Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-30 | CVE-2017-12340 | Improper Encoding or Escaping of Output vulnerability in Cisco Nx-Os 8.1(0.70)S0 A vulnerability in Cisco NX-OS System Software running on Cisco MDS Multilayer Director Switches, Cisco Nexus 7000 Series Switches, and Cisco Nexus 7700 Series Switches could allow an authenticated, local attacker to access the Bash shell of an affected device's operating system, even if the Bash shell is disabled on the system. | 4.2 |
| 2017-11-30 | CVE-2017-12339 | Command Injection vulnerability in Cisco LAN Switch Software and Nx-Os A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. | 5.7 |
| 2017-11-30 | CVE-2017-12338 | Improper Input Validation vulnerability in Cisco products A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. | 6.0 |
| 2017-11-30 | CVE-2017-12336 | Improper Input Validation vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in the TCL scripting subsystem of Cisco NX-OS System Software could allow an authenticated, local attacker to escape the interactive TCL shell and gain unauthorized access to the underlying operating system of the device. | 4.2 |
| 2017-11-30 | CVE-2017-12335 | Command Injection vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. | 6.3 |
| 2017-11-30 | CVE-2017-12334 | Improper Input Validation vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. | 6.7 |
| 2017-11-30 | CVE-2017-12333 | Improper Verification of Cryptographic Signature vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. | 6.7 |
| 2017-11-30 | CVE-2017-12332 | Unrestricted Upload of File with Dangerous Type vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. | 4.4 |
| 2017-11-30 | CVE-2017-12331 | Improper Verification of Cryptographic Signature vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. | 6.7 |
| 2017-11-30 | CVE-2017-12330 | Command Injection vulnerability in Cisco Nx-Os 7.0(0)Hsk(0.357)/8.1(0)Bd(0.20)/8.1(1) A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. | 6.3 |