EFB-4AFE-9974-EAAB926553F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E1392CDF-115C-431A-AF9B-8414F9307163", versionEndExcluding: "7.0\\(3\\)i7\\(6\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF64A744-B207-4EAB-B395-1E477AE7E730", versionEndExcluding: "9.2\\(3\\)", versionStartIncluding: "9.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.", }, { lang: "es", value: "Una vulnerabilidad en el procesador de paquetes de entrada del Protocolo simple de administración de redes (SNMP) del software Cisco FXOS y del software Cisco NX-OS podría permitir que un atacante remoto autenticado haga que la aplicación SNMP en un dispositivo afectado se reinicie inesperadamente. La vulnerabilidad se debe a la validación incorrecta de las variables codificadas en la sintaxis abstracta de notación uno (ASN.1) en los paquetes SNMP. Un atacante podría aprovechar esta vulnerabilidad enviando un paquete SNMP especialmente diseñado al demonio SNMP en el dispositivo afectado. Una explotación con éxito podría permitir al atacante hacer que la aplicación SNMP se reinicie varias veces, lo que provocaría un reinicio a nivel del sistema y una condición de denegación de servicio (DoS).", }, ], id: "CVE-2019-1963", lastModified: "2024-11-21T04:37:46.770", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.1, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-28T19:15:10.913", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-05-03 04:15
Modified
2024-11-21 06:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "35AD28D3-1C08-44EF-9148-371C9E7912E5", versionEndExcluding: "6.4.0.15", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "CD7675E1-AE0A-4C69-915D-144597F1250E", versionEndExcluding: "6.6.5.2", versionStartIncluding: "6.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "536C9927-B64A-4959-BE92-9F2665AEA811", versionEndExcluding: "7.0.2", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B7533780-0DF9-41BE-8455-F60676785689", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "E6F79864-CA70-4192-AC2C-E174DF3F25B2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1020:-:*:*:*:*:*:*:*", matchCriteriaId: "EA8B5AF8-6A57-482A-9442-E857EE7E207B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1030:-:*:*:*:*:*:*:*", matchCriteriaId: "A9929280-2AAC-4B56-A42C-1F6EDE83988E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1040:-:*:*:*:*:*:*:*", matchCriteriaId: "F29B6BC3-D716-4A3D-9679-B7BE81F719C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:*", matchCriteriaId: "D23A26EF-5B43-437C-A962-4FC69D8A0FF4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*", matchCriteriaId: "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition.", }, { lang: "es", value: "Una vulnerabilidad en la integración del motor de detección Snort para el software Cisco Firepower Threat Defense (FTD) podría permitir a un atacante remoto no autenticado causar un consumo ilimitado de memoria, lo que podría conllevar a una condición de denegación de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a una administración insuficiente de la memoria para determinados eventos de Snort. Un atacante podría explotar esta vulnerabilidad mediante el envío de una serie de paquetes IP diseñados que generarían eventos Snort específicos en un dispositivo afectado. Un ataque sostenido podría causar una condición de falta de memoria en el dispositivo afectado. Una explotación con éxito podría permitir al atacante interrumpir todo el tráfico que fluye a través del dispositivo afectado. En algunas circunstancias, el atacante podría causar la recarga del dispositivo, resultando en una condición de DoS", }, ], id: "CVE-2022-20751", lastModified: "2024-11-21T06:43:28.677", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-05-03T04:15:09.700", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-770", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-770", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-26 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ucs_manager | 4.0\(1a\)a | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6324 | - | |
| cisco | ucs_6332 | - | |
| cisco | ucs_6332-16up | - | |
| cisco | ucs_64108 | - | |
| cisco | ucs_6454 | - | |
| cisco | fxos | 2.4\(1.214\) | |
| cisco | fxos | 2.4\(1.216\) | |
| cisco | firepower_2110 | - | |
| cisco | firepower_2120 | - | |
| cisco | firepower_2130 | - | |
| cisco | firepower_2140 | - | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4115 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4125 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4145 | - | |
| cisco | firepower_4150 | - | |
| cisco | firepower_9300 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_manager:4.0\\(1a\\)a:*:*:*:*:*:*:*", matchCriteriaId: "0BC36B27-C1C7-4B03-8A59-05A3BF0677DE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fxos:2.4\\(1.214\\):*:*:*:*:*:*:*", matchCriteriaId: "973A8B3A-9CEC-40CE-991D-47197678D8E2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:2.4\\(1.216\\):*:*:*:*:*:*:*", matchCriteriaId: "6FC7C236-1983-459F-AA55-263B294947A0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de administración local (local-mgmt) de Cisco FXOS Software y Cisco UCS Manager Software, podría permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo (SO) subyacente de un dispositivo afectado. La vulnerabilidad es debido a una comprobación de entrada insuficiente. Un atacante podría explotar esta vulnerabilidad al incluir argumentos diseñados a comandos específicos. Una explotación con éxito podría permitir a un atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario actualmente conectado para todas las plataformas afectadas, excluyendo Cisco UCS 6400 Series Fabric Interconnects. En Cisco UCS 6400 Series Fabric Interconnects, los comandos inyectados son ejecutados con privilegios root.", }, ], id: "CVE-2020-3171", lastModified: "2024-11-21T05:30:28.543", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-26T17:15:13.250", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cli-cmdinj", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cli-cmdinj", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E762B981-6AC3-41E2-9FF5-DBA9616EA75C", versionEndExcluding: "6.2\\(25\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "BC0041E4-EBDC-465A-B593-E7C353EF0D8F", versionEndExcluding: "8.3\\(2\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "92B576CF-5EAD-4830-A7B7-ACC434349691", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EA0C7252-4931-47EF-9AFD-0CE05C786613", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B8882184-A5B1-4F67-B942-FDEE2FFD43F4", versionEndExcluding: "8.2\\(3\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C4F8E70D-012F-4465-AC5B-D31563BE219A", versionEndExcluding: "2.2.2.91", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "5C2C8263-BA5C-41D0-ABD9-42925B94BF84", versionEndExcluding: "2.3.1.130", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "564D0A43-37E4-477A-8ADD-5D2FC8092142", versionEndExcluding: "2.4.1.222", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFCC3C2-3483-4BD0-AF71-23574D0849B1", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB", versionEndExcluding: "4.0\\(1a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de los programas FXOS y NX-OS de Cisco podría permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con elevados privilegios. Un atacante necesitaría credenciales de administrador para aprovechar esta vulnerabilidad.", }, ], id: "CVE-2019-1781", lastModified: "2024-11-21T04:37:21.873", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T20:29:01.400", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108407", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108407", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-11 21:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/107317 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107317 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:application_policy_infrastructure_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "980B41C7-4122-4D8B-9AAB-2D7BBBC5A7B3", versionEndExcluding: "4.2\\(0.21c\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9134:-:*:*:*:*:*:*:*", matchCriteriaId: "EDB00911-C0B0-4A4E-A0B9-413EC9D9C25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6400:-:*:*:*:*:*:*:*", matchCriteriaId: "B1888B66-5CF7-4D4D-B832-E2CF75D6EAD8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz de gestión del software de Cisco Application Policy Infrastructure Controller (APIC) podría permitir a un atacante adyacente sin autenticar obtener acceso no autorizado a un dispositivo afectado. La vulnerabilidad se debe a una falta de mecanismos de control de acceso adecuados para la conectividad IPv6 (link-local) que se impone en la interfaz de gestión de un dispositivo afectado. Un atacante en la misma red física podría explotar esta vulnerabilidad intentando conectarse a la dirección IPv6 (link local) en el dispositivo afectado. Un exploit exitoso podría permitir al atacante omitir las restricciones de control de acceso en un dispositivo afectado. Los dispositivos de Cisco Application Policy Controller (APIC) en versiones anteriores a 4.2(0.21c) se ven afectados.", }, ], id: "CVE-2019-1690", lastModified: "2024-11-21T04:37:06.480", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-11T21:29:01.090", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107317", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107317", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-26 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to a specific CLI command. A successful exploit could allow the attacker to read or write to arbitrary files on the underlying OS.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "FD82AC9D-AC39-4538-BBE4-173FC354CCF4", versionEndExcluding: "6.2.3.16", versionStartIncluding: "6.2.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "B3EC3BF8-E828-4DFA-9610-7AAECBC819DD", versionEndExcluding: "6.5.0.3", versionStartIncluding: "6.3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "A222901B-A007-419D-9A0A-D5420EC57083", versionEndExcluding: "9.9.2.66", versionStartIncluding: "9.8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "8A49B16A-5AB4-428C-93FC-6A898C93E8A8", versionEndExcluding: "9.13.1.5", versionStartIncluding: "9.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "8F1B8162-68D8-43BA-BD9C-7B6CFBF3B369", versionEndExcluding: "2.2.2.97", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "3D69E67A-C3CE-4714-9DFF-6D4FAD4FA3BB", versionEndExcluding: "2.3.1.155", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "205AC1E3-B978-45B9-A6C2-FDCC7EBB73D4", versionEndExcluding: "2.4.1.238", versionStartIncluding: "2.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "0647E852-0AB6-4BD1-9C16-DD3CDBBFB631", versionEndExcluding: "2.6.1.157", versionStartIncluding: "2.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to a specific CLI command. A successful exploit could allow the attacker to read or write to arbitrary files on the underlying OS.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de Cisco FXOS Software, podría permitir a un atacante local autenticado leer o escribir archivos arbitrarios en el sistema operativo (SO) subyacente. La vulnerabilidad es debido a una comprobación de entrada insuficiente. Un atacante podría explotar esta vulnerabilidad al incluir argumentos diseñados en un comando de la CLI específico. Una explotación con éxito podría permitir a un atacante leer o escribir en archivos arbitrarios en el OS subyacente.", }, ], id: "CVE-2020-3166", lastModified: "2024-11-21T05:30:27.887", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 3.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-26T17:15:12.767", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-cli-file", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-cli-file", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-23 03:15
Modified
2024-11-21 06:11
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "2A21987E-AE24-4C2C-894A-FFF7CC0CA73B", versionEndExcluding: "2.2.2.148", versionStartIncluding: "2.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "3779F159-04B8-40D7-98D0-B1B68AE02C31", versionEndExcluding: "2.3.1.216", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "F839DB11-1E63-4727-8AB0-ED0B5D6BC38A", versionEndExcluding: "2.4.1.273", versionStartIncluding: "2.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "440AAA0A-FEF8-4E40-95EC-59F37A63091D", versionEndExcluding: "2.6.1.224", versionStartIncluding: "2.6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "08C690B6-DE7E-417F-883A-3A3AE51F0710", versionEndExcluding: "2.7.1.143", versionStartIncluding: "2.7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "88F98150-EB80-41BB-9B80-520124E3FD9A", versionEndExcluding: "2.8.1.143", versionStartIncluding: "2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "F2E8B9E7-1023-4A0C-BC8C-C45F956B20BA", versionEndExcluding: "2.9.1.135", versionStartIncluding: "2.9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*", matchCriteriaId: "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*", matchCriteriaId: "18048A84-BA0F-48EF-AFFB-635FF7F70C66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*", matchCriteriaId: "317DF3DD-C7CD-4CA2-804F-A738E048BEB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*", matchCriteriaId: "C13CF29B-9308-452B-B7E0-9E818B5A6C1E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB527C2-855E-4BB9-BCA7-94BE86100D44", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "E82C1B05-990D-49D2-B80A-C3EDD4082840", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*", matchCriteriaId: "421D91C3-8AB3-45E1-9E55-13ED1A4A623E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*", matchCriteriaId: "2D741945-8B0A-408D-A5FE-D5B38DC6D46A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9308CA67-E949-4338-A890-22B3C4428D70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F3C6CC11-470A-47A4-AAF5-D5580FB78562", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:*:*:*:*:*:*:*", matchCriteriaId: "AA4A2B35-5106-4F43-835A-7F97D2324373", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F7F452-9294-4445-A344-1A76B277C45D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_module:-:*:*:*:*:*:*:*", matchCriteriaId: "3EA604D8-76C0-40B9-8675-02BEEA18E432", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "82542890-87E9-4C92-9B20-7CC668B4E5E1", versionEndIncluding: "8.4\\(3.115\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "2D8583BD-4586-4AB0-9C7A-BC14385AACE8", versionEndIncluding: "8.4\\(3.115\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "657840E3-B3E9-4218-A89D-F27D8DC269C6", versionEndIncluding: "8.4\\(3.115\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "B36972DF-1BEB-48EB-9C79-725AA493F87C", versionEndIncluding: "8.4\\(3.115\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "08D3FFC7-2C86-4162-B1E8-C9FF39F4465B", versionEndIncluding: "8.4\\(3.115\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9134:-:*:*:*:*:*:*:*", matchCriteriaId: "EDB00911-C0B0-4A4E-A0B9-413EC9D9C25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9140:-:*:*:*:*:*:*:*", matchCriteriaId: "F762E87A-BF80-4D33-ADDA-84369E068005", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148:-:*:*:*:*:*:*:*", matchCriteriaId: "22E6B85A-3988-4EC5-B788-9664772CE64E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*", matchCriteriaId: "E81D2CC1-376A-4D87-88EA-6E1831741EC6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "B22B3865-30E9-4B5A-A37D-DC33F1150FFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "459A7F11-52BF-4AD6-B495-4C4D6C050493", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "FEACA55F-4335-4478-B608-EB92EE1D6C6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*", matchCriteriaId: "993AFE99-DFC3-4D92-90C8-D3A6495547BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*", matchCriteriaId: "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "108DB6B5-CB29-477F-84FC-52116F295878", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7004:-:*:*:*:*:*:*:*", matchCriteriaId: "36145717-6348-466D-87B4-B1A19F17BA55", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7009:-:*:*:*:*:*:*:*", matchCriteriaId: "4831C5F4-AF09-4951-B7AC-9DAF1C7045B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7010:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BBDCF9-562C-44BA-B709-F91346F6F99F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7018:-:*:*:*:*:*:*:*", matchCriteriaId: "276BD181-125C-48EC-984C-29BAE20C21F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "E5ABB175-81BE-4C46-BD2D-70016508BE22", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "71F93299-A715-4E97-87FE-B1E248EA98BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "9F3AD807-5A0F-4DF5-9A7A-748205F409E7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*", matchCriteriaId: "42ABB93D-2C3A-4029-B545-B638B6C7788E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7702:-:*:*:*:*:*:*:*", matchCriteriaId: "7596B885-5312-489B-BBDB-A5374E525DE1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7706:-:*:*:*:*:*:*:*", matchCriteriaId: "42EC10DA-FE01-4BA3-B49F-B164F697D4BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7710:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1655CC-9BD5-4BD5-B113-776E4335D556", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7718:-:*:*:*:*:*:*:*", matchCriteriaId: "2CA6F9ED-50A1-4D61-BC83-438585646856", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "04E18F69-07F4-4BEA-9867-B79351687D32", versionEndIncluding: "7.0\\(3\\)i7\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "6EC79F46-3416-4D95-A839-BA707A9E22E2", versionEndIncluding: "7.0\\(3\\)i7\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "B4673FD6-3C58-41BA-AA7F-C26FE42ECBD4", versionEndIncluding: "7.0\\(3\\)i7\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "4328C1A9-F5B4-4D6B-8B2D-03BFC5310EDC", versionEndIncluding: "7.0\\(3\\)i7\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "2DC5D36F-834A-44EA-BCC8-A71BBA202A4F", versionEndIncluding: "7.0\\(3\\)i7\\(9\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*", matchCriteriaId: "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*", matchCriteriaId: "5F4E8EE4-031D-47D3-A12E-EE5F792172EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*", matchCriteriaId: "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", matchCriteriaId: "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", matchCriteriaId: "D14D4B4E-120E-4607-A4F1-447C7BF3052E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", matchCriteriaId: "15702ACB-29F3-412D-8805-E107E0729E35", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*", matchCriteriaId: "29B34855-D8D2-4114-80D2-A4D159C62458", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E142C18F-9FB5-4D96-866A-141D7D16CAF7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8EFC116A-627F-4E05-B631-651D161217C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", matchCriteriaId: "32A532C0-B0E3-484A-B356-88970E7D0248", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", matchCriteriaId: "43913A0E-50D5-47DD-94D8-DD3391633619", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", matchCriteriaId: "CA52D5C1-13D8-4D23-B022-954CCEF491F1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E1073F-D374-4311-8F12-AD8C72FAA293", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500_platform:-:*:*:*:*:*:*:*", matchCriteriaId: "B72E8456-A9BD-447B-8F33-4BEB052A82D7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", matchCriteriaId: "97217080-455C-48E4-8CE1-6D5B9485864F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "8EBEBA5B-5589-417B-BF3B-976083E9FE54", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_aci_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "57BC5903-1316-4FFF-BE52-2F6D63549590", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_standalone:-:*:*:*:*:*:*:*", matchCriteriaId: "4755F890-634B-4B25-AF08-C34F13429FA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "1DA62800-F5DC-48DA-8C81-D684EA8EBB9F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "532CE4B0-A3C9-4613-AAAF-727817D06FB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*", matchCriteriaId: "FFB9FDE8-8533-4F65-BF32-4066D042B2F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", matchCriteriaId: "BBEF7F26-BB47-44BD-872E-130820557C23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*", matchCriteriaId: "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "B7DB6FC5-762A-4F16-AE8C-69330EFCF640", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5F1127D2-12C0-454F-91EF-5EE334070D06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*", matchCriteriaId: "B04484DA-AA59-4833-916E-6A8C96D34F0D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "24A634C9-C1DA-4D2D-BA5F-1EFC05756E5A", versionEndIncluding: "7.3\\(8\\)n1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "BCA44694-9D36-4E97-83F7-A1FEAC6717AB", versionEndIncluding: "7.3\\(8\\)n1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "6D6F83F0-AF30-453D-BB96-FE56A04C4971", versionEndIncluding: "7.3\\(8\\)n1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "E0EFE3A3-2469-445E-A325-BC3F1D72FCA6", versionEndIncluding: "7.3\\(8\\)n1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "74A7DECE-B92C-471A-8A74-F1D5B5254A9B", versionEndIncluding: "7.3\\(8\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "4F2B1E07-8519-4F58-9048-81ABA12E01DC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*", matchCriteriaId: "BFC8699E-81C0-4374-B827-71B3916B910D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*", matchCriteriaId: "870F4379-68F6-4B34-B99B-107DFE0DBD63", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*", matchCriteriaId: "367C2A49-4C4D-471B-9B34-AFAFA5AE9503", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "6A58223F-3B15-420B-A6D4-841451CF0380", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*", matchCriteriaId: "51EAD169-9036-496E-B740-45D79546F6D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*", matchCriteriaId: "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004x:-:*:*:*:*:*:*:*", matchCriteriaId: "3F182AD1-6E51-456A-A8F7-8F3B92DBE4D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "76CF6300-0292-4E53-B28D-865C2303BA51", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "16B79C2F-DAE9-4AD4-AFDA-DADD43E650AD", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "980DD4C4-A6C0-4D2D-BD09-21B62C4ADC71", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "62C92804-B959-43E1-9133-C16E58921D9A", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "F063A1CB-6FC6-46EF-AF2E-1E211C7CA41F", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*", matchCriteriaId: "A0B96E5C-CC27-4020-93CE-413B95DCABB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248_up_fabric_interconnect:-:*:*:*:*:*:*:*", matchCriteriaId: "D96AB2BB-4F4A-44C3-918F-DDB31B0D1FFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296_up_fabric_interconnect:-:*:*:*:*:*:*:*", matchCriteriaId: "82775AC1-173D-4335-B13A-6CF73C9C11D8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324_fabric_interconnect:-:*:*:*:*:*:*:*", matchCriteriaId: "104AB7AA-2AB6-40AB-9BCA-2041396060B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up_fabric_interconnect:-:*:*:*:*:*:*:*", matchCriteriaId: "AEAF3163-4FF6-4BB0-8870-80D3F3F2953B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332_fabric_interconnect:-:*:*:*:*:*:*:*", matchCriteriaId: "0CB5291D-D248-4125-9129-BC655F082AD8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "17BAF9DA-E605-42D2-8DF9-A7211ADBEA74", versionEndIncluding: "4.1\\(1a\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "81771B6E-4D9D-470B-8072-50E9F1F654CD", versionEndIncluding: "4.1\\(1a\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "B6D87151-01B0-4069-861C-BBB57C493EB3", versionEndIncluding: "4.1\\(1a\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "E7561ED7-D773-4A88-B145-EEC3F7A6269B", versionEndIncluding: "4.1\\(1a\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "F063A1CB-6FC6-46EF-AF2E-1E211C7CA41F", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6400:-:*:*:*:*:*:*:*", matchCriteriaId: "B1888B66-5CF7-4D4D-B832-E2CF75D6EAD8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad Unidirectional Link Detection (UDLD) de Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, y Cisco NX-OS Software podría permitir a un atacante adyacente no autenticado causar la recarga de un dispositivo afectado. Esta vulnerabilidad es debido a una comprobación inapropiada de entrada de los paquetes UDLD. Un atacante podría explotar esta vulnerabilidad mediante el envío de paquetes UDLD específicamente diseñados a un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar la recarga del dispositivo afectado, resultando en una condición de denegación de servicio (DoS). Nota: La funcionalidad UDLD está deshabilitada por defecto, y las condiciones para explotar esta vulnerabilidad son estrictas. Un atacante debe tener el control total de un dispositivo conectado directamente. En los dispositivos Cisco IOS XR, el impacto se limita a la recarga del proceso UDLD", }, ], id: "CVE-2021-34714", lastModified: "2024-11-21T06:11:01.790", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 5.7, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-23T03:15:18.153", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-20 21:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(0.354\\):*:*:*:*:*:*:*", matchCriteriaId: "E37D2258-0776-4EA8-9342-4F90DF77C33E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "4F2B1E07-8519-4F58-9048-81ABA12E01DC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.10\\):*:*:*:*:*:*:*", matchCriteriaId: "17C275C2-9082-47EC-B525-9EAA427A083B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "9A5FFC5B-6F90-4E8F-9AE2-B4DA4C7A144B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(3.5\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "B1B17D00-490A-42CE-9DBB-EF8D30264546", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0FD46BDD-4755-46DD-9F83-B2B589B09417", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0603E231-14E0-4224-898F-ED61641F7403", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "FE3EB1F2-F964-4D4E-BDE7-8E6805105152", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "262C95B9-0B56-48FD-BEE4-6680839D21A6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "38AC6D08-C547-44A3-AC77-A63DB58E4889", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9D4C48-4D01-4761-B2D8-F16E90F78560", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "262C95B9-0B56-48FD-BEE4-6680839D21A6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*", matchCriteriaId: "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*", matchCriteriaId: "C0246716-64E9-4CCA-9546-A3A40D375E95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "2BD4FA53-E048-4F10-800A-0C213F361139", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "81FC0A3F-4682-47D9-8095-6805E33979BF", versionEndExcluding: "2.0.1.159", versionStartIncluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "2BD4FA53-E048-4F10-800A-0C213F361139", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "81FC0A3F-4682-47D9-8095-6805E33979BF", versionEndExcluding: "2.0.1.159", versionStartIncluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "C28214D7-90AA-4917-AC87-BE9F481BBE2C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_4001:-:*:*:*:*:*:*:*", matchCriteriaId: "56193DB3-79DC-47D1-A629-D22EFC57D590", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753.", }, { lang: "es", value: "Una vulnerabilidad en la característica escritura-borrado del software Cisco FXOS y Cisco NX-OS podría permitir que un atacante local autenticado configure una cuenta de administrador no autorizada para un dispositivo afectado. La vulnerabilidad existe debido a que el software afectado no elimina correctamente los archivos sensibles cuando determinados comandos de la interfaz de línea de comandos se emplean para limpiar la configuración del dispositivo y recargarlo. Un atacante podría explotar esta vulnerabilidad iniciando sesión en un dispositivo afectado como usuario administrativo y configurando una cuenta no autorizada en el dispositivo. La cuenta no requeriría una contraseña para autenticarse y sería accesible solo mediante una conexión SSH (Secure Shell) al dispositivo. Su explotación con éxito podría permitir que el atacante configure una cuenta no autorizada con privilegios administrativos, que no requiere contraseña para autenticarse y no aparece en la configuración en ejecución o los registros de auditoría para el dispositivo afectado. La vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753.", }, ], id: "CVE-2018-0294", lastModified: "2024-11-21T03:37:54.957", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-20T21:29:00.390", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-11-05 20:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "BA431796-203A-47FF-8D7B-BE0F032EEF85", versionEndExcluding: "2.2.2.91", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "33D894C8-5C56-4CE9-8A82-248EBB36797A", versionEndExcluding: "2.3.1.111", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "FF89AAA7-02D6-486A-9AF6-8977E756115D", versionEndExcluding: "2.4.1.101", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "FA65618C-F766-469C-804C-391DFEE67589", versionEndExcluding: "6.2\\(7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "92B576CF-5EAD-4830-A7B7-ACC434349691", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E1392CDF-115C-431A-AF9B-8414F9307163", versionEndExcluding: "7.0\\(3\\)i7\\(6\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A1FAAA03-9B96-4F4A-A17C-50709FF8A6B1", versionEndExcluding: "6.0\\(2\\)a4\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFCC3C2-3483-4BD0-AF71-23574D0849B1", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E1392CDF-115C-431A-AF9B-8414F9307163", versionEndExcluding: "7.0\\(3\\)i7\\(6\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C0C2141E-5E85-48FF-A943-3738E1BCB66B", versionEndExcluding: "7.1\\(4\\)n1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B317F641-A9CA-4658-8AB2-6CB4D1EDF159", versionEndExcluding: "7.3\\(0\\)n1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "1730252C-B173-471C-A54A-B1A135CE5D6E", versionEndExcluding: "6.2\\(6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB", versionEndExcluding: "4.0\\(1a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*", matchCriteriaId: "A0B96E5C-CC27-4020-93CE-413B95DCABB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la implementación de un comando de diagnóstico de la CLI en el software Cisco FXOS y el software Cisco NX-OS, podría permitir a un atacante local autenticado visualizar archivos confidenciales del sistema que deberían estar restringidos. El atacante podría usar esta información para realizar ataques de reconocimiento adicionales. La vulnerabilidad es debido a la comprobación incompleta del control de acceso basado en roles (RBAC). Un atacante podría explotar esta vulnerabilidad mediante la autenticación en el dispositivo y emitiendo un comando de diagnóstico de la CLI específico con parámetros de entrada de usuario especialmente diseñados. Una explotación podría permitir al atacante realizar una lectura arbitraria de un archivo en el dispositivo, y el archivo puede contener información confidencial. El atacante necesita credenciales de dispositivo válidas para explotar esta vulnerabilidad.", }, ], id: "CVE-2019-1734", lastModified: "2024-11-21T04:37:12.463", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-05T20:15:11.297", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-21 19:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation upon receiving ICMP packets. An attacker could exploit this vulnerability by sending a high number of crafted ICMP or ICMPv6 packets to an affected device. A successful exploit could allow the attacker to cause a memory exhaustion condition that may result in an unexpected reload. No manual intervention is needed to recover the device after the reload.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | firepower_threat_defense | * | |
| cisco | firepower_threat_defense | * | |
| cisco | firepower_threat_defense | * | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4112 | - | |
| cisco | firepower_4115 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4125 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4145 | - | |
| cisco | firepower_4150 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "9D27DE97-510A-4761-8184-6940745B54E2", versionEndExcluding: "6.3.0.6", versionStartIncluding: "6.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "53C69C8B-5A19-4613-8861-683CF21806B7", versionEndExcluding: "6.4.0.10", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "3ED0E59C-146C-494F-AD46-F6FB43F9C575", versionEndExcluding: "6.5.0.5", versionStartIncluding: "6.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation upon receiving ICMP packets. An attacker could exploit this vulnerability by sending a high number of crafted ICMP or ICMPv6 packets to an affected device. A successful exploit could allow the attacker to cause a memory exhaustion condition that may result in an unexpected reload. No manual intervention is needed to recover the device after the reload.", }, { lang: "es", value: "Una vulnerabilidad en el procesamiento de paquetes de entrada ICMP de Cisco Firepower Threat Defense (FTD) Software para dispositivos Cisco Firepower 4110, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a una comprobación de entrada incompleta al recibir paquetes ICMP. Un atacante podría explotar esta vulnerabilidad mediante el envío de una gran cantidad de paquetes ICMP o ICMPv6 diseñados a un dispositivo afectado. Una explotación con éxito podría permitir a un atacante causar una condición de agotamiento de la memoria que puede resultar en una recarga inesperada. No se necesita ninguna intervención manual para recuperar el dispositivo después de la recarga", }, ], id: "CVE-2020-3571", lastModified: "2024-11-21T05:31:20.243", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-21T19:15:18.230", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 17:29
Modified
2024-11-21 04:37
Severity ?
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An attacker could exploit this vulnerability by authenticating to the device and overwriting the persistent configuration storage with malicious executable files. An exploit could allow the attacker to run arbitrary commands at system startup and those commands will run as the root user. The attacker must have valid administrative credentials for the device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | mds_9000 | - | |
| cisco | mds_9100 | - | |
| cisco | mds_9200 | - | |
| cisco | mds_9500 | - | |
| cisco | mds_9700 | - | |
| cisco | nx-os | * | |
| cisco | nexus_3000 | - | |
| cisco | nexus_3100 | - | |
| cisco | nexus_3100-z | - | |
| cisco | nexus_3100v | - | |
| cisco | nexus_3200 | - | |
| cisco | nexus_3400 | - | |
| cisco | nexus_3500 | - | |
| cisco | nexus_3600 | - | |
| cisco | nexus_9000 | - | |
| cisco | nexus_9200 | - | |
| cisco | nexus_9300 | - | |
| cisco | nexus_9500 | - | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | nexus_3524-x | - | |
| cisco | nexus_3524-xl | - | |
| cisco | nexus_3548-x | - | |
| cisco | nexus_3548-xl | - | |
| cisco | nx-os | * | |
| cisco | nexus_5500 | - | |
| cisco | nexus_5600 | - | |
| cisco | nexus_6000 | - | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | * | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6332 | - | |
| cisco | usc_6324 | - | |
| cisco | usc_6332-16up | - | |
| cisco | nx-os | * | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4115 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4125 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4145 | - | |
| cisco | firepower_4150 | - | |
| cisco | firepower_9300 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "0AF827BB-FFDE-4D1E-A727-A8D7480001A5", versionEndExcluding: "8.1\\(1b\\)", versionStartIncluding: "8.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "F4863FC5-6578-48DE-838D-E5D2EEFF27B1", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D857756F-8C20-4B59-BA89-8373954B0093", versionEndExcluding: "7.0\\(3\\)i7\\(3\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", matchCriteriaId: "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", matchCriteriaId: "D14D4B4E-120E-4607-A4F1-447C7BF3052E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", matchCriteriaId: "15702ACB-29F3-412D-8805-E107E0729E35", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", matchCriteriaId: "32A532C0-B0E3-484A-B356-88970E7D0248", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", matchCriteriaId: "43913A0E-50D5-47DD-94D8-DD3391633619", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E1073F-D374-4311-8F12-AD8C72FAA293", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", matchCriteriaId: "97217080-455C-48E4-8CE1-6D5B9485864F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "8EBEBA5B-5589-417B-BF3B-976083E9FE54", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "532CE4B0-A3C9-4613-AAAF-727817D06FB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "6ED6E713-DCC5-41A7-94AC-CFF52EBBCBD7", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", versionStartIncluding: "6.0\\(2\\)a8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "521D7202-7B57-49C1-BFC5-6829B96428BA", versionEndExcluding: "7.0\\(3\\)i7\\(3\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "9588B23A-8C0E-4734-AFF6-254F8A2C8AA1", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*", matchCriteriaId: "BFC8699E-81C0-4374-B827-71B3916B910D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*", matchCriteriaId: "870F4379-68F6-4B34-B99B-107DFE0DBD63", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "6A58223F-3B15-420B-A6D4-841451CF0380", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E30AB8D6-3F3F-43A3-B7E9-ABD5D3052FA8", versionEndExcluding: "6.2\\(22\\)", versionStartIncluding: "6.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "02E6779A-5759-4A83-B884-1B47FC124A22", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "4E21FF51-A716-40AE-A9F3-BBAC2CF3A87D", versionEndExcluding: "4.0\\(1a\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:usc_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "1B73C2C0-6464-44A3-840C-7FBB500B4CA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:usc_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "9E5F3B75-A48C-43E2-8E69-3747BB50A263", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "ACCCFBCD-6C8D-425B-B597-5D1E5EF125FC", versionEndExcluding: "2.4.1.101", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An attacker could exploit this vulnerability by authenticating to the device and overwriting the persistent configuration storage with malicious executable files. An exploit could allow the attacker to run arbitrary commands at system startup and those commands will run as the root user. The attacker must have valid administrative credentials for the device.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad Secure Configuration Validation de los programas FXOS y NX-OS de Cisco podría permitir que un atacante local autentificado, ejecute comandos arbitrarios en el momento del inicio del sistema con los privilegios de tipo root. La vulnerabilidad es debido a la falta de comprobación adecuada de los archivos del sistema cuando es leida la información de configuración que persiste en el sistema de archivos. Un atacante podría explotar esta vulnerabilidad al identificarse en el dispositivo y sobrescribir el la memoria de configuración persistente con archivos ejecutables maliciosos. Una explotación podría permitir al atacante ejecutar comandos arbitrarios al inicio del sistema y esos comandos se ejecutarán como usuario de root. El atacante deber contar con credenciales administrativas válidas para el dispositivo.", }, ], id: "CVE-2019-1728", lastModified: "2024-11-21T04:37:11.550", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T17:29:01.593", references: [ { source: "psirt@cisco.com", url: "http://www.securityfocus.com/bid/108391", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-conf-bypass", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/108391", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-conf-bypass", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-347", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-347", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-21 19:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "AA86E43C-D2E1-43E2-9222-BAD2892506B1", versionEndExcluding: "2.4.1.266", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "B6DCD71B-89A0-4D38-89F8-DB358145FDA0", versionEndExcluding: "2.6.1.204", versionStartIncluding: "2.6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "C2E8A64D-C8E2-4030-8616-D47741E43E3A", versionEndExcluding: "2.7.1.131", versionStartIncluding: "2.7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5C931A1B-3465-4CD6-A62A-BFA0180A917E", versionEndExcluding: "2.8.1.125", versionStartIncluding: "2.8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*", matchCriteriaId: "18048A84-BA0F-48EF-AFFB-635FF7F70C66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*", matchCriteriaId: "317DF3DD-C7CD-4CA2-804F-A738E048BEB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*", matchCriteriaId: "C13CF29B-9308-452B-B7E0-9E818B5A6C1E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB527C2-855E-4BB9-BCA7-94BE86100D44", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "E82C1B05-990D-49D2-B80A-C3EDD4082840", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*", matchCriteriaId: "421D91C3-8AB3-45E1-9E55-13ED1A4A623E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*", matchCriteriaId: "2D741945-8B0A-408D-A5FE-D5B38DC6D46A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9308CA67-E949-4338-A890-22B3C4428D70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de Cisco FXOS Software podría permitir a un atacante local autenticado inyectar comandos arbitrarios que son ejecutados con privilegios root. La vulnerabilidad es debido a una comprobación insuficiente de la entrada de los comandos suministrados por el usuario. Un atacante podría explotar esta vulnerabilidad mediante la autenticación en un dispositivo y enviar una entrada diseñada hacia el comando afectado. Una explotación con éxito podría permitir a un atacante ejecutar comandos en el sistema operativo subyacente con privilegios root", }, ], id: "CVE-2020-3459", lastModified: "2024-11-21T05:31:06.810", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-21T19:15:16.543", references: [ { source: "psirt@cisco.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-b63rwKPm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-b63rwKPm", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-10-02 19:15
Modified
2024-11-21 04:23
Severity ?
Summary
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | firepower | 6.2.3.1 | |
| cisco | firepower | 6.2.3.7 | |
| cisco | firepower | 6.3.0 | |
| cisco | firepower | 6.4.0 | |
| cisco | asa_5500-x | - | |
| cisco | firepower_1010 | - | |
| cisco | firepower_1120 | - | |
| cisco | firepower_1140 | - | |
| cisco | firepower_2110 | - | |
| cisco | firepower_2120 | - | |
| cisco | firepower_2130 | - | |
| cisco | firepower_2140 | - | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4115 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4125 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4145 | - | |
| cisco | firepower_4150 | - | |
| cisco | firepower_7000 | - | |
| cisco | firepower_8000 | - | |
| cisco | firepower_9300 | - | |
| cisco | firepower_threat_defense_for_isr | - | |
| cisco | ftd_virtual | - | |
| cisco | isa_3000 | - | |
| cisco | ngipsv_for_vmware | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:firepower:6.2.3.1:*:*:*:*:*:*:*", matchCriteriaId: "575960BE-137C-4A96-BF64-351A26B8EDDC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower:6.2.3.7:*:*:*:*:*:*:*", matchCriteriaId: "C77A73AB-6907-47C3-A880-34159774A9C9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower:6.3.0:*:*:*:*:*:*:*", matchCriteriaId: "BC9D2586-4D9E-462D-97AE-E542FD1BCB93", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower:6.4.0:*:*:*:*:*:*:*", matchCriteriaId: "8E79477E-2FCE-44DA-AAD3-4009FD0500BF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asa_5500-x:-:*:*:*:*:*:*:*", matchCriteriaId: "E10D97EB-51C4-4904-ABBA-5FCDC9B6D062", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "AEC69ACD-18D9-4552-AEA5-17DE63F7D7C7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_8000:-:*:*:*:*:*:*:*", matchCriteriaId: "F74B2097-F1BC-4F1C-A471-CD54E1FB8833", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_threat_defense_for_isr:-:*:*:*:*:*:*:*", matchCriteriaId: "2CEF1C95-F461-478A-B4F3-CCEAFC257EC0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ftd_virtual:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E41ECE-56CB-4B41-AE96-B19EFA53EAD1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "9510E97A-FD78-43C6-85BC-223001ACA264", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ngipsv_for_vmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1021840C-E28C-45AD-B762-84FDED3AF86A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.", }, { lang: "es", value: "Múltiples vulnerabilidades en el Cisco Firepower System Software Detection Engine, podrían permitir a un atacante remoto no autenticado omitir las Políticas de Malware y Archivos configuradas para los tipos de archivos RTF y RAR. Para más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso.", }, ], id: "CVE-2019-12696", lastModified: "2024-11-21T04:23:22.890", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-02T19:15:13.547", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-693", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the process of uploading new application images to Cisco FXOS on the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker using path traversal techniques to create or overwrite arbitrary files on an affected device. The vulnerability is due to insufficient validation during the application image upload process. An attacker could exploit this vulnerability by creating an application image containing malicious code and installing the image on the affected device using the CLI or web-based user interface (web UI). These actions occur prior to signature verification and could allow the attacker to create and execute arbitrary code with root privileges. Note: A missing or invalid signature in the application image will cause the upload process to fail, but does not prevent the exploit. Cisco Bug IDs: CSCvc21901.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepwr-pt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepwr-pt | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | fxos | 2.0\(1.68\) | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4150 | - | |
| cisco | fxos | 2.0\(1.68\) | |
| cisco | firepower_9300_security_appliance | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fxos:2.0\\(1.68\\):*:*:*:*:*:*:*", matchCriteriaId: "7D4DAE6C-2D7F-4B39-9F2D-2B83E3432291", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fxos:2.0\\(1.68\\):*:*:*:*:*:*:*", matchCriteriaId: "7D4DAE6C-2D7F-4B39-9F2D-2B83E3432291", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the process of uploading new application images to Cisco FXOS on the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker using path traversal techniques to create or overwrite arbitrary files on an affected device. The vulnerability is due to insufficient validation during the application image upload process. An attacker could exploit this vulnerability by creating an application image containing malicious code and installing the image on the affected device using the CLI or web-based user interface (web UI). These actions occur prior to signature verification and could allow the attacker to create and execute arbitrary code with root privileges. Note: A missing or invalid signature in the application image will cause the upload process to fail, but does not prevent the exploit. Cisco Bug IDs: CSCvc21901.", }, { lang: "es", value: "Una vulnerabilidad en el proceso de subida de nuevas imágenes de aplicación en Cisco FXOS en Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) y Firepower 9300 Security Appliance podría permitir que un atacante remoto autenticado emplee técnicas de salto de directorio para crear o sobrescribir archivos arbitrarios en un dispositivo afectado. La vulnerabilidad se debe a una validación insuficiente durante el proceso de subida de imágenes de aplicación. Un atacante podría explotar esta vulnerabilidad mediante la creación de una imagen de aplicación que contiene código malicioso e instalando la imagen en el dispositivo afectado mediante la interfaz de línea de comandos o una interfaz de usuario web. Estas acciones ocurren antes de la verificación de firmas y podrían permitir que el atacante cree y ejecute código arbitrario con privilegios root. Nota: una firma no válida o la falta de firma en la imagen de la aplicación provocará que el proceso de subida fracase, pero no evita el exploit. Cisco Bug IDs: CSCvc21901.", }, ], id: "CVE-2018-0300", lastModified: "2024-11-21T03:37:55.740", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-21T11:29:00.337", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepwr-pt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-firepwr-pt", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "4F2B1E07-8519-4F58-9048-81ABA12E01DC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9C83E090-7C99-465A-A477-C2949B137720", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(3.5\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "B1B17D00-490A-42CE-9DBB-EF8D30264546", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0FD46BDD-4755-46DD-9F83-B2B589B09417", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0603E231-14E0-4224-898F-ED61641F7403", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "FE3EB1F2-F964-4D4E-BDE7-8E6805105152", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C9388C2C-75F4-487F-A7D8-4E17FD39A166", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "38AC6D08-C547-44A3-AC77-A63DB58E4889", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9D4C48-4D01-4761-B2D8-F16E90F78560", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_2148t:-:*:*:*:*:*:*:*", matchCriteriaId: "5A5BBD7E-7638-4725-B01E-37B0056521EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2224tp_ge:-:*:*:*:*:*:*:*", matchCriteriaId: "0F6A29A1-C498-4F98-81B6-F920AB038507", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232pp_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "37A0F8DD-8150-45EB-8C0E-636C11C258A4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232tm-e_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "1E8DC1FE-89A4-4E8D-917C-A888F2475FDC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232tm_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "F8717918-2908-470C-BD41-6B466AF539F6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248pq_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "572DBF51-E334-444B-B548-2539740E1D0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248tp-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7E8D3949-D212-4212-A651-07A631964448", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248tp_ge:-:*:*:*:*:*:*:*", matchCriteriaId: "2291E9C8-3816-49E6-843E-292686F5B6CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*", matchCriteriaId: "51EAD169-9036-496E-B740-45D79546F6D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*", matchCriteriaId: "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:3.1\\(3a\\)a:*:*:*:*:*:*:*", matchCriteriaId: "9EAE8F9F-A0D5-4CE1-9DF7-5EFB36A45B5D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*", matchCriteriaId: "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*", matchCriteriaId: "C0246716-64E9-4CCA-9546-A3A40D375E95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9BF568-45B6-4087-8DB3-B806159AE075", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9BF568-45B6-4087-8DB3-B806159AE075", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167.", }, { lang: "es", value: "Una vulnerabilidad en el componente Cisco Discovery Protocol del software FXOS y Cisco NX-OS podría permitir que un atacante adyacente no autenticado ejecute código arbitrario como root o cree una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad existe debido a las cabeceras de paquete Cisco Discovery Protocol insuficientemente validadas. Un atacante podría explotar esta vulnerabilidad enviando un paquete Cisco Discovery Protocol a un dispositivo afectado adyacente en la capa 2. Su explotación con éxito podría permitir que el atacante provoque un desbordamiento de búfer que le permitiría ejecutar código arbitrario como root o provocar una condición de denegación de servicio (DoS) en el dispositivo afectado. Esta vulnerabilidad afecta a los siguientes productos si están configurados para emplear Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches en modo Application Centric Infrastructure (ACI), Nexus 9000 Series Switches en modo NX-OS independiente, los módulos Line Cards y Fabric de Nexus 9500 R-Series, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167.", }, ], id: "CVE-2018-0303", lastModified: "2024-11-21T03:37:56.127", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-21T11:29:00.413", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-23 18:15
Modified
2024-11-21 06:43
Severity ?
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of Cisco Discovery Protocol messages that are processed by the Cisco Discovery Protocol service. An attacker could exploit this vulnerability by sending a series of malicious Cisco Discovery Protocol messages to an affected device. A successful exploit could allow the attacker to cause the Cisco Discovery Protocol service to fail and restart. In rare conditions, repeated failures of the process could occur, which could cause the entire device to restart.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9E28952E-3CD4-4B9A-8108-E026E4A7BEFE", versionEndExcluding: "2.3.1.219", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "14ECFD3A-7608-48B0-8D9B-D9AF6AEDA93F", versionEndExcluding: "2.9.1.158", versionStartIncluding: "2.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1EBB9911-CA29-49C6-AFC7-E6E671D4FDF5", versionEndExcluding: "2.10.1.179", versionStartIncluding: "2.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(7.34\\):*:*:*:*:*:*:*", matchCriteriaId: "B70C2797-D4A0-4E1A-91C3-7E5C831BD61D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*", matchCriteriaId: "E81D2CC1-376A-4D87-88EA-6E1831741EC6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*", matchCriteriaId: "F58B1C42-9150-48C9-9203-A2466FC61261", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "0AD5DA69-09D9-436A-8FC1-A46626DE2789", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*", matchCriteriaId: "E0A9CD4D-4659-402D-BDF8-E5EF86449641", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*", matchCriteriaId: "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*", matchCriteriaId: "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "9D753638-4BE8-4BF5-A083-F8360003869D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*", matchCriteriaId: "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*", matchCriteriaId: "9B875911-E742-427B-AE07-C8A5955DEA62", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*", matchCriteriaId: "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "5D0E31D5-9F1D-46EC-824F-352A0098944B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "E8AD0767-C42B-4BAC-B90C-F4412B661D7A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "D409BDF3-9F35-4D94-9DF0-7B58A519A005", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "B22B3865-30E9-4B5A-A37D-DC33F1150FFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "459A7F11-52BF-4AD6-B495-4C4D6C050493", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "FEACA55F-4335-4478-B608-EB92EE1D6C6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*", matchCriteriaId: "993AFE99-DFC3-4D92-90C8-D3A6495547BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*", matchCriteriaId: "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "108DB6B5-CB29-477F-84FC-52116F295878", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "E5ABB175-81BE-4C46-BD2D-70016508BE22", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "71F93299-A715-4E97-87FE-B1E248EA98BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "9F3AD807-5A0F-4DF5-9A7A-748205F409E7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*", matchCriteriaId: "42ABB93D-2C3A-4029-B545-B638B6C7788E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.3b\\):*:*:*:*:*:*:*", matchCriteriaId: "B3C3AEB3-5874-4CED-9C2C-EB8A0AAC1A25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:microsoft_hyper-v:*:*", matchCriteriaId: "B7063CEF-58CC-449E-BFDA-39371BA088AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "9A5FFC5B-6F90-4E8F-9AE2-B4DA4C7A144B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:vsphere:*:*", matchCriteriaId: "707970E0-8B5F-4C9D-A1C2-6AF4286CFE2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(8.15\\):*:*:*:*:*:*:*", matchCriteriaId: "11FE5E58-004C-4927-A7A8-D94D8CEA6A04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-c9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "122E24C3-1411-46DA-92F1-635BC0784559", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9332d-gx2b:-:*:*:*:*:*:*:*", matchCriteriaId: "50FE8720-EA9D-47CF-9CDB-CC09FBDD008C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9348d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "1D100815-C171-46F4-B675-64E20D8C4FD0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "A2D5229B-AFB2-4B28-95BB-563DBC346982", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9364d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "7F0AC2DC-234F-48BA-BCC8-DE82C293C273", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "9A5FFC5B-6F90-4E8F-9AE2-B4DA4C7A144B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", matchCriteriaId: "BBEF7F26-BB47-44BD-872E-130820557C23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(1a\\)a:*:*:*:*:*:*:*", matchCriteriaId: "92E775F9-12E3-41FF-B839-049D93F0588C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(3f\\)c:*:*:*:*:*:*:*", matchCriteriaId: "0A3163C7-66D2-4773-99A4-DC23D1D2AB46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of Cisco Discovery Protocol messages that are processed by the Cisco Discovery Protocol service. An attacker could exploit this vulnerability by sending a series of malicious Cisco Discovery Protocol messages to an affected device. A successful exploit could allow the attacker to cause the Cisco Discovery Protocol service to fail and restart. In rare conditions, repeated failures of the process could occur, which could cause the entire device to restart.", }, { lang: "es", value: "Una vulnerabilidad en el servicio Cisco Discovery Protocol del software Cisco FXOS y del software Cisco NX-OS podría permitir a un atacante adyacente no autenticado hacer que el servicio se reinicie, lo que provocaría una condición de denegación de servicio (DoS). Esta vulnerabilidad se debe al manejo inadecuado de los mensajes del Cisco Discovery Protocol que son procesados por el servicio Cisco Discovery Protocol. Un atacante podría explotar esta vulnerabilidad enviando una serie de mensajes maliciosos de Cisco Discovery Protocol a un dispositivo afectado. Una explotación exitosa podría permitir al atacante hacer que el servicio Cisco Discovery Protocol falle y se reinicie. En raras condiciones, podrían producirse fallos repetidos del proceso, lo que podría provocar el reinicio de todo el dispositivo", }, ], id: "CVE-2022-20625", lastModified: "2024-11-21T06:43:11.237", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-23T18:15:18.637", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdp-dos-G8DPLWYG", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdp-dos-G8DPLWYG", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-21 19:15
Modified
2024-11-21 05:31
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Cisco Firepower Chassis Manager (FCM) of Cisco FXOS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected device. The vulnerability is due to insufficient CSRF protections for the FCM interface. An attacker could exploit this vulnerability by persuading a targeted user to click a malicious link. A successful exploit could allow the attacker to send arbitrary requests that could take unauthorized actions on behalf of the targeted user.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | firepower_extensible_operating_system | 2.4\(1.249\) | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4112 | - | |
| cisco | firepower_4115 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4125 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4145 | - | |
| cisco | firepower_4150 | - | |
| cisco | firepower_9300_sm-24 | - | |
| cisco | firepower_9300_sm-36 | - | |
| cisco | firepower_9300_sm-40 | - | |
| cisco | firepower_9300_sm-44 | - | |
| cisco | firepower_9300_sm-44_x_3 | - | |
| cisco | firepower_9300_sm-48 | - | |
| cisco | firepower_9300_sm-56 | - | |
| cisco | firepower_9300_sm-56_x_3 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:2.4\\(1.249\\):*:*:*:*:*:*:*", matchCriteriaId: "D5869DA8-DC32-4FF2-8181-1F5D0ACC6695", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*", matchCriteriaId: "18048A84-BA0F-48EF-AFFB-635FF7F70C66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*", matchCriteriaId: "317DF3DD-C7CD-4CA2-804F-A738E048BEB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*", matchCriteriaId: "C13CF29B-9308-452B-B7E0-9E818B5A6C1E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB527C2-855E-4BB9-BCA7-94BE86100D44", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "E82C1B05-990D-49D2-B80A-C3EDD4082840", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*", matchCriteriaId: "421D91C3-8AB3-45E1-9E55-13ED1A4A623E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*", matchCriteriaId: "2D741945-8B0A-408D-A5FE-D5B38DC6D46A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9308CA67-E949-4338-A890-22B3C4428D70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Firepower Chassis Manager (FCM) of Cisco FXOS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected device. The vulnerability is due to insufficient CSRF protections for the FCM interface. An attacker could exploit this vulnerability by persuading a targeted user to click a malicious link. A successful exploit could allow the attacker to send arbitrary requests that could take unauthorized actions on behalf of the targeted user.", }, { lang: "es", value: "Una vulnerabilidad en Cisco Firepower Chassis Manager (FCM) de Cisco FXOS Software, podría permitir a un atacante remoto no autenticado conducir un ataque de tipo cross-site request forgery (CSRF) contra un usuario de un dispositivo afectado. La vulnerabilidad es debido a protecciones de CSRF insuficientes para la interfaz FCM. Un atacante podría explotar esta vulnerabilidad al persuadir a un usuario objetivo para que haga clic en un enlace malicioso. Una explotación con éxito podría permitir a un atacante enviar peticiones arbitrarias que podrían tomar acciones no autorizadas en nombre del usuario objetivo", }, ], id: "CVE-2020-3456", lastModified: "2024-11-21T05:31:06.343", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-21T19:15:16.263", references: [ { source: "psirt@cisco.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxosfcm-csrf-uhO4e5BZ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxosfcm-csrf-uhO4e5BZ", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-26 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root on an affected device. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "7C19C95F-4E19-4462-859A-0AFA2BA6F642", versionEndExcluding: "2.2.2.97", versionStartIncluding: "2.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "EA3D6591-C5D7-4715-8A49-93DEE5B58CC2", versionEndExcluding: "2.3.1.144", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F34A651B-BA90-43D1-A925-FF52D4295B1E", versionEndExcluding: "2.4.1.234", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*", matchCriteriaId: "18048A84-BA0F-48EF-AFFB-635FF7F70C66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*", matchCriteriaId: "317DF3DD-C7CD-4CA2-804F-A738E048BEB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*", matchCriteriaId: "C13CF29B-9308-452B-B7E0-9E818B5A6C1E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB527C2-855E-4BB9-BCA7-94BE86100D44", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "E82C1B05-990D-49D2-B80A-C3EDD4082840", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*", matchCriteriaId: "421D91C3-8AB3-45E1-9E55-13ED1A4A623E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*", matchCriteriaId: "2D741945-8B0A-408D-A5FE-D5B38DC6D46A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9308CA67-E949-4338-A890-22B3C4428D70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root on an affected device. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de Cisco FXOS Software podría permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo Linux subyacente con un nivel de privilegio root sobre un dispositivo afectado. La vulnerabilidad es debido a una comprobación insuficiente de los argumentos pasados a un comando de la CLI específico sobre el dispositivo afectado. Un atacante podría explotar esta vulnerabilidad al incluir entradas maliciosas como argumento de un comando afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo Linux subyacente con privilegios root. Un atacante necesitaría credenciales de administrador válidas para explotar esta vulnerabilidad.", }, ], id: "CVE-2020-3169", lastModified: "2024-11-21T05:30:28.293", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-26T17:15:13.047", references: [ { source: "psirt@cisco.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fpwr-cmdinj", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fpwr-cmdinj", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "4F2B1E07-8519-4F58-9048-81ABA12E01DC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9C83E090-7C99-465A-A477-C2949B137720", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(3.5\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "B1B17D00-490A-42CE-9DBB-EF8D30264546", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0FD46BDD-4755-46DD-9F83-B2B589B09417", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0603E231-14E0-4224-898F-ED61641F7403", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "FE3EB1F2-F964-4D4E-BDE7-8E6805105152", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "B0500999-E48F-4FE1-9B92-C1E179651CE5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "83B2E7F6-9641-4B55-8B7D-6B0E020DD4A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "38AC6D08-C547-44A3-AC77-A63DB58E4889", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9D4C48-4D01-4761-B2D8-F16E90F78560", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B10C9143-9E1F-4DA3-924B-68D48B4F2D37", versionEndExcluding: "7.3\\(3\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_2148t:-:*:*:*:*:*:*:*", matchCriteriaId: "5A5BBD7E-7638-4725-B01E-37B0056521EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2224tp_ge:-:*:*:*:*:*:*:*", matchCriteriaId: "0F6A29A1-C498-4F98-81B6-F920AB038507", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232pp_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "37A0F8DD-8150-45EB-8C0E-636C11C258A4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232tm-e_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "1E8DC1FE-89A4-4E8D-917C-A888F2475FDC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232tm_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "F8717918-2908-470C-BD41-6B466AF539F6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248pq_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "572DBF51-E334-444B-B548-2539740E1D0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248tp-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7E8D3949-D212-4212-A651-07A631964448", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248tp_ge:-:*:*:*:*:*:*:*", matchCriteriaId: "2291E9C8-3816-49E6-843E-292686F5B6CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*", matchCriteriaId: "51EAD169-9036-496E-B740-45D79546F6D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*", matchCriteriaId: "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "AE03EB05-946B-4DCA-82F9-1A3C05AA069A", versionEndExcluding: "3.2\\(b\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*", matchCriteriaId: "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*", matchCriteriaId: "C0246716-64E9-4CCA-9546-A3A40D375E95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9BF568-45B6-4087-8DB3-B806159AE075", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9BF568-45B6-4087-8DB3-B806159AE075", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.", }, { lang: "es", value: "Una vulnerabilidad en el componente Cisco Fabric Services del software FXOS y Cisco NX-OS podría permitir que un atacante remoto no autenticado cree una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad existe debido a que el software afectado no valida suficientemente los paquetes Cisco Fabric Services cuando el software procesa datos del paquete. Un atacante podría explotar esta vulnerabilidad enviando un paquete Cisco Fabric Services maliciosamente manipulado a un dispositivo afectado. Su explotación con éxito podría permitir que el atacante provoque un desbordamiento de búfer en el dispositivo que podría provocar cierres inesperados de procesos y resultar en una condición de denegación de servicio (DoS). La vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches en modo NX-OS independiente, los módulos Line Cards y Fabric de Nexus 9500 R-Series, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.", }, ], id: "CVE-2018-0311", lastModified: "2024-11-21T03:37:57.213", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-21T11:29:00.663", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-26 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "669EB726-B1E5-47BF-98D4-73ABDB676115", versionEndExcluding: "6.2.3.13", versionStartIncluding: "6.2.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "FBAB5FF7-1E8C-4145-A081-5916B9EB9731", versionEndExcluding: "6.4.0.8", versionStartIncluding: "6.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "931501EE-560C-49AD-805D-3008159E0A94", versionEndExcluding: "6.5.0.2", versionStartIncluding: "6.5.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "A222901B-A007-419D-9A0A-D5420EC57083", versionEndExcluding: "9.9.2.66", versionStartIncluding: "9.8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "AACB9A82-A1DF-4012-A5E1-D9C692721273", versionEndExcluding: "9.12.3.6", versionStartIncluding: "9.10", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "6F67B6AE-8757-428F-8894-A11A6553E7A2", versionEndExcluding: "9.13.1.5", versionStartIncluding: "9.13", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "082378DA-87C5-4779-8DE1-32B16879C20A", versionEndExcluding: "2.4.1.234", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EE704FC9-DFEF-48DD-A0D5-919FAF856C6F", versionEndExcluding: "3.2\\(3n\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5C79BC0D-B86C-452B-B6CA-F93E938B707F", versionEndExcluding: "4.0\\(4g\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de Cisco FXOS Software y Cisco UCS Manager Software, podría permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo (SO) subyacente. La vulnerabilidad es debido a una comprobación de entrada insuficiente. Un atacante podría explotar esta vulnerabilidad al incluir argumentos diseñados en comandos específicos. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario actualmente conectado para todas las plataformas afectadas, excluyendo Cisco UCS 6400 Series Fabric Interconnects. En Cisco UCS 6400 Series Fabric Interconnects, los comandos inyectados son ejecutados con privilegios root.", }, ], id: "CVE-2020-3167", lastModified: "2024-11-21T05:30:28.020", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-26T17:15:12.843", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-23 20:15
Modified
2024-11-21 07:40
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute unauthorized commands within the CLI. An attacker with Administrator privileges could also execute arbitrary commands on the underlying operating system of Cisco UCS 6400 and 6500 Series Fabric Interconnects with root-level privileges.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6536_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "834E1736-9E8D-476A-ADA9-EB81BEB8DC6C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6536:-:*:*:*:*:*:*:*", matchCriteriaId: "0C36A364-DBC0-44DA-9DB0-6CC8E9D074BF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_64108_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9CF884E9-68AA-44F7-A551-F7D7DF2378DB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6454_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "085034AF-4825-4E06-BCBD-6F0D80959A26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6200_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2BD99394-5B1B-49FB-9085-3D92E4DBF1A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*", matchCriteriaId: "A0B96E5C-CC27-4020-93CE-413B95DCABB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6248up_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0AE37430-9711-443E-BF69-CAAEDD2A0E45", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6296up_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9E325ADE-5098-4C1B-82FB-CB04DDB68A2A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "192B4BF0-A6E4-4241-8E30-48CAE65203F1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6324_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "63D87F40-279D-46BD-9A1E-B980E9DDD24D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6332_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "148B3732-6F6C-4865-8FCC-A215883BEEC9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6332-16up_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "027A27D8-DD06-420A-BCDC-553641F5CC83", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:-:*:*:*:*:*:*:*", matchCriteriaId: "CDB194AF-51E8-4379-B416-34049BF03754", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*", matchCriteriaId: "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*", matchCriteriaId: "18048A84-BA0F-48EF-AFFB-635FF7F70C66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*", matchCriteriaId: "317DF3DD-C7CD-4CA2-804F-A738E048BEB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*", matchCriteriaId: "C13CF29B-9308-452B-B7E0-9E818B5A6C1E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB527C2-855E-4BB9-BCA7-94BE86100D44", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "E82C1B05-990D-49D2-B80A-C3EDD4082840", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*", matchCriteriaId: "421D91C3-8AB3-45E1-9E55-13ED1A4A623E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*", matchCriteriaId: "2D741945-8B0A-408D-A5FE-D5B38DC6D46A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9308CA67-E949-4338-A890-22B3C4428D70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute unauthorized commands within the CLI. An attacker with Administrator privileges could also execute arbitrary commands on the underlying operating system of Cisco UCS 6400 and 6500 Series Fabric Interconnects with root-level privileges.", }, ], id: "CVE-2023-20015", lastModified: "2024-11-21T07:40:20.853", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.2, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-23T20:15:13.333", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxfp-cmdinj-XXBZjtR", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxfp-cmdinj-XXBZjtR", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-10-02 19:15
Modified
2024-11-21 04:23
Severity ?
Summary
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | firepower | 6.2.3.1 | |
| cisco | firepower | 6.2.3.7 | |
| cisco | firepower | 6.3.0 | |
| cisco | firepower | 6.4.0 | |
| cisco | asa_5500-x | - | |
| cisco | firepower_1010 | - | |
| cisco | firepower_1120 | - | |
| cisco | firepower_1140 | - | |
| cisco | firepower_2110 | - | |
| cisco | firepower_2120 | - | |
| cisco | firepower_2130 | - | |
| cisco | firepower_2140 | - | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4115 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4125 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4145 | - | |
| cisco | firepower_4150 | - | |
| cisco | firepower_7000 | - | |
| cisco | firepower_8000 | - | |
| cisco | firepower_9300 | - | |
| cisco | firepower_threat_defense_for_isr | - | |
| cisco | ftd_virtual | - | |
| cisco | isa_3000 | - | |
| cisco | ngipsv_for_vmware | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:firepower:6.2.3.1:*:*:*:*:*:*:*", matchCriteriaId: "575960BE-137C-4A96-BF64-351A26B8EDDC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower:6.2.3.7:*:*:*:*:*:*:*", matchCriteriaId: "C77A73AB-6907-47C3-A880-34159774A9C9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower:6.3.0:*:*:*:*:*:*:*", matchCriteriaId: "BC9D2586-4D9E-462D-97AE-E542FD1BCB93", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower:6.4.0:*:*:*:*:*:*:*", matchCriteriaId: "8E79477E-2FCE-44DA-AAD3-4009FD0500BF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asa_5500-x:-:*:*:*:*:*:*:*", matchCriteriaId: "E10D97EB-51C4-4904-ABBA-5FCDC9B6D062", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "AEC69ACD-18D9-4552-AEA5-17DE63F7D7C7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_8000:-:*:*:*:*:*:*:*", matchCriteriaId: "F74B2097-F1BC-4F1C-A471-CD54E1FB8833", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_threat_defense_for_isr:-:*:*:*:*:*:*:*", matchCriteriaId: "2CEF1C95-F461-478A-B4F3-CCEAFC257EC0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ftd_virtual:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E41ECE-56CB-4B41-AE96-B19EFA53EAD1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "9510E97A-FD78-43C6-85BC-223001ACA264", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ngipsv_for_vmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1021840C-E28C-45AD-B762-84FDED3AF86A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.", }, { lang: "es", value: "Múltiples vulnerabilidades en el Cisco Firepower System Software Detection Engine, podrían permitir a un atacante remoto no autenticado omitir las Políticas de Malware y Archivos configuradas para los tipos de archivos RTF y RAR. Para más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso.", }, ], id: "CVE-2019-12697", lastModified: "2024-11-21T04:23:23.040", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-02T19:15:13.593", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-693", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-25 19:15
Modified
2024-11-21 06:43
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The attacker would need to have Administrator privileges on the device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4110_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B6417E0C-87B6-4C3B-B8A5-FC1C232E188E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4112_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8848D88-7FE6-43C7-804A-0C4CD3914E8D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4115_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E47E6035-3C82-4540-A582-0F6A3205AC8D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4120_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C24A01DF-056B-456B-ACC7-D5C2940996B3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4125_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A7F8C83C-935A-46A6-882F-0622E92568AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4140_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "24679CC8-00D9-4DD7-A47B-F8DEB7E2A735", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4145_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "265955A5-3285-4697-8E37-4D8F75C05E41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4150_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "769776E9-4463-4F32-88FE-FA69C96D2070", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_9300_sm-40_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6D298677-4811-4B59-9BB5-EC4238C2D34D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*", matchCriteriaId: "C13CF29B-9308-452B-B7E0-9E818B5A6C1E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_9300_sm-48_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7EDE0F62-6A72-4C31-92B4-C05076FED460", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*", matchCriteriaId: "421D91C3-8AB3-45E1-9E55-13ED1A4A623E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_9300_sm-56_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3168126C-C51A-4529-9186-54E107C722C2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*", matchCriteriaId: "2D741945-8B0A-408D-A5FE-D5B38DC6D46A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_9300_sm-56_x_3_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7341633B-2D7F-42E4-A07E-41E19FB2D682", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9308CA67-E949-4338-A890-22B3C4428D70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The attacker would need to have Administrator privileges on the device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.", }, { lang: "es", value: "Una vulnerabilidad en la CLI del software Cisco FXOS podría permitir a un atacante local autenticado inyectar comandos arbitrarios que son ejecutados con privilegios de root. El atacante necesitaría tener privilegios de administrador en el dispositivo. Esta vulnerabilidad es debido a una comprobación de entrada insuficiente de los comandos suministrados por el usuario. Un atacante podría explotar esta vulnerabilidad al autenticarse en un dispositivo y enviando una entrada diseñada para el comando afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos en el sistema operativo subyacente con privilegios de root.", }, ], id: "CVE-2022-20865", lastModified: "2024-11-21T06:43:42.747", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-25T19:15:08.273", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-TxcLNZNH", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-TxcLNZNH", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-16 17:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108392 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108392 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E762B981-6AC3-41E2-9FF5-DBA9616EA75C", versionEndExcluding: "6.2\\(25\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "86770ECC-BC1D-42BC-A65B-FCE598491BEE", versionEndExcluding: "8.1\\(1b\\)", versionStartIncluding: "7.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "F4863FC5-6578-48DE-838D-E5D2EEFF27B1", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "92B576CF-5EAD-4830-A7B7-ACC434349691", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFCC3C2-3483-4BD0-AF71-23574D0849B1", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B10C9143-9E1F-4DA3-924B-68D48B4F2D37", versionEndExcluding: "7.3\\(3\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B8882184-A5B1-4F67-B942-FDEE2FFD43F4", versionEndExcluding: "8.2\\(3\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "30E29EEC-FA0C-4DCE-A4A1-6CD66180AC36", versionEndExcluding: "2.3.1.130", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "B0E1360A-E239-424C-BDB2-5A40B852F282", versionEndExcluding: "2.4.1.122", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de los programas Cisco FXOS y Cisco NX-OS podría permitir que un atacante local autenticado con credenciales de administrador ejecute comandos arbitrarios en el sistema operativo subyacente de un dispositivo afectado con privilegios elevados. La vulnerabilidad se debe a una validación insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Una explotación exitosa podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios elevados. Un atacante necesitaría credenciales de administrador válidas para aprovechar esta vulnerabilidad. Las versiones de NX-OS anteriores a 8.3 (1) están afectadas. Las versiones de NX-OS anteriores a 8.3 (1) están afectadas.", }, ], id: "CVE-2019-1780", lastModified: "2024-11-21T04:37:21.717", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 3.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-16T17:29:01.277", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108392", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108392", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-29 18:15
Modified
2024-11-21 05:44
Severity ?
Summary
A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to the insufficient management of available filesystem resources. An attacker could exploit this vulnerability by uploading files to the device and exhausting available filesystem resources. A successful exploit could allow the attacker to cause database errors and cause the device to become unresponsive to web-based management. Manual intervention is required to free filesystem resources and return the device to an operational state.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:firepower_device_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "503C619B-EDF2-4BBC-B69F-81BEBE7512EB", versionEndExcluding: "6.4.0.12", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_device_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8F30FB86-2C39-44B8-BC3F-CCA8EE8A6A34", versionEndExcluding: "6.6.4", versionStartIncluding: "6.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_device_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "75A78041-BAEA-4023-8B2D-F9090435465B", versionEndExcluding: "6.7.0.2", versionStartIncluding: "6.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to the insufficient management of available filesystem resources. An attacker could exploit this vulnerability by uploading files to the device and exhausting available filesystem resources. A successful exploit could allow the attacker to cause database errors and cause the device to become unresponsive to web-based management. Manual intervention is required to free filesystem resources and return the device to an operational state.", }, { lang: "es", value: "Una vulnerabilidad en la administración del uso del sistema de archivos para el software Cisco Firepower Device Manager (FDM), podría permitir a un atacante remoto autenticado agotar los recursos del sistema de archivos, resultando en una condición de denegación de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a una administración insuficiente de los recursos del sistema de archivos disponibles. Un atacante podría explotar esta vulnerabilidad al cargar archivos en el dispositivo y agotando los recursos disponibles del sistema de archivos. Una explotación con éxito podría permitir al atacante causar errores en la base de datos y hacer que el dispositivo no responda a la administración basada en web. Es requerida una intervención manual para liberar recursos del sistema de archivos y devolver el dispositivo a un estado operativo", }, ], id: "CVE-2021-1489", lastModified: "2024-11-21T05:44:28.167", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-29T18:15:09.347", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fdm-dos-nFES8xTN", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fdm-dos-nFES8xTN", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "psirt@cisco.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-29 18:15
Modified
2024-11-21 05:44
Severity ?
Summary
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. This vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | firepower_threat_defense | * | |
| cisco | firepower_threat_defense | * | |
| cisco | firepower_threat_defense | * | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4112 | - | |
| cisco | firepower_4115 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4125 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4145 | - | |
| cisco | firepower_4150 | - | |
| cisco | firepower_9300 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "53C69C8B-5A19-4613-8861-683CF21806B7", versionEndExcluding: "6.4.0.10", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "3ED0E59C-146C-494F-AD46-F6FB43F9C575", versionEndExcluding: "6.5.0.5", versionStartIncluding: "6.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "754010DE-2C33-4BA1-9567-90C46309B664", versionEndExcluding: "6.6.1", versionStartIncluding: "6.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. This vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.", }, { lang: "es", value: "Una vulnerabilidad en la CLI del software Cisco Firepower Threat Defense (FTD), podría permitir a un atacante autenticado local ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente de un dispositivo afectado que es ejecutado en modo multi-instance. Esta vulnerabilidad es debido a una comprobación insuficiente de los argumentos de los comandos suministrados por el usuario. Un atacante podría explotar esta vulnerabilidad mediante el envío de una entrada diseñada al comando afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos en el sistema operativo subyacente con privilegios root", }, ], id: "CVE-2021-1448", lastModified: "2024-11-21T05:44:23.240", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-29T18:15:09.007", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-06-24 16:15
Modified
2024-11-21 06:43
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:asa_firepower:*:*:*:*:*:*:*:*", matchCriteriaId: "2948FC9B-05A4-4E9B-9FE2-A4941CC94DD9", versionEndExcluding: "6.2.3.19", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:asa_firepower:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF32EC7-CC7E-46F5-9D1E-E0EE461261A7", versionEndExcluding: "6.4.0.15", versionStartIncluding: "6.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:asa_firepower:*:*:*:*:*:*:*:*", matchCriteriaId: "03F7B0B9-A618-4E8D-A767-A209A1FA0A5D", versionEndExcluding: "6.6.7", versionStartIncluding: "6.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:asa_firepower:*:*:*:*:*:*:*:*", matchCriteriaId: "3D71271D-11C6-4F43-91EE-85D4419C9C8F", versionEndExcluding: "7.0.2.1", versionStartIncluding: "6.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_management_center:-:*:*:*:*:*:*:*", matchCriteriaId: "9C29140C-1C4C-48DD-BED4-1FA0BFDC565D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_management_center_virtual_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "6B4F454C-D675-426F-961F-3A85BBF4AD4A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA.", }, { lang: "es", value: "Una vulnerabilidad en el analizador de la CLI del software Cisco FirePOWER para el módulo FirePOWER de Adaptive Security Appliance (ASA) podría permitir a un atacante remoto autenticado ejecutar comandos arbitrarios en el sistema operativo subyacente de un módulo ASA FirePOWER afectado como usuario root. Esta vulnerabilidad es debido al manejo inapropiado de parámetros de comando no definidos. Un atacante podría aprovechar esta vulnerabilidad usando un comando diseñado en la CLI o enviando una petición HTTPS diseñada a la interfaz de administración basada en web del Cisco ASA que aloja el módulo ASA FirePOWER. Nota: Para aprovechar esta vulnerabilidad, el atacante debe tener acceso administrativo al Cisco ASA. Es esperado que un usuario que tenga acceso administrativo a un determinado Cisco ASA también tenga acceso administrativo al módulo ASA FirePOWER que está alojado en ese Cisco ASA", }, ], id: "CVE-2022-20828", lastModified: "2024-11-21T06:43:38.367", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.2, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-06-24T16:15:08.523", references: [ { source: "psirt@cisco.com", tags: [ "Exploit", "Third Party Advisory", ], url: "http://packetstormsecurity.com/files/168256/Cisco-ASA-X-With-FirePOWER-Services-Authenticated-Command-Injection.html", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asasfr-cmd-inject-PE4GfdG", }, { source: "psirt@cisco.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "http://packetstormsecurity.com/files/168256/Cisco-ASA-X-With-FirePOWER-Services-Authenticated-Command-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asasfr-cmd-inject-PE4GfdG", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-236", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-06-24 16:15
Modified
2024-11-21 06:43
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. This vulnerability is due to insufficient validation of the authenticity of an ASDM image during its installation on a device that is running Cisco ASA Software. An attacker could exploit this vulnerability by installing a crafted ASDM image on the device that is running Cisco ASA Software and then waiting for a targeted user to access that device using ASDM. A successful exploit could allow the attacker to execute arbitrary code on the machine of the targeted user with the privileges of that user on that machine. Notes: To successfully exploit this vulnerability, the attacker must have administrative privileges on the device that is running Cisco ASA Software. Potential targets are limited to users who manage the same device that is running Cisco ASA Software using ASDM. Cisco has released and will release software updates that address this vulnerability.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:isa_3000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFF5B583-E8C2-4721-9E5A-9897F921EECB", versionEndExcluding: "9.18.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "9510E97A-FD78-43C6-85BC-223001ACA264", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:asa_5585-x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E8718682-6134-4060-956C-6E9D7DF7AE3E", versionEndExcluding: "9.18.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*", matchCriteriaId: "16AE20C2-C77E-4E04-BF13-A48696E52426", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:asa_5512-x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A0240213-56B7-4FFF-BC62-99BC4C39C6A0", versionEndExcluding: "9.18.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*", matchCriteriaId: "08F0F160-DAD2-48D4-B7B2-4818B2526F35", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:asa_5515-x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9AFD8494-2320-4529-BA39-4F39EABCD2DE", versionEndExcluding: "9.18.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*", matchCriteriaId: "977D597B-F6DE-4438-AB02-06BE64D71EBE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:adaptive_security_device_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E75EA8EE-B926-44B5-93F3-ED8CCDFECAE9", versionEndExcluding: "7.18.1.150", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. This vulnerability is due to insufficient validation of the authenticity of an ASDM image during its installation on a device that is running Cisco ASA Software. An attacker could exploit this vulnerability by installing a crafted ASDM image on the device that is running Cisco ASA Software and then waiting for a targeted user to access that device using ASDM. A successful exploit could allow the attacker to execute arbitrary code on the machine of the targeted user with the privileges of that user on that machine. Notes: To successfully exploit this vulnerability, the attacker must have administrative privileges on the device that is running Cisco ASA Software. Potential targets are limited to users who manage the same device that is running Cisco ASA Software using ASDM. Cisco has released and will release software updates that address this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en el empaquetado de las imágenes de Cisco Adaptive Security Device Manager (ASDM) y en la comprobación de dichas imágenes por parte del software Cisco Adaptive Security Appliance (ASA) podría permitir a un atacante remoto autenticado con privilegios administrativos cargar una imagen ASDM que contenga código malicioso en un dispositivo que esté ejecutando el software Cisco ASA. Esta vulnerabilidad es debido a que noes comprobada suficientemente la autenticidad de una imagen ASDM durante su instalación en un dispositivo que ejecuta el software Cisco ASA. Un atacante podría explotar esta vulnerabilidad al instalar una imagen ASDM diseñada en el dispositivo que está ejecutando el software Cisco ASA y luego esperar a que un usuario objetivo acceda a ese dispositivo utilizando ASDM. Una explotación con éxito podría permitir al atacante ejecutar código arbitrario en la máquina del usuario objetivo con los privilegios de ese usuario en esa máquina. Notas: Para explotar con éxito esta vulnerabilidad, el atacante debe tener privilegios administrativos en el dispositivo que está ejecutando el software Cisco ASA. Los objetivos potenciales son limitados a usuarios que administran el mismo dispositivo que ejecuta el software Cisco ASA mediante ASDM. Cisco ha publicado y publicará actualizaciones de software que abordan esta vulnerabilidad", }, ], id: "CVE-2022-20829", lastModified: "2024-11-21T06:43:38.500", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-06-24T16:15:08.580", references: [ { source: "psirt@cisco.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/jbaines-r7/theway", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-asdm-sig-NPKvwDjm", }, { source: "psirt@cisco.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/jbaines-r7/theway", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-asdm-sig-NPKvwDjm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-345", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-345", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "4F2B1E07-8519-4F58-9048-81ABA12E01DC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9C83E090-7C99-465A-A477-C2949B137720", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(3.5\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "B1B17D00-490A-42CE-9DBB-EF8D30264546", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0FD46BDD-4755-46DD-9F83-B2B589B09417", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0603E231-14E0-4224-898F-ED61641F7403", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "FE3EB1F2-F964-4D4E-BDE7-8E6805105152", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C9388C2C-75F4-487F-A7D8-4E17FD39A166", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "38AC6D08-C547-44A3-AC77-A63DB58E4889", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9D4C48-4D01-4761-B2D8-F16E90F78560", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_2148t:-:*:*:*:*:*:*:*", matchCriteriaId: "5A5BBD7E-7638-4725-B01E-37B0056521EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2224tp_ge:-:*:*:*:*:*:*:*", matchCriteriaId: "0F6A29A1-C498-4F98-81B6-F920AB038507", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232pp_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "37A0F8DD-8150-45EB-8C0E-636C11C258A4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232tm-e_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "1E8DC1FE-89A4-4E8D-917C-A888F2475FDC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232tm_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "F8717918-2908-470C-BD41-6B466AF539F6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248pq_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "572DBF51-E334-444B-B548-2539740E1D0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248tp-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7E8D3949-D212-4212-A651-07A631964448", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248tp_ge:-:*:*:*:*:*:*:*", matchCriteriaId: "2291E9C8-3816-49E6-843E-292686F5B6CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*", matchCriteriaId: "51EAD169-9036-496E-B740-45D79546F6D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*", matchCriteriaId: "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:3.1\\(3a\\)a:*:*:*:*:*:*:*", matchCriteriaId: "9EAE8F9F-A0D5-4CE1-9DF7-5EFB36A45B5D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.9\\(0.902\\):*:*:*:*:*:*:*", matchCriteriaId: "2A6984CB-EF97-4CDD-B4CF-D460908C69A7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*", matchCriteriaId: "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*", matchCriteriaId: "C0246716-64E9-4CCA-9546-A3A40D375E95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9BF568-45B6-4087-8DB3-B806159AE075", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9BF568-45B6-4087-8DB3-B806159AE075", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559.", }, { lang: "es", value: "Una vulnerabilidad en el componente Cisco Fabric Services del software FXOS y Cisco NX-OS podría permitir que un atacante remoto no autenticado obtenga información sensible de la memoria o cree una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad existe debido a que el software afectado no valida suficientemente los valores de las cabeceras de paquetes Cisco Fabric Services. Un atacante podría explotar esta vulnerabilidad enviando un paquete Cisco Fabric Services manipulado a un dispositivo afectado. Su explotación con éxito podría permitir que el atacante provoque una sobrelectura de búfer que le permitiría obtener información sensible de la memoria o provocar una condición de denegación de servicio (DoS) en el dispositivo afectado. La vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches en modo NX-OS independiente, los módulos Line Cards y Fabric de Nexus 9500 R-Series, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559.", }, ], id: "CVE-2018-0310", lastModified: "2024-11-21T03:37:57.080", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-21T11:29:00.617", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }