Search
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-34703 | 1 Cisco | 203 Catalyst 3650-12x48fd-e, Catalyst 3650-12x48fd-l, Catalyst 3650-12x48fd-s and 200 more | 2021-10-25 | 6.8 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to improper initialization of a buffer. An attacker could exploit this vulnerability via any of the following methods: An authenticated, remote attacker could access the LLDP neighbor table via either the CLI or SNMP while the device is in a specific state. An unauthenticated, adjacent attacker could corrupt the LLDP neighbor table by injecting specific LLDP frames into the network and then waiting for an administrator of the device or a network management system (NMS) managing the device to retrieve the LLDP neighbor table of the device via either the CLI or SNMP. An authenticated, adjacent attacker with SNMP read-only credentials or low privileges on the device CLI could corrupt the LLDP neighbor table by injecting specific LLDP frames into the network and then accessing the LLDP neighbor table via either the CLI or SNMP. A successful exploit could allow the attacker to cause the affected device to crash, resulting in a reload of the device. | |||||
| CVE-2021-34725 | 1 Cisco | 49 Asr 1000, Asr 1000-esp100, Asr 1000-x and 46 more | 2021-10-13 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges. | |||||
| CVE-2021-34724 | 1 Cisco | 49 Asr 1000, Asr 1000-esp100, Asr 1000-x and 46 more | 2021-10-13 | 6.6 MEDIUM | 6.0 MEDIUM |
| A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device. | |||||
| CVE-2020-3465 | 1 Cisco | 19 1100-4p, 1100-8p, 1100 Terminal Services Gateways and 16 more | 2021-08-06 | 6.1 MEDIUM | 6.5 MEDIUM |
| A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload. The vulnerability is due to incorrect handling of certain valid, but not typical, Ethernet frames. An attacker could exploit this vulnerability by sending the Ethernet frames onto the Ethernet segment. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. | |||||
| CVE-2021-1236 | 2 Cisco, Snort | 19 Csr 1000v, Firepower Management Center, Firepower Threat Defense and 16 more | 2021-01-19 | 5.0 MEDIUM | 5.3 MEDIUM |
| Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. | |||||
| CVE-2021-1224 | 2 Cisco, Snort | 43 Csr 1000v, Firepower Management Center, Firepower Threat Defense and 40 more | 2021-01-19 | 5.0 MEDIUM | 5.3 MEDIUM |
| Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload. | |||||
| CVE-2020-3503 | 1 Cisco | 128 Asr1001-hx, Asr1001-hx-rf, Asr1001-x-rf and 125 more | 2020-10-08 | 3.6 LOW | 6.0 MEDIUM |
| A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vulnerability is due to insufficient file system permissions on an affected device. An attacker could exploit this vulnerability by connecting to an affected device's guest shell, and accessing or modifying restricted files. A successful exploit could allow the attacker to view or modify restricted information or configurations that are normally not accessible to system administrators. | |||||