Vulnerabilites related to cisco - network_services_orchestrator
CVE-2021-1572 (GCVE-0-2021-1572)
Vulnerability from cvelistv5
Published
2021-08-04 17:20
Modified
2024-11-07 22:05
Severity ?
EPSS score ?
Summary
A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on an affected device. The vulnerability exists because the affected software incorrectly runs the SFTP user service at the privilege level of the account that was running when the ConfD built-in Secure Shell (SSH) server for CLI was enabled. If the ConfD built-in SSH server was not enabled, the device is not affected by this vulnerability. An attacker with low-level privileges could exploit this vulnerability by authenticating to an affected device and issuing a series of commands at the SFTP interface. A successful exploit could allow the attacker to elevate privileges to the level of the account under which ConfD is running, which is commonly root. Note: Any user who can authenticate to the built-in SSH server may exploit this vulnerability. By default, all ConfD users have this access if the server is enabled. Software updates that address this vulnerability have been released.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-priv-esc-XXqRtTfT | vendor-advisory, x_refsource_CISCO | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-confd-priv-esc-LsGtCRx4 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco ConfD |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:18:10.281Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210804 Cisco Network Services Orchestrator CLI Secure Shell Server Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-priv-esc-XXqRtTfT", }, { name: "20210804 ConfD CLI Secure Shell Server Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-confd-priv-esc-LsGtCRx4", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1572", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-07T21:43:30.758700Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-07T22:05:00.908Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco ConfD", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-08-04T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on an affected device. The vulnerability exists because the affected software incorrectly runs the SFTP user service at the privilege level of the account that was running when the ConfD built-in Secure Shell (SSH) server for CLI was enabled. If the ConfD built-in SSH server was not enabled, the device is not affected by this vulnerability. An attacker with low-level privileges could exploit this vulnerability by authenticating to an affected device and issuing a series of commands at the SFTP interface. A successful exploit could allow the attacker to elevate privileges to the level of the account under which ConfD is running, which is commonly root. Note: Any user who can authenticate to the built-in SSH server may exploit this vulnerability. By default, all ConfD users have this access if the server is enabled. Software updates that address this vulnerability have been released.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-266", description: "CWE-266", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-11T18:18:19", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210804 Cisco Network Services Orchestrator CLI Secure Shell Server Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-priv-esc-XXqRtTfT", }, { name: "20210804 ConfD CLI Secure Shell Server Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-confd-priv-esc-LsGtCRx4", }, ], source: { advisory: "cisco-sa-confd-priv-esc-LsGtCRx4", defect: [ [ "CSCvy43896", ], ], discovery: "INTERNAL", }, title: "ConfD CLI Secure Shell Server Privilege Escalation Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-08-04T16:00:00", ID: "CVE-2021-1572", STATE: "PUBLIC", TITLE: "ConfD CLI Secure Shell Server Privilege Escalation Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco ConfD", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on an affected device. The vulnerability exists because the affected software incorrectly runs the SFTP user service at the privilege level of the account that was running when the ConfD built-in Secure Shell (SSH) server for CLI was enabled. If the ConfD built-in SSH server was not enabled, the device is not affected by this vulnerability. An attacker with low-level privileges could exploit this vulnerability by authenticating to an affected device and issuing a series of commands at the SFTP interface. A successful exploit could allow the attacker to elevate privileges to the level of the account under which ConfD is running, which is commonly root. Note: Any user who can authenticate to the built-in SSH server may exploit this vulnerability. By default, all ConfD users have this access if the server is enabled. Software updates that address this vulnerability have been released.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.8", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-266", }, ], }, ], }, references: { reference_data: [ { name: "20210804 Cisco Network Services Orchestrator CLI Secure Shell Server Privilege Escalation Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-priv-esc-XXqRtTfT", }, { name: "20210804 ConfD CLI Secure Shell Server Privilege Escalation Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-confd-priv-esc-LsGtCRx4", }, ], }, source: { advisory: "cisco-sa-confd-priv-esc-LsGtCRx4", defect: [ [ "CSCvy43896", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1572", datePublished: "2021-08-04T17:20:09.937016Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-07T22:05:00.908Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-3362 (GCVE-0-2020-3362)
Vulnerability from cvelistv5
Published
2020-06-18 02:17
Modified
2024-11-15 17:00
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco Network Services Orchestrator (NSO) could allow an authenticated, local attacker to access confidential information on an affected device. The vulnerability is due to a timing issue in the processing of CLI commands. An attacker could exploit this vulnerability by executing a specific sequence of commands on the CLI. A successful exploit could allow the attacker to read configuration information that would normally be accessible to administrators only.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-info-disclosure-WdNvBTNq | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Network Services Orchestrator |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:58.218Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Network Services Orchestrator Information Disclosure Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-info-disclosure-WdNvBTNq", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3362", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:27:34.268033Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:00:53.270Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Network Services Orchestrator", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco Network Services Orchestrator (NSO) could allow an authenticated, local attacker to access confidential information on an affected device. The vulnerability is due to a timing issue in the processing of CLI commands. An attacker could exploit this vulnerability by executing a specific sequence of commands on the CLI. A successful exploit could allow the attacker to read configuration information that would normally be accessible to administrators only.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:17:13", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Network Services Orchestrator Information Disclosure Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-info-disclosure-WdNvBTNq", }, ], source: { advisory: "cisco-sa-nso-info-disclosure-WdNvBTNq", defect: [ [ "CSCvu17597", ], ], discovery: "INTERNAL", }, title: "Cisco Network Services Orchestrator Information Disclosure Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3362", STATE: "PUBLIC", TITLE: "Cisco Network Services Orchestrator Information Disclosure Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Network Services Orchestrator", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco Network Services Orchestrator (NSO) could allow an authenticated, local attacker to access confidential information on an affected device. The vulnerability is due to a timing issue in the processing of CLI commands. An attacker could exploit this vulnerability by executing a specific sequence of commands on the CLI. A successful exploit could allow the attacker to read configuration information that would normally be accessible to administrators only.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.7", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Network Services Orchestrator Information Disclosure Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-info-disclosure-WdNvBTNq", }, ], }, source: { advisory: "cisco-sa-nso-info-disclosure-WdNvBTNq", defect: [ [ "CSCvu17597", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3362", datePublished: "2020-06-18T02:17:13.303988Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:00:53.270Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-0274 (GCVE-0-2018-0274)
Vulnerability from cvelistv5
Published
2018-06-07 12:00
Modified
2024-11-29 15:06
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting malicious arguments into vulnerable commands. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected system. This vulnerability affects the following releases of Cisco Network Services Orchestrator (NSO): 4.1 through 4.1.6.0, 4.2 through 4.2.4.0, 4.3 through 4.3.3.0, 4.4 through 4.4.2.0. Cisco Bug IDs: CSCvf99982.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/104449 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-nso | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco Network Services Orchestrator unknown |
Version: Cisco Network Services Orchestrator unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:15.261Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "104449", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/104449", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-nso", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0274", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:42:37.539097Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T15:06:59.300Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Network Services Orchestrator unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco Network Services Orchestrator unknown", }, ], }, ], datePublic: "2018-06-07T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting malicious arguments into vulnerable commands. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected system. This vulnerability affects the following releases of Cisco Network Services Orchestrator (NSO): 4.1 through 4.1.6.0, 4.2 through 4.2.4.0, 4.3 through 4.3.3.0, 4.4 through 4.4.2.0. Cisco Bug IDs: CSCvf99982.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-14T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "104449", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/104449", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-nso", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0274", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Network Services Orchestrator unknown", version: { version_data: [ { version_value: "Cisco Network Services Orchestrator unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting malicious arguments into vulnerable commands. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected system. This vulnerability affects the following releases of Cisco Network Services Orchestrator (NSO): 4.1 through 4.1.6.0, 4.2 through 4.2.4.0, 4.3 through 4.3.3.0, 4.4 through 4.4.2.0. Cisco Bug IDs: CSCvf99982.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "104449", refsource: "BID", url: "http://www.securityfocus.com/bid/104449", }, { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-nso", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-nso", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0274", datePublished: "2018-06-07T12:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T15:06:59.300Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-44228 (GCVE-0-2021-44228)
Vulnerability from cvelistv5
Published
2021-12-10 00:00
Modified
2025-02-04 14:25
Severity ?
EPSS score ?
Summary
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Log4j2 |
Version: 2.0-beta9 < log4j-core* |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:17:24.696Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://logging.apache.org/log4j/2.x/security.html", }, { name: "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/1", }, { name: "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/2", }, { name: "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/3", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211210-0007/", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { tags: [ "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html", }, { name: "DSA-5020", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5020", }, { name: "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html", }, { name: "FEDORA-2021-f0f501d01f", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/", }, { name: "Microsoft’s Response to CVE-2021-44228 Apache Log4j 2", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/", }, { name: "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/2", }, { name: "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/1", }, { name: "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/14/4", }, { name: "20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "VU#930724", tags: [ "third-party-advisory", "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { tags: [ "x_transferred", ], url: "https://twitter.com/kurtseifried/status/1469345530182455296", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html", }, { tags: [ "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", }, { name: "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/15/3", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", }, { name: "FEDORA-2021-66d6c484f3", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html", }, { tags: [ "x_transferred", ], url: "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html", }, { name: "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Mar/23", }, { tags: [ "x_transferred", ], url: "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001", }, { tags: [ "x_transferred", ], url: "https://github.com/cisagov/log4j-affected-db", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213189", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228", }, { tags: [ "x_transferred", ], url: "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html", }, { name: "20220721 Open-Xchange Security Advisory 2022-07-21", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Jul/11", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html", }, { name: "20221208 Intel Data Center Manager <= 5.1 Local Privileges Escalation", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Dec/2", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2021-44228", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T14:25:34.416117Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-12-10", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-44228", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-02-04T14:25:37.215Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Apache Log4j2", vendor: "Apache Software Foundation", versions: [ { changes: [ { at: "2.3.1", status: "unaffected", }, { at: "2.4", status: "affected", }, { at: "2.12.2", status: "unaffected", }, { at: "2.13.0", status: "affected", }, { at: "2.15.0", status: "unaffected", }, ], lessThan: "log4j-core*", status: "affected", version: "2.0-beta9", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "This issue was discovered by Chen Zhaojun of Alibaba Cloud Security Team.", }, ], descriptions: [ { lang: "en", value: "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.", }, ], metrics: [ { other: { content: { other: "critical", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-03T00:00:00.000Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { url: "https://logging.apache.org/log4j/2.x/security.html", }, { name: "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/1", }, { name: "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/2", }, { name: "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/3", }, { url: "https://security.netapp.com/advisory/ntap-20211210-0007/", }, { url: "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { url: "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html", }, { name: "DSA-5020", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-5020", }, { name: "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html", }, { name: "FEDORA-2021-f0f501d01f", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/", }, { name: "Microsoft’s Response to CVE-2021-44228 Apache Log4j 2", tags: [ "vendor-advisory", ], url: "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/", }, { name: "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/2", }, { name: "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/1", }, { name: "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/14/4", }, { name: "20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "VU#930724", tags: [ "third-party-advisory", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { url: "https://twitter.com/kurtseifried/status/1469345530182455296", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf", }, { url: "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html", }, { url: "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { url: "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html", }, { url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", }, { name: "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/15/3", }, { url: "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html", }, { url: "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html", }, { url: "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html", }, { url: "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html", }, { url: "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", }, { name: "FEDORA-2021-66d6c484f3", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/", }, { url: "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { url: "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html", }, { url: "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md", }, { url: "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html", }, { url: "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html", }, { name: "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Mar/23", }, { url: "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001", }, { url: "https://github.com/cisagov/log4j-affected-db", }, { url: "https://support.apple.com/kb/HT213189", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228", }, { url: "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html", }, { name: "20220721 Open-Xchange Security Advisory 2022-07-21", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Jul/11", }, { url: "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html", }, { url: "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html", }, { name: "20221208 Intel Data Center Manager <= 5.1 Local Privileges Escalation", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Dec/2", }, { url: "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html", }, ], source: { discovery: "UNKNOWN", }, title: "Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2021-44228", datePublished: "2021-12-10T00:00:00.000Z", dateReserved: "2021-11-26T00:00:00.000Z", dateUpdated: "2025-02-04T14:25:37.215Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-20381 (GCVE-0-2024-20381)
Vulnerability from cvelistv5
Published
2024-09-11 16:38
Modified
2024-09-27 13:58
Severity ?
EPSS score ?
Summary
A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the configuration of an affected application or device.
This vulnerability is due to improper authorization checks on the API. An attacker with privileges sufficient to access the affected application or device could exploit this vulnerability by sending malicious requests to the JSON-RPC API. A successful exploit could allow the attacker to make unauthorized modifications to the configuration of the affected application or device, including creating new user accounts or elevating their own privileges on an affected system.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco IOS XR Software |
Version: 6.5.3 Version: 6.5.29 Version: 6.5.1 Version: 6.6.1 Version: 6.5.2 Version: 6.5.92 Version: 6.5.15 Version: 6.6.2 Version: 7.0.1 Version: 6.6.25 Version: 6.5.26 Version: 6.6.11 Version: 6.5.25 Version: 6.5.28 Version: 6.5.93 Version: 6.6.12 Version: 6.5.90 Version: 7.0.0 Version: 7.1.1 Version: 7.0.90 Version: 6.6.3 Version: 6.7.1 Version: 7.0.2 Version: 7.1.15 Version: 7.2.0 Version: 7.2.1 Version: 7.1.2 Version: 6.7.2 Version: 7.0.11 Version: 7.0.12 Version: 7.0.14 Version: 7.1.25 Version: 6.6.4 Version: 7.2.12 Version: 7.3.1 Version: 7.1.3 Version: 6.7.3 Version: 7.4.1 Version: 7.2.2 Version: 6.7.4 Version: 6.5.31 Version: 7.3.15 Version: 7.3.16 Version: 6.8.1 Version: 7.4.15 Version: 6.5.32 Version: 7.3.2 Version: 7.5.1 Version: 7.4.16 Version: 7.3.27 Version: 7.6.1 Version: 7.5.2 Version: 7.8.1 Version: 7.6.15 Version: 7.5.12 Version: 7.8.12 Version: 7.3.3 Version: 7.7.1 Version: 6.8.2 Version: 7.3.4 Version: 7.4.2 Version: 6.7.35 Version: 6.9.1 Version: 7.6.2 Version: 7.5.3 Version: 7.7.2 Version: 6.9.2 Version: 7.9.1 Version: 7.10.1 Version: 7.8.2 Version: 7.5.4 Version: 6.5.33 Version: 7.8.22 Version: 7.7.21 Version: 7.9.2 Version: 7.3.5 Version: 7.5.5 Version: 7.11.1 Version: 7.9.21 Version: 7.10.2 Version: 24.1.1 Version: 7.6.3 Version: 7.3.6 Version: 7.5.52 Version: 7.11.2 Version: 24.2.1 Version: 24.1.2 Version: 24.2.11 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "network_services_orchestrator", vendor: "cisco", versions: [ { status: "affected", version: "5.4.1", }, { status: "affected", version: "5.3.1", }, ], }, { cpes: [ "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "small_business_rv_series_router_firmware", vendor: "cisco", versions: [ { status: "affected", version: "1.0.01.17", }, { status: "affected", version: "1.0.03.17", }, ], }, { cpes: [ "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ios_xr", vendor: "cisco", versions: [ { status: "affected", version: "6.5.3", }, { status: "affected", version: "6.5.29", }, { status: "affected", version: "6.5.1", }, { status: "affected", version: "6.6.1", }, { status: "affected", version: "6.5.2", }, { status: "affected", version: "6.5.92", }, { status: "affected", version: "6.5.15", }, { status: "affected", version: "6.6.2", }, { status: "affected", version: "7.0.1", }, { status: "affected", version: "6.6.25", }, { status: "affected", version: "6.5.28", }, { status: "affected", version: "6.5.93", }, { status: "affected", version: "6.6.12", }, { status: "affected", version: "6.5.90", }, { status: "affected", version: "7.0.0", }, { status: "affected", version: "7.1.1", }, { status: "affected", version: "7.0.90", }, { status: "affected", version: "6.6.3", }, { status: "affected", version: "6.7.1", }, { status: "affected", version: "7.0.2", }, { status: "affected", version: "7.1.15", }, { status: "affected", version: "7.2.0", }, { status: "affected", version: "7.2.1", }, { status: "affected", version: "6.7.2", }, { status: "affected", version: "7.0.11", }, { status: "affected", version: "7.0.12", }, { status: "affected", version: "7.0.14", }, { status: "affected", version: "7.1.25", }, { status: "affected", version: "6.6.4", }, { status: "affected", version: "7.2.12", }, { status: "affected", version: "7.3.1", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-20381", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-27T03:55:16.289362Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-27T13:58:21.912Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Cisco IOS XR Software", vendor: "Cisco", versions: [ { status: "affected", version: "6.5.3", }, { status: "affected", version: "6.5.29", }, { status: "affected", version: "6.5.1", }, { status: "affected", version: "6.6.1", }, { status: "affected", version: "6.5.2", }, { status: "affected", version: "6.5.92", }, { status: "affected", version: "6.5.15", }, { status: "affected", version: "6.6.2", }, { status: "affected", version: "7.0.1", }, { status: "affected", version: "6.6.25", }, { status: "affected", version: "6.5.26", }, { status: "affected", version: "6.6.11", }, { status: "affected", version: "6.5.25", }, { status: "affected", version: "6.5.28", }, { status: "affected", version: "6.5.93", }, { status: "affected", version: "6.6.12", }, { status: "affected", version: "6.5.90", }, { status: "affected", version: "7.0.0", }, { status: "affected", version: "7.1.1", }, { status: "affected", version: "7.0.90", }, { status: "affected", version: "6.6.3", }, { status: "affected", version: "6.7.1", }, { status: "affected", version: "7.0.2", }, { status: "affected", version: "7.1.15", }, { status: "affected", version: "7.2.0", }, { status: "affected", version: "7.2.1", }, { status: "affected", version: "7.1.2", }, { status: "affected", version: "6.7.2", }, { status: "affected", version: "7.0.11", }, { status: "affected", version: "7.0.12", }, { status: "affected", version: "7.0.14", }, { status: "affected", version: "7.1.25", }, { status: "affected", version: "6.6.4", }, { status: "affected", version: "7.2.12", }, { status: "affected", version: "7.3.1", }, { status: "affected", version: "7.1.3", }, { status: "affected", version: "6.7.3", }, { status: "affected", version: "7.4.1", }, { status: "affected", version: "7.2.2", }, { status: "affected", version: "6.7.4", }, { status: "affected", version: "6.5.31", }, { status: "affected", version: "7.3.15", }, { status: "affected", version: "7.3.16", }, { status: "affected", version: "6.8.1", }, { status: "affected", version: "7.4.15", }, { status: "affected", version: "6.5.32", }, { status: "affected", version: "7.3.2", }, { status: "affected", version: "7.5.1", }, { status: "affected", version: "7.4.16", }, { status: "affected", version: "7.3.27", }, { status: "affected", version: "7.6.1", }, { status: "affected", version: "7.5.2", }, { status: "affected", version: "7.8.1", }, { status: "affected", version: "7.6.15", }, { status: "affected", version: "7.5.12", }, { status: "affected", version: "7.8.12", }, { status: "affected", version: "7.3.3", }, { status: "affected", version: "7.7.1", }, { status: "affected", version: "6.8.2", }, { status: "affected", version: "7.3.4", }, { status: "affected", version: "7.4.2", }, { status: "affected", version: "6.7.35", }, { status: "affected", version: "6.9.1", }, { status: "affected", version: "7.6.2", }, { status: "affected", version: "7.5.3", }, { status: "affected", version: "7.7.2", }, { status: "affected", version: "6.9.2", }, { status: "affected", version: "7.9.1", }, { status: "affected", version: "7.10.1", }, { status: "affected", version: "7.8.2", }, { status: "affected", version: "7.5.4", }, { status: "affected", version: "6.5.33", }, { status: "affected", version: "7.8.22", }, { status: "affected", version: "7.7.21", }, { status: "affected", version: "7.9.2", }, { status: "affected", version: "7.3.5", }, { status: "affected", version: "7.5.5", }, { status: "affected", version: "7.11.1", }, { status: "affected", version: "7.9.21", }, { status: "affected", version: "7.10.2", }, { status: "affected", version: "24.1.1", }, { status: "affected", version: "7.6.3", }, { status: "affected", version: "7.3.6", }, { status: "affected", version: "7.5.52", }, { status: "affected", version: "7.11.2", }, { status: "affected", version: "24.2.1", }, { status: "affected", version: "24.1.2", }, { status: "affected", version: "24.2.11", }, ], }, { defaultStatus: "unknown", product: "Cisco Network Services Orchestrator", vendor: "Cisco", versions: [ { status: "affected", version: "5.4.1", }, { status: "affected", version: "5.3.1", }, { status: "affected", version: "4.4.1", }, { status: "affected", version: "5.2.1.1", }, { status: "affected", version: "5.4.0.1", }, { status: "affected", version: "4.7.1", }, { status: "affected", version: "5.2.0.3", }, { status: "affected", version: "5.2.1", }, { status: "affected", version: "5.1.2", }, { status: "affected", version: "5.4", }, { status: "affected", version: "4.5.1", }, { status: "affected", version: "5.4.0.2", }, { status: "affected", version: "4.7.3", }, { status: "affected", version: "5.2.0.4", }, { status: "affected", version: "5.1.1.1", }, { status: "affected", version: "5.1.1.3", }, { status: "affected", version: "5.2.3.2", }, { status: "affected", version: "5.4.1.1", }, { status: "affected", version: "5.5", }, { status: "affected", version: "5.4.2", }, { status: "affected", version: "5.5.1", }, { status: "affected", version: "5.4.3", }, { status: "affected", version: "5.4.3.1", }, { status: "affected", version: "5.5.2", }, { status: "affected", version: "5.3.4.3", }, { status: "affected", version: "5.5.2.1", }, { status: "affected", version: "5.5.2.2", }, { status: "affected", version: "5.4.3.2", }, { status: "affected", version: "5.5.2.3", }, { status: "affected", version: "5.4.4", }, { status: "affected", version: "5.4.4.1", }, { status: "affected", version: "5.5.2.4", }, { status: "affected", version: "5.5.2.5", }, { status: "affected", version: "5.5.2.6", }, { status: "affected", version: "5.4.4.2", }, { status: "affected", version: "5.4.3.3", }, { status: "affected", version: "5.5.2.7", }, { status: "affected", version: "5.5.2.8", }, { status: "affected", version: "5.4.3.4", }, { status: "affected", version: "5.4.4.3", }, { status: "affected", version: "5.6", }, { status: "affected", version: "5.5.2.9", }, { status: "affected", version: "5.5.3", }, { status: "affected", version: "5.5.2.10", }, { status: "affected", version: "5.6.1", }, { status: "affected", version: "5.5.2.11", }, { status: "affected", version: "5.6.2", }, { status: "affected", version: "5.5.3.1", }, { status: "affected", version: "5.4.5", }, { status: "affected", version: "5.4.5.1", }, { status: "affected", version: "5.5.4", }, { status: "affected", version: "5.6.3", }, { status: "affected", version: "5.5.4.1", }, { status: "affected", version: "5.7", }, { status: "affected", version: "5.5.2.12", }, { status: "affected", version: "5.4.2.1", }, { status: "affected", version: "5.6.3.1", }, { status: "affected", version: "5.4.5.2", }, { status: "affected", version: "5.7.1", }, { status: "affected", version: "5.7.1.1", }, { status: "affected", version: "5.6.4", }, { status: "affected", version: "5.4.2.2", }, { status: "affected", version: "5.4.6", }, { status: "affected", version: "5.7.2", }, { status: "affected", version: "5.7.2.1", }, { status: "affected", version: "5.6.5", }, { status: "affected", version: "5.5.5", }, { status: "affected", version: "5.7.3", }, { status: "affected", version: "5.8", }, { status: "affected", version: "5.6.6.1", }, { status: "affected", version: "5.7.5.1", }, { status: "affected", version: "5.6.7.1", }, { status: "affected", version: "5.6.7", }, { status: "affected", version: "5.5.6.1", }, { status: "affected", version: "5.8.1", }, { status: "affected", version: "5.6.6", }, { status: "affected", version: "5.4.7", }, { status: "affected", version: "5.8.2.1", }, { status: "affected", version: "5.7.5", }, { status: "affected", version: "5.7.4", }, { status: "affected", version: "5.8.2", }, { status: "affected", version: "5.5.6", }, { status: "affected", version: "5.6.7.2", }, { status: "affected", version: "5.7.6", }, { status: "affected", version: "5.7.6.1", }, { status: "affected", version: "5.8.3", }, { status: "affected", version: "5.6.8", }, { status: "affected", version: "5.7.6.2", }, { status: "affected", version: "5.8.4", }, { status: "affected", version: "5.5.7", }, { status: "affected", version: "5.7.7", }, { status: "affected", version: "5.6.9", }, { status: "affected", version: "5.6.8.1", }, { status: "affected", version: "5.8.5", }, { status: "affected", version: "5.5.8", }, { status: "affected", version: "5.7.8", }, { status: "affected", version: "5.4.7.1", }, { status: "affected", version: "6.0", }, { status: "affected", version: "5.7.8.1", }, { status: "affected", version: "6.0.1", }, { status: "affected", version: "5.6.10", }, { status: "affected", version: "5.8.6", }, { status: "affected", version: "6.0.1.1", }, { status: "affected", version: "6.0.2", }, { status: "affected", version: "5.7.9", }, { status: "affected", version: "5.5.9", }, { status: "affected", version: "5.6.11", }, { status: "affected", version: "5.8.7", }, { status: "affected", version: "6.0.3", }, { status: "affected", version: "5.7.10", }, { status: "affected", version: "5.6.12", }, { status: "affected", version: "5.8.8", }, { status: "affected", version: "6.0.4", }, { status: "affected", version: "5.5.10", }, { status: "affected", version: "5.7.10.1", }, { status: "affected", version: "6.1", }, { status: "affected", version: "5.7.6.3", }, { status: "affected", version: "5.7.11", }, { status: "affected", version: "6.0.5", }, { status: "affected", version: "5.6.13", }, { status: "affected", version: "5.8.9", }, { status: "affected", version: "6.1.1", }, { status: "affected", version: "5.7.10.2", }, { status: "affected", version: "6.0.6", }, { status: "affected", version: "5.7.12", }, { status: "affected", version: "6.1.2", }, { status: "affected", version: "5.6.14", }, { status: "affected", version: "6.1.2.1", }, { status: "affected", version: "5.8.10", }, { status: "affected", version: "6.0.7", }, { status: "affected", version: "6.1.3", }, { status: "affected", version: "5.7.13", }, { status: "affected", version: "5.8.11", }, { status: "affected", version: "6.1.3.1", }, { status: "affected", version: "6.0.8", }, { status: "affected", version: "6.1.4", }, { status: "affected", version: "5.6.14.1", }, { status: "affected", version: "5.8.12", }, { status: "affected", version: "6.0.9", }, { status: "affected", version: "6.1.5", }, { status: "affected", version: "6.2", }, { status: "affected", version: "5.8.13", }, { status: "affected", version: "5.7.14", }, { status: "affected", version: "6.0.10", }, { status: "affected", version: "6.1.6", }, { status: "affected", version: "6.1.6.1", }, { status: "affected", version: "6.0.11", }, { status: "affected", version: "6.1.7", }, { status: "affected", version: "6.2.2", }, { status: "affected", version: "5.7.15", }, { status: "affected", version: "6.1.3.2", }, { status: "affected", version: "6.1.7.1", }, { status: "affected", version: "6.0.12", }, { status: "affected", version: "6.1.8", }, { status: "affected", version: "5.7.9.1", }, { status: "affected", version: "5.7.15.1", }, { status: "affected", version: "6.1.10", }, { status: "affected", version: "6.1.11", }, { status: "affected", version: "5.1.4.3", }, { status: "affected", version: "6.1.11.1", }, { status: "affected", version: "6.1.11.2", }, { status: "affected", version: "5.7.17", }, { status: "affected", version: "6.1.12", }, ], }, { defaultStatus: "unknown", product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "1.0.01.17", }, { status: "affected", version: "1.0.03.17", }, { status: "affected", version: "1.0.01.16", }, { status: "affected", version: "1.0.01.18", }, { status: "affected", version: "1.0.00.29", }, { status: "affected", version: "1.0.03.16", }, { status: "affected", version: "1.0.03.15", }, { status: "affected", version: "1.0.02.16", }, { status: "affected", version: "1.0.01.20", }, { status: "affected", version: "1.0.00.33", }, { status: "affected", version: "1.0.03.18", }, { status: "affected", version: "1.0.03.19", }, { status: "affected", version: "1.0.03.20", }, { status: "affected", version: "1.0.03.21", }, { status: "affected", version: "1.0.03.22", }, { status: "affected", version: "1.0.03.24", }, { status: "affected", version: "1.0.03.26", }, { status: "affected", version: "1.0.03.27", }, { status: "affected", version: "1.0.03.28", }, { status: "affected", version: "1.0.03.29", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the configuration of an affected application or device. \r\n\r\nThis vulnerability is due to improper authorization checks on the API. An attacker with privileges sufficient to access the affected application or device could exploit this vulnerability by sending malicious requests to the JSON-RPC API. A successful exploit could allow the attacker to make unauthorized modifications to the configuration of the affected application or device, including creating new user accounts or elevating their own privileges on an affected system.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-285", description: "Improper Authorization", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-25T16:24:52.271Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-nso-auth-bypass-QnTEesp", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-auth-bypass-QnTEesp", }, ], source: { advisory: "cisco-sa-nso-auth-bypass-QnTEesp", defects: [ "CSCwj26769", ], discovery: "INTERNAL", }, title: "Cisco Network Services Orchestrator Configuration Update Authorization Bypass Vulnerability", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2024-20381", datePublished: "2024-09-11T16:38:42.096Z", dateReserved: "2023-11-08T15:08:07.656Z", dateUpdated: "2024-09-27T13:58:21.912Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-20369 (GCVE-0-2024-20369)
Vulnerability from cvelistv5
Published
2024-05-15 17:23
Modified
2024-08-01 21:59
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Crosswork Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
This vulnerability is due to improper input validation of a parameter in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Network Services Orchestrator |
Version: 5.4 Version: 5.5 Version: 5.6 Version: 5.7 Version: 5.8 Version: 5.1.1.1 Version: 5.1.1.3 Version: 5.1.2 Version: 5.2.0.4 Version: 5.2.1 Version: 5.2.1.1 Version: 5.2.3.2 Version: 5.3.1 Version: 5.3.4.3 Version: 5.4.0.1 Version: 5.4.1 Version: 5.4.1.1 Version: 5.4.2 Version: 5.4.3.1 Version: 5.4.4.1 Version: 5.4.4 Version: 5.4.4.3 Version: 5.4.3.3 Version: 5.4.5.1 Version: 5.4.5.2 Version: 5.4.5 Version: 5.4.6 Version: 5.4.7 Version: 5.4.7.1 Version: 5.5.1 Version: 5.5.2 Version: 5.5.2.1 Version: 5.5.2.3 Version: 5.5.2.4 Version: 5.5.2.9 Version: 5.5.2.10 Version: 5.5.3 Version: 5.5.2.7 Version: 5.5.2.12 Version: 5.5.4.1 Version: 5.5.3.1 Version: 5.5.5 Version: 5.5.6 Version: 5.5.7 Version: 5.5.8 Version: 5.6.1 Version: 5.6.3 Version: 5.6.2 Version: 5.6.5 Version: 5.6.6 Version: 5.6.6.1 Version: 5.6.7 Version: 5.6.7.1 Version: 5.6.8 Version: 5.6.8.1 Version: 5.6.11 Version: 5.6.13 Version: 5.6.14 Version: 5.6.14.1 Version: 5.7.1.1 Version: 5.7.1 Version: 5.7.2 Version: 5.7.2.1 Version: 5.7.3 Version: 5.7.4 Version: 5.7.5 Version: 5.7.5.1 Version: 5.7.6 Version: 5.7.6.2 Version: 5.7.8 Version: 5.7.10 Version: 5.7.10.2 Version: 5.7.11 Version: 5.7.13 Version: 5.7.14 Version: 5.7.9 Version: 5.7.9.1 Version: 5.8.1 Version: 5.8.2 Version: 5.8.2.1 Version: 5.8.5 Version: 5.8.10 Version: 5.8.11 Version: 5.8.9 Version: 6.1 Version: 6.2 Version: 6.0.1.1 Version: 6.0.10 Version: 6.0.5 Version: 6.0.8 Version: 6.1.2.1 Version: 6.1.5 Version: 6.1.6 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-20369", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-05-24T15:29:07.120761Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:40:17.553Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T21:59:42.814Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cisco-sa-nso-ordir-MNM8YqzO", tags: [ "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-ordir-MNM8YqzO", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Cisco Network Services Orchestrator", vendor: "Cisco", versions: [ { status: "affected", version: "5.4", }, { status: "affected", version: "5.5", }, { status: "affected", version: "5.6", }, { status: "affected", version: "5.7", }, { status: "affected", version: "5.8", }, { status: "affected", version: "5.1.1.1", }, { status: "affected", version: "5.1.1.3", }, { status: "affected", version: "5.1.2", }, { status: "affected", version: "5.2.0.4", }, { status: "affected", version: "5.2.1", }, { status: "affected", version: "5.2.1.1", }, { status: "affected", version: "5.2.3.2", }, { status: "affected", version: "5.3.1", }, { status: "affected", version: "5.3.4.3", }, { status: "affected", version: "5.4.0.1", }, { status: "affected", version: "5.4.1", }, { status: "affected", version: "5.4.1.1", }, { status: "affected", version: "5.4.2", }, { status: "affected", version: "5.4.3.1", }, { status: "affected", version: "5.4.4.1", }, { status: "affected", version: "5.4.4", }, { status: "affected", version: "5.4.4.3", }, { status: "affected", version: "5.4.3.3", }, { status: "affected", version: "5.4.5.1", }, { status: "affected", version: "5.4.5.2", }, { status: "affected", version: "5.4.5", }, { status: "affected", version: "5.4.6", }, { status: "affected", version: "5.4.7", }, { status: "affected", version: "5.4.7.1", }, { status: "affected", version: "5.5.1", }, { status: "affected", version: "5.5.2", }, { status: "affected", version: "5.5.2.1", }, { status: "affected", version: "5.5.2.3", }, { status: "affected", version: "5.5.2.4", }, { status: "affected", version: "5.5.2.9", }, { status: "affected", version: "5.5.2.10", }, { status: "affected", version: "5.5.3", }, { status: "affected", version: "5.5.2.7", }, { status: "affected", version: "5.5.2.12", }, { status: "affected", version: "5.5.4.1", }, { status: "affected", version: "5.5.3.1", }, { status: "affected", version: "5.5.5", }, { status: "affected", version: "5.5.6", }, { status: "affected", version: "5.5.7", }, { status: "affected", version: "5.5.8", }, { status: "affected", version: "5.6.1", }, { status: "affected", version: "5.6.3", }, { status: "affected", version: "5.6.2", }, { status: "affected", version: "5.6.5", }, { status: "affected", version: "5.6.6", }, { status: "affected", version: "5.6.6.1", }, { status: "affected", version: "5.6.7", }, { status: "affected", version: "5.6.7.1", }, { status: "affected", version: "5.6.8", }, { status: "affected", version: "5.6.8.1", }, { status: "affected", version: "5.6.11", }, { status: "affected", version: "5.6.13", }, { status: "affected", version: "5.6.14", }, { status: "affected", version: "5.6.14.1", }, { status: "affected", version: "5.7.1.1", }, { status: "affected", version: "5.7.1", }, { status: "affected", version: "5.7.2", }, { status: "affected", version: "5.7.2.1", }, { status: "affected", version: "5.7.3", }, { status: "affected", version: "5.7.4", }, { status: "affected", version: "5.7.5", }, { status: "affected", version: "5.7.5.1", }, { status: "affected", version: "5.7.6", }, { status: "affected", version: "5.7.6.2", }, { status: "affected", version: "5.7.8", }, { status: "affected", version: "5.7.10", }, { status: "affected", version: "5.7.10.2", }, { status: "affected", version: "5.7.11", }, { status: "affected", version: "5.7.13", }, { status: "affected", version: "5.7.14", }, { status: "affected", version: "5.7.9", }, { status: "affected", version: "5.7.9.1", }, { status: "affected", version: "5.8.1", }, { status: "affected", version: "5.8.2", }, { status: "affected", version: "5.8.2.1", }, { status: "affected", version: "5.8.5", }, { status: "affected", version: "5.8.10", }, { status: "affected", version: "5.8.11", }, { status: "affected", version: "5.8.9", }, { status: "affected", version: "6.1", }, { status: "affected", version: "6.2", }, { status: "affected", version: "6.0.1.1", }, { status: "affected", version: "6.0.10", }, { status: "affected", version: "6.0.5", }, { status: "affected", version: "6.0.8", }, { status: "affected", version: "6.1.2.1", }, { status: "affected", version: "6.1.5", }, { status: "affected", version: "6.1.6", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Crosswork Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.\r\n\r\n\r This vulnerability is due to improper input validation of a parameter in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-601", description: "URL Redirection to Untrusted Site ('Open Redirect')", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-15T17:23:34.938Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-nso-ordir-MNM8YqzO", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-ordir-MNM8YqzO", }, ], source: { advisory: "cisco-sa-nso-ordir-MNM8YqzO", defects: [ "CSCwi31723", ], discovery: "EXTERNAL", }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2024-20369", datePublished: "2024-05-15T17:23:34.938Z", dateReserved: "2023-11-08T15:08:07.653Z", dateUpdated: "2024-08-01T21:59:42.814Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-0463 (GCVE-0-2018-0463)
Vulnerability from cvelistv5
Published
2018-10-05 14:00
Modified
2024-11-26 14:39
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Network Plug and Play server component of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to gain unauthorized access to configuration data that is stored on an affected NSO system. The vulnerability exists because the Network Plug and Play component performs incomplete validation when configured to use secure unique device identifiers (SUDI) for authentication. An attacker who controls a Cisco device that supports SUDI authentication and has connectivity to an affected NSO system could exploit this vulnerability. The attacker would need to leverage information about the devices that are being registered on the NSO server to send crafted Cisco Network Plug and Play authentication packets to an affected system. A successful exploit could allow the attacker to gain unauthorized access to configuration data for devices that will be managed by the NSO system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-nso-infodis | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Network Services Orchestrator |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:28:11.047Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20180905 Cisco Network Services Orchestrator Network Plug and Play Information Disclosure Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-nso-infodis", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0463", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-25T18:53:26.786615Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-26T14:39:29.333Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Network Services Orchestrator", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-09-05T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Network Plug and Play server component of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to gain unauthorized access to configuration data that is stored on an affected NSO system. The vulnerability exists because the Network Plug and Play component performs incomplete validation when configured to use secure unique device identifiers (SUDI) for authentication. An attacker who controls a Cisco device that supports SUDI authentication and has connectivity to an affected NSO system could exploit this vulnerability. The attacker would need to leverage information about the devices that are being registered on the NSO server to send crafted Cisco Network Plug and Play authentication packets to an affected system. A successful exploit could allow the attacker to gain unauthorized access to configuration data for devices that will be managed by the NSO system.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-05T13:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20180905 Cisco Network Services Orchestrator Network Plug and Play Information Disclosure Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-nso-infodis", }, ], source: { advisory: "cisco-sa-20180905-nso-infodis", defect: [ [ "CSCvj50567", "CSCvk74975", ], ], discovery: "UNKNOWN", }, title: "Cisco Network Services Orchestrator Network Plug and Play Information Disclosure Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2018-09-05T16:00:00-0500", ID: "CVE-2018-0463", STATE: "PUBLIC", TITLE: "Cisco Network Services Orchestrator Network Plug and Play Information Disclosure Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Network Services Orchestrator", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Network Plug and Play server component of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to gain unauthorized access to configuration data that is stored on an affected NSO system. The vulnerability exists because the Network Plug and Play component performs incomplete validation when configured to use secure unique device identifiers (SUDI) for authentication. An attacker who controls a Cisco device that supports SUDI authentication and has connectivity to an affected NSO system could exploit this vulnerability. The attacker would need to leverage information about the devices that are being registered on the NSO server to send crafted Cisco Network Plug and Play authentication packets to an affected system. A successful exploit could allow the attacker to gain unauthorized access to configuration data for devices that will be managed by the NSO system.", }, ], }, impact: { cvss: { baseScore: "5.9", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264", }, ], }, ], }, references: { reference_data: [ { name: "20180905 Cisco Network Services Orchestrator Network Plug and Play Information Disclosure Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-nso-infodis", }, ], }, source: { advisory: "cisco-sa-20180905-nso-infodis", defect: [ [ "CSCvj50567", "CSCvk74975", ], ], discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0463", datePublished: "2018-10-05T14:00:00Z", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-26T14:39:29.333Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-20366 (GCVE-0-2024-20366)
Vulnerability from cvelistv5
Published
2024-05-15 17:25
Modified
2024-08-01 21:59
Severity ?
EPSS score ?
Summary
A vulnerability in the Tail-f High Availability Cluster Communications (HCC) function pack of Cisco Crosswork Network Services Orchestrator (NSO) could allow an authenticated, local attacker to elevate privileges to root on an affected device.
This vulnerability exists because a user-controlled search path is used to locate executable files. An attacker could exploit this vulnerability by configuring the application in a way that causes a malicious file to be executed. A successful exploit could allow the attacker to execute arbitrary code on an affected device as the root user. To exploit this vulnerability, the attacker would need valid credentials on an affected device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Network Services Orchestrator |
Version: 5.4 Version: 5.5 Version: 5.6 Version: 5.7 Version: 5.8 Version: 5.1.1.1 Version: 5.1.1.3 Version: 5.1.2 Version: 5.2.0.3 Version: 5.2.0.4 Version: 5.2.1 Version: 5.2.1.1 Version: 5.2.3.2 Version: 5.3.1 Version: 5.3.4.3 Version: 5.4.0.1 Version: 5.4.0.2 Version: 5.4.1 Version: 5.4.1.1 Version: 5.4.2 Version: 5.4.3 Version: 5.4.3.1 Version: 5.4.3.2 Version: 5.4.4.1 Version: 5.4.4 Version: 5.4.4.3 Version: 5.4.3.4 Version: 5.4.4.2 Version: 5.4.3.3 Version: 5.4.5.1 Version: 5.4.2.1 Version: 5.4.5.2 Version: 5.4.5 Version: 5.4.2.2 Version: 5.4.6 Version: 5.4.7 Version: 5.4.7.1 Version: 5.5.1 Version: 5.5.2 Version: 5.5.2.1 Version: 5.5.2.2 Version: 5.5.2.5 Version: 5.5.2.3 Version: 5.5.2.4 Version: 5.5.2.9 Version: 5.5.2.10 Version: 5.5.3 Version: 5.5.2.11 Version: 5.5.2.6 Version: 5.5.2.7 Version: 5.5.2.8 Version: 5.5.2.12 Version: 5.5.4 Version: 5.5.4.1 Version: 5.5.3.1 Version: 5.5.5 Version: 5.5.6 Version: 5.5.6.1 Version: 5.5.7 Version: 5.5.8 Version: 5.5.10 Version: 5.5.9 Version: 5.6.1 Version: 5.6.3 Version: 5.6.3.1 Version: 5.6.2 Version: 5.6.4 Version: 5.6.5 Version: 5.6.6 Version: 5.6.6.1 Version: 5.6.7 Version: 5.6.7.1 Version: 5.6.7.2 Version: 5.6.8 Version: 5.6.8.1 Version: 5.6.9 Version: 5.6.10 Version: 5.6.11 Version: 5.6.12 Version: 5.6.13 Version: 5.6.14 Version: 5.6.14.1 Version: 5.7.1.1 Version: 5.7.1 Version: 5.7.2 Version: 5.7.2.1 Version: 5.7.3 Version: 5.7.4 Version: 5.7.5 Version: 5.7.5.1 Version: 5.7.6 Version: 5.7.6.1 Version: 5.7.6.2 Version: 5.7.7 Version: 5.7.8 Version: 5.7.10 Version: 5.7.10.1 Version: 5.7.10.2 Version: 5.7.11 Version: 5.7.12 Version: 5.7.13 Version: 5.7.14 Version: 5.7.15.1 Version: 5.7.6.3 Version: 5.7.8.1 Version: 5.7.9 Version: 5.7.9.1 Version: 5.8.1 Version: 5.8.2 Version: 5.8.2.1 Version: 5.8.3 Version: 5.8.4 Version: 5.8.5 Version: 5.8.10 Version: 5.8.11 Version: 5.8.12 Version: 5.8.6 Version: 5.8.7 Version: 5.8.8 Version: 5.8.9 Version: 6.0 Version: 6.1 Version: 6.2 Version: 6.0.1 Version: 6.0.1.1 Version: 6.0.10 Version: 6.0.11 Version: 6.0.2 Version: 6.0.3 Version: 6.0.4 Version: 6.0.5 Version: 6.0.6 Version: 6.0.7 Version: 6.0.8 Version: 6.0.9 Version: 6.1.1 Version: 6.1.2 Version: 6.1.2.1 Version: 6.1.3 Version: 6.1.3.1 Version: 6.1.3.2 Version: 6.1.4 Version: 6.1.5 Version: 6.1.6 Version: 6.1.6.1 Version: 6.1.7 Version: 6.1.7.1 Version: 6.2.2 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:cisco:network_services_orchestrator:5.1.1.1:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "network_services_orchestrator", vendor: "cisco", versions: [ { lessThanOrEqual: "6.2.2", status: "affected", version: "5.1.1.1", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-20366", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-05-15T18:43:57.383617Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:40:26.335Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T21:59:42.835Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cisco-sa-nso-hcc-priv-esc-OWBWCs5D", tags: [ "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-hcc-priv-esc-OWBWCs5D", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Cisco Network Services Orchestrator", vendor: "Cisco", versions: [ { status: "affected", version: "5.4", }, { status: "affected", version: "5.5", }, { status: "affected", version: "5.6", }, { status: "affected", version: "5.7", }, { status: "affected", version: "5.8", }, { status: "affected", version: "5.1.1.1", }, { status: "affected", version: "5.1.1.3", }, { status: "affected", version: "5.1.2", }, { status: "affected", version: "5.2.0.3", }, { status: "affected", version: "5.2.0.4", }, { status: "affected", version: "5.2.1", }, { status: "affected", version: "5.2.1.1", }, { status: "affected", version: "5.2.3.2", }, { status: "affected", version: "5.3.1", }, { status: "affected", version: "5.3.4.3", }, { status: "affected", version: "5.4.0.1", }, { status: "affected", version: "5.4.0.2", }, { status: "affected", version: "5.4.1", }, { status: "affected", version: "5.4.1.1", }, { status: "affected", version: "5.4.2", }, { status: "affected", version: "5.4.3", }, { status: "affected", version: "5.4.3.1", }, { status: "affected", version: "5.4.3.2", }, { status: "affected", version: "5.4.4.1", }, { status: "affected", version: "5.4.4", }, { status: "affected", version: "5.4.4.3", }, { status: "affected", version: "5.4.3.4", }, { status: "affected", version: "5.4.4.2", }, { status: "affected", version: "5.4.3.3", }, { status: "affected", version: "5.4.5.1", }, { status: "affected", version: "5.4.2.1", }, { status: "affected", version: "5.4.5.2", }, { status: "affected", version: "5.4.5", }, { status: "affected", version: "5.4.2.2", }, { status: "affected", version: "5.4.6", }, { status: "affected", version: "5.4.7", }, { status: "affected", version: "5.4.7.1", }, { status: "affected", version: "5.5.1", }, { status: "affected", version: "5.5.2", }, { status: "affected", version: "5.5.2.1", }, { status: "affected", version: "5.5.2.2", }, { status: "affected", version: "5.5.2.5", }, { status: "affected", version: "5.5.2.3", }, { status: "affected", version: "5.5.2.4", }, { status: "affected", version: "5.5.2.9", }, { status: "affected", version: "5.5.2.10", }, { status: "affected", version: "5.5.3", }, { status: "affected", version: "5.5.2.11", }, { status: "affected", version: "5.5.2.6", }, { status: "affected", version: "5.5.2.7", }, { status: "affected", version: "5.5.2.8", }, { status: "affected", version: "5.5.2.12", }, { status: "affected", version: "5.5.4", }, { status: "affected", version: "5.5.4.1", }, { status: "affected", version: "5.5.3.1", }, { status: "affected", version: "5.5.5", }, { status: "affected", version: "5.5.6", }, { status: "affected", version: "5.5.6.1", }, { status: "affected", version: "5.5.7", }, { status: "affected", version: "5.5.8", }, { status: "affected", version: "5.5.10", }, { status: "affected", version: "5.5.9", }, { status: "affected", version: "5.6.1", }, { status: "affected", version: "5.6.3", }, { status: "affected", version: "5.6.3.1", }, { status: "affected", version: "5.6.2", }, { status: "affected", version: "5.6.4", }, { status: "affected", version: "5.6.5", }, { status: "affected", version: "5.6.6", }, { status: "affected", version: "5.6.6.1", }, { status: "affected", version: "5.6.7", }, { status: "affected", version: "5.6.7.1", }, { status: "affected", version: "5.6.7.2", }, { status: "affected", version: "5.6.8", }, { status: "affected", version: "5.6.8.1", }, { status: "affected", version: "5.6.9", }, { status: "affected", version: "5.6.10", }, { status: "affected", version: "5.6.11", }, { status: "affected", version: "5.6.12", }, { status: "affected", version: "5.6.13", }, { status: "affected", version: "5.6.14", }, { status: "affected", version: "5.6.14.1", }, { status: "affected", version: "5.7.1.1", }, { status: "affected", version: "5.7.1", }, { status: "affected", version: "5.7.2", }, { status: "affected", version: "5.7.2.1", }, { status: "affected", version: "5.7.3", }, { status: "affected", version: "5.7.4", }, { status: "affected", version: "5.7.5", }, { status: "affected", version: "5.7.5.1", }, { status: "affected", version: "5.7.6", }, { status: "affected", version: "5.7.6.1", }, { status: "affected", version: "5.7.6.2", }, { status: "affected", version: "5.7.7", }, { status: "affected", version: "5.7.8", }, { status: "affected", version: "5.7.10", }, { status: "affected", version: "5.7.10.1", }, { status: "affected", version: "5.7.10.2", }, { status: "affected", version: "5.7.11", }, { status: "affected", version: "5.7.12", }, { status: "affected", version: "5.7.13", }, { status: "affected", version: "5.7.14", }, { status: "affected", version: "5.7.15.1", }, { status: "affected", version: "5.7.6.3", }, { status: "affected", version: "5.7.8.1", }, { status: "affected", version: "5.7.9", }, { status: "affected", version: "5.7.9.1", }, { status: "affected", version: "5.8.1", }, { status: "affected", version: "5.8.2", }, { status: "affected", version: "5.8.2.1", }, { status: "affected", version: "5.8.3", }, { status: "affected", version: "5.8.4", }, { status: "affected", version: "5.8.5", }, { status: "affected", version: "5.8.10", }, { status: "affected", version: "5.8.11", }, { status: "affected", version: "5.8.12", }, { status: "affected", version: "5.8.6", }, { status: "affected", version: "5.8.7", }, { status: "affected", version: "5.8.8", }, { status: "affected", version: "5.8.9", }, { status: "affected", version: "6.0", }, { status: "affected", version: "6.1", }, { status: "affected", version: "6.2", }, { status: "affected", version: "6.0.1", }, { status: "affected", version: "6.0.1.1", }, { status: "affected", version: "6.0.10", }, { status: "affected", version: "6.0.11", }, { status: "affected", version: "6.0.2", }, { status: "affected", version: "6.0.3", }, { status: "affected", version: "6.0.4", }, { status: "affected", version: "6.0.5", }, { status: "affected", version: "6.0.6", }, { status: "affected", version: "6.0.7", }, { status: "affected", version: "6.0.8", }, { status: "affected", version: "6.0.9", }, { status: "affected", version: "6.1.1", }, { status: "affected", version: "6.1.2", }, { status: "affected", version: "6.1.2.1", }, { status: "affected", version: "6.1.3", }, { status: "affected", version: "6.1.3.1", }, { status: "affected", version: "6.1.3.2", }, { status: "affected", version: "6.1.4", }, { status: "affected", version: "6.1.5", }, { status: "affected", version: "6.1.6", }, { status: "affected", version: "6.1.6.1", }, { status: "affected", version: "6.1.7", }, { status: "affected", version: "6.1.7.1", }, { status: "affected", version: "6.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the Tail-f High Availability Cluster Communications (HCC) function pack of Cisco Crosswork Network Services Orchestrator (NSO) could allow an authenticated, local attacker to elevate privileges to root on an affected device.\r\n\r This vulnerability exists because a user-controlled search path is used to locate executable files. An attacker could exploit this vulnerability by configuring the application in a way that causes a malicious file to be executed. A successful exploit could allow the attacker to execute arbitrary code on an affected device as the root user. To exploit this vulnerability, the attacker would need valid credentials on an affected device.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-73", description: "External Control of File Name or Path", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-15T17:25:09.258Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-nso-hcc-priv-esc-OWBWCs5D", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-hcc-priv-esc-OWBWCs5D", }, ], source: { advisory: "cisco-sa-nso-hcc-priv-esc-OWBWCs5D", defects: [ "CSCwi92920", ], discovery: "EXTERNAL", }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2024-20366", datePublished: "2024-05-15T17:25:09.258Z", dateReserved: "2023-11-08T15:08:07.652Z", dateUpdated: "2024-08-01T21:59:42.835Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2023-20040 (GCVE-0-2023-20040)
Vulnerability from cvelistv5
Published
2023-01-19 01:37
Modified
2024-08-02 08:57
Severity ?
EPSS score ?
Summary
A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to cause a denial of service (DoS) on an affected system that is running as the root user. To exploit this vulnerability, the attacker must be a member of the admin group.
This vulnerability exists because user-supplied input is not properly validated when NETCONF is used to upload packages to an affected device. An attacker could exploit this vulnerability by uploading a specially crafted package file. A successful exploit could allow the attacker to write crafted files to arbitrary locations on the filesystem or delete arbitrary files from the filesystem of an affected device, resulting in a DoS condition.
Note: By default, during install, Cisco NSO will be set up to run as the root user unless the --run-as-user option is used.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Network Services Orchestrator |
Version: 4.7.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.576Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cisco-sa-nso-path-trvsl-zjBeMkZg", tags: [ "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-path-trvsl-zjBeMkZg", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Cisco Network Services Orchestrator", vendor: "Cisco", versions: [ { status: "affected", version: "4.7.3", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to cause a denial of service (DoS) on an affected system that is running as the root user. To exploit this vulnerability, the attacker must be a member of the admin group.\r\n\r This vulnerability exists because user-supplied input is not properly validated when NETCONF is used to upload packages to an affected device. An attacker could exploit this vulnerability by uploading a specially crafted package file. A successful exploit could allow the attacker to write crafted files to arbitrary locations on the filesystem or delete arbitrary files from the filesystem of an affected device, resulting in a DoS condition. \r\n\r Note: By default, during install, Cisco NSO will be set up to run as the root user unless the --run-as-user option is used.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-23", description: "Relative Path Traversal", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-25T16:57:36.087Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-nso-path-trvsl-zjBeMkZg", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-path-trvsl-zjBeMkZg", }, ], source: { advisory: "cisco-sa-nso-path-trvsl-zjBeMkZg", defects: [ "CSCwb11065", ], discovery: "INTERNAL", }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20040", datePublished: "2023-01-19T01:37:34.592Z", dateReserved: "2022-10-27T18:47:50.316Z", dateUpdated: "2024-08-02T08:57:35.576Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2018-06-07 12:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting malicious arguments into vulnerable commands. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected system. This vulnerability affects the following releases of Cisco Network Services Orchestrator (NSO): 4.1 through 4.1.6.0, 4.2 through 4.2.4.0, 4.3 through 4.3.3.0, 4.4 through 4.4.2.0. Cisco Bug IDs: CSCvf99982.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/104449 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-nso | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104449 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-nso | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | network_services_orchestrator | * | |
| cisco | network_services_orchestrator | * | |
| cisco | network_services_orchestrator | * | |
| cisco | network_services_orchestrator | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "494774C5-C031-4F0C-BE18-C434E722F1EE", versionEndIncluding: "4.1.6.0", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "504C4F49-BF41-4D8B-9593-E70BC760176E", versionEndIncluding: "4.2.4.0", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "2294CC50-7D2E-4090-B34C-440B95ECAEBD", versionEndIncluding: "4.3.3.0", versionStartIncluding: "4.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "CA1BD2B7-EA58-492E-8EF7-573567B07D93", versionEndIncluding: "4.4.2.0", versionStartIncluding: "4.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting malicious arguments into vulnerable commands. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected system. This vulnerability affects the following releases of Cisco Network Services Orchestrator (NSO): 4.1 through 4.1.6.0, 4.2 through 4.2.4.0, 4.3 through 4.3.3.0, 4.4 through 4.4.2.0. Cisco Bug IDs: CSCvf99982.", }, { lang: "es", value: "Una vulnerabilidad en el analizador de la interfaz de línea de comandos de Cisco Network Services Orchestrator (NSO) podría permitir que un atacante remoto autenticado ejecute comandos shell arbitrarios con los privilegios del usuario root. Esta vulnerabilidad se debe a una validación de entradas insuficiente. Un atacante podría explotar esta vulnerabilidad inyectando argumentos maliciosos en comandos vulnerables. Su explotación con éxito podría permitir que el atacante ejecute comandos arbitrarios con privilegios root en el sistema afectado. Esta vulnerabilidad afecta a los siguientes lanzamientos de Cisco Network Services Orchestrator (NSO): 4.1 hasta 4.1.6.0, 4.2 hasta 4.2.4.0, 4.3 hasta 4.3.3.0 y 4.4 hasta 4.4.2.0. Cisco Bug IDs: CSCvf99982.", }, ], id: "CVE-2018-0274", lastModified: "2024-11-21T03:37:52.380", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-07T12:29:00.340", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/104449", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-nso", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/104449", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-nso", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-05-15 18:15
Modified
2025-03-25 17:44
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A vulnerability in the web-based management interface of Cisco Crosswork Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
This vulnerability is due to improper input validation of a parameter in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "1FCBFE4C-7560-457B-990F-98D3939A9575", versionEndExcluding: "5.5.10.1", versionStartIncluding: "5.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "86380E26-8939-4782-BA7B-962C7FEF1C1F", versionEndExcluding: "5.6.14.3", versionStartIncluding: "5.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "75A785D3-A3BA-4022-AC8E-0D34C1F791D2", versionEndExcluding: "5.7.15", versionStartIncluding: "5.7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "1E96C596-A01A-4FE8-BB16-EA00EC0BA55B", versionEndExcluding: "5.8.13.1", versionStartIncluding: "5.8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "2C3C5673-387F-4BE9-8576-EDF4C4E2FCF1", versionEndExcluding: "6.0.12", versionStartIncluding: "6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "13218AE8-C311-4F8A-B77D-20F396BA82CE", versionEndExcluding: "6.1.7", versionStartIncluding: "6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "415A6033-3676-4F49-A566-06ACF80E52F5", versionEndExcluding: "6.2.2", versionStartIncluding: "6.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Crosswork Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.\r\n\r\n\r This vulnerability is due to improper input validation of a parameter in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz de administración basada en web de Cisco Crosswork Network Services Orchestrator (NSO) podría permitir que un atacante remoto no autenticado redirija a un usuario a una página web maliciosa. Esta vulnerabilidad se debe a una validación de entrada incorrecta de un parámetro en una solicitud HTTP. Un atacante podría aprovechar esta vulnerabilidad persuadiendo a un usuario para que haga clic en un enlace manipulado. Un exploit exitoso podría permitir al atacante redirigir a un usuario a un sitio web malicioso.", }, ], id: "CVE-2024-20369", lastModified: "2025-03-25T17:44:05.317", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-05-15T18:15:09.673", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-ordir-MNM8YqzO", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-ordir-MNM8YqzO", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-601", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-601", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-20 07:15
Modified
2024-11-21 07:40
Severity ?
5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Summary
A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to cause a denial of service (DoS) on an affected system that is running as the root user. To exploit this vulnerability, the attacker must be a member of the admin group.
This vulnerability exists because user-supplied input is not properly validated when NETCONF is used to upload packages to an affected device. An attacker could exploit this vulnerability by uploading a specially crafted package file. A successful exploit could allow the attacker to write crafted files to arbitrary locations on the filesystem or delete arbitrary files from the filesystem of an affected device, resulting in a DoS condition.
Note: By default, during install, Cisco NSO will be set up to run as the root user unless the --run-as-user option is used.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | network_services_orchestrator | * | |
| cisco | network_services_orchestrator | * | |
| cisco | network_services_orchestrator | * | |
| cisco | network_services_orchestrator | * | |
| cisco | network_services_orchestrator | 5.8 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "C4BE422F-6650-403F-A560-EBA884C15FAF", versionEndExcluding: "5.4.7", versionStartIncluding: "3.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "DB986CDE-4BCD-4A2D-99DB-BE900BA7F58C", versionEndExcluding: "5.5.6", versionStartIncluding: "5.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "C5ABFC42-5078-4C13-A912-A83C96E72D05", versionEndExcluding: "5.6.7", versionStartIncluding: "5.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "93EC0F10-628A-42D7-BC3D-4110FB6F9D53", versionEndExcluding: "5.7.4", versionStartIncluding: "5.7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8:*:*:*:*:*:*:*", matchCriteriaId: "DAF61782-327C-4318-A4D1-DCB18CD835B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to cause a denial of service (DoS) on an affected system that is running as the root user. To exploit this vulnerability, the attacker must be a member of the admin group.\r\n\r This vulnerability exists because user-supplied input is not properly validated when NETCONF is used to upload packages to an affected device. An attacker could exploit this vulnerability by uploading a specially crafted package file. A successful exploit could allow the attacker to write crafted files to arbitrary locations on the filesystem or delete arbitrary files from the filesystem of an affected device, resulting in a DoS condition. \r\n\r Note: By default, during install, Cisco NSO will be set up to run as the root user unless the --run-as-user option is used.", }, { lang: "es", value: "Una vulnerabilidad en el servicio NETCONF de Cisco Network Services Orchestrator (NSO) podría permitir que un atacante remoto autenticado provoque una denegación de servicio (DoS) en un sistema afectado que se ejecuta como usuario raíz. Para aprovechar esta vulnerabilidad, el atacante debe ser miembro del grupo de administración. Esta vulnerabilidad existe porque la entrada proporcionada por el usuario no se valida correctamente cuando se utiliza NETCONF para cargar paquetes en un dispositivo afectado. Un atacante podría aprovechar esta vulnerabilidad cargando un archivo de paquete especialmente manipulado. Un exploit exitoso podría permitir al atacante escribir archivos manipulados en ubicaciones arbitrarias del sistema de archivos o eliminar archivos arbitrarios del sistema de archivos de un dispositivo afectado, lo que resultaría en una condición DoS. Nota: De forma predeterminada, durante la instalación, Cisco NSO se configurará para ejecutarse como usuario raíz a menos que se utilice la opción --run-as-user.", }, ], id: "CVE-2023-20040", lastModified: "2024-11-21T07:40:24.957", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 4.2, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-20T07:15:15.793", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-path-trvsl-zjBeMkZg", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-path-trvsl-zjBeMkZg", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-23", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-434", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the CLI of Cisco Network Services Orchestrator (NSO) could allow an authenticated, local attacker to access confidential information on an affected device. The vulnerability is due to a timing issue in the processing of CLI commands. An attacker could exploit this vulnerability by executing a specific sequence of commands on the CLI. A successful exploit could allow the attacker to read configuration information that would normally be accessible to administrators only.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | network_services_orchestrator | * | |
| cisco | network_services_orchestrator | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "EBCE3A91-9C74-4B30-9559-6DEBB45F3E5A", versionEndExcluding: "4.7.7.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "41099C1F-E26C-4B42-8F51-4B6727D54246", versionEndExcluding: "5.1.4.2", versionStartIncluding: "5.1.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco Network Services Orchestrator (NSO) could allow an authenticated, local attacker to access confidential information on an affected device. The vulnerability is due to a timing issue in the processing of CLI commands. An attacker could exploit this vulnerability by executing a specific sequence of commands on the CLI. A successful exploit could allow the attacker to read configuration information that would normally be accessible to administrators only.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de Cisco Network Services Orchestrator (NSO), podría permitir a un atacante local autenticado acceder a información confidencial sobre un dispositivo afectado. La vulnerabilidad es debido a un problema de sincronización en el procesamiento de los comandos de la CLI. Un atacante podría explotar esta vulnerabilidad al ejecutar una secuencia específica de comandos en la CLI. Una explotación con éxito podría permitir al atacante leer la información de configuración que normalmente sería accesible solo para administradores", }, ], id: "CVE-2020-3362", lastModified: "2024-11-21T05:30:52.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1, impactScore: 3.6, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:14.607", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-info-disclosure-WdNvBTNq", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-info-disclosure-WdNvBTNq", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-10 10:15
Modified
2025-04-03 20:53
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
References
Impacted products
{ cisaActionDue: "2021-12-24", cisaExploitAdd: "2021-12-10", cisaRequiredAction: "For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.", cisaVulnerabilityName: "Apache Log4j2 Remote Code Execution Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:6bk1602-0aa12-0tp0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BD64FC36-CC7B-4FD7-9845-7EA1DDB0E627", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:6bk1602-0aa12-0tp0:-:*:*:*:*:*:*:*", matchCriteriaId: "CF99FE8F-40D0-48A8-9A40-43119B259535", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:6bk1602-0aa22-0tp0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0012304-B1C8-460A-B891-42EBF96504F5", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:6bk1602-0aa22-0tp0:-:*:*:*:*:*:*:*", matchCriteriaId: "F3F61BCB-64FA-463C-8B95-8868995EDBC0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:6bk1602-0aa32-0tp0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B02BCF56-D9D3-4BF3-85A2-D445E997F5EC", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:6bk1602-0aa32-0tp0:-:*:*:*:*:*:*:*", matchCriteriaId: "B5A189B7-DDBF-4B84-997F-637CEC5FF12B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:6bk1602-0aa42-0tp0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A2DB5BA-1065-467A-8FB6-81B5EC29DC0C", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:6bk1602-0aa42-0tp0:-:*:*:*:*:*:*:*", matchCriteriaId: "035AFD6F-E560-43C8-A283-8D80DAA33025", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:6bk1602-0aa52-0tp0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "809EB87E-561A-4DE5-9FF3-BBEE0FA3706E", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:6bk1602-0aa52-0tp0:-:*:*:*:*:*:*:*", matchCriteriaId: "4594FF76-A1F8-4457-AE90-07D051CD0DCB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", matchCriteriaId: "03FA5E81-F9C0-403E-8A4B-E4284E4E7B72", versionEndExcluding: "2.3.1", versionStartIncluding: "2.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", matchCriteriaId: "AED3D5EC-DAD5-4E5F-8BBD-B4E3349D84FC", versionEndExcluding: "2.12.2", versionStartIncluding: "2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", matchCriteriaId: "D31D423D-FC4D-428A-B863-55AF472B80DC", versionEndExcluding: "2.15.0", versionStartIncluding: "2.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*", matchCriteriaId: "17854E42-7063-4A55-BF2A-4C7074CC2D60", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*", matchCriteriaId: "53F32FB2-6970-4975-8BD0-EAE12E9AD03A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*", matchCriteriaId: "B773ED91-1D39-42E6-9C52-D02210DE1A94", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*", matchCriteriaId: "EF24312D-1A62-482E-8078-7EC24758B710", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E8320869-CBF4-4C92-885C-560C09855BFA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:*", matchCriteriaId: "755BA221-33DD-40A2-A517-8574D042C261", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:capital:*:*:*:*:*:*:*:*", matchCriteriaId: "9AAF12D5-7961-4344-B0CC-BE1C673BFE1F", versionEndExcluding: "2019.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:capital:2019.1:-:*:*:*:*:*:*", matchCriteriaId: "19CB7B44-1877-4739-AECB-3E995ED03FC9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:capital:2019.1:sp1912:*:*:*:*:*:*", matchCriteriaId: "A883D9C2-F2A4-459F-8000-EE288DC0DD17", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:*", matchCriteriaId: "9CD4AC6F-B8D3-4588-B3BD-55C9BAF4AAAC", versionEndExcluding: "10.4.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:3.0:*:*:*:*:*:*:*", matchCriteriaId: "8AFD64AC-0826-48FB-91B0-B8DF5ECC8775", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.0:*:*:*:*:*:*:*", matchCriteriaId: "BB524B33-68E7-46A2-B5CE-BCD9C3194B8B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.1:*:*:*:*:*:*:*", matchCriteriaId: "5F852C6D-44A0-4CCE-83C7-4501CAD73F9F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.2:*:*:*:*:*:*:*", matchCriteriaId: "AA61161C-C2E7-4852-963E-E2D3DFBFDC7B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.0:*:*:*:*:*:*:*", matchCriteriaId: "A76AA04A-BB43-4027-895E-D1EACFCDF41B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.1:*:*:*:*:*:*:*", matchCriteriaId: "2A6B60F3-327B-49B7-B5E4-F1C60896C9BB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_info_center:5.0:*:*:*:*:*:*:*", matchCriteriaId: "4BCF281E-B0A2-49E2-AEF8-8691BDCE08D5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_info_center:5.1:*:*:*:*:*:*:*", matchCriteriaId: "A87EFCC4-4BC1-4FEA-BAA4-8FF221838EBD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:e-car_operation_center:*:*:*:*:*:*:*:*", matchCriteriaId: "B678380B-E95E-4A8B-A49D-D13B62AA454E", versionEndExcluding: "2021-12-13", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energy_engage:3.1:*:*:*:*:*:*:*", matchCriteriaId: "4557476B-0157-44C2-BB50-299E7C7E1E72", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip:8.5:*:*:*:*:*:*:*", matchCriteriaId: "991B2959-5AA3-4B68-A05A-42D9860FAA9D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip:8.6:*:*:*:*:*:*:*", matchCriteriaId: "7E5948A0-CA31-41DF-85B6-1E6D09E5720B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip:8.7:*:*:*:*:*:*:*", matchCriteriaId: "4C08D302-EEAC-45AA-9943-3A5F09E29FAB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip:9.0:*:*:*:*:*:*:*", matchCriteriaId: "D53BA68C-B653-4507-9A2F-177CF456960F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip_prepay:*:*:*:*:*:*:*:*", matchCriteriaId: "536C7527-27E6-41C9-8ED8-564DD0DC4EA0", versionEndExcluding: "3.8.0.12", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:gma-manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0E180527-5C36-4158-B017-5BEDC0412FD6", versionEndExcluding: "8.6.2j-398", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:head-end_system_universal_device_integration_system:*:*:*:*:*:*:*:*", matchCriteriaId: "AFDADA98-1CD0-45DA-9082-BFC383F7DB97", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:industrial_edge_management:*:*:*:*:*:*:*:*", matchCriteriaId: "E33D707F-100E-4DE7-A05B-42467DE75EAC", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:industrial_edge_management_hub:*:*:*:*:*:*:*:*", matchCriteriaId: "DD3EAC80-44BE-41D2-8D57-0EE3DBA1E1B1", versionEndExcluding: "2021-12-13", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:logo\\!_soft_comfort:*:*:*:*:*:*:*:*", matchCriteriaId: "2AC8AB52-F4F4-440D-84F5-2776BFE1957A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*", matchCriteriaId: "6AF6D774-AC8C-49CA-A00B-A2740CA8FA91", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:mindsphere:*:*:*:*:*:*:*:*", matchCriteriaId: "25FADB1B-988D-4DB9-9138-7542AFDEB672", versionEndExcluding: "2021-12-16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:navigator:*:*:*:*:*:*:*:*", matchCriteriaId: "48C6A61B-2198-4B9E-8BCF-824643C81EC3", versionEndExcluding: "2021-12-13", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:nx:*:*:*:*:*:*:*:*", matchCriteriaId: "BEE2F7A1-8281-48F1-8BFB-4FE0D7E1AEF4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*", matchCriteriaId: "C07AFA19-21AE-4C7E-AA95-69599834C0EC", versionEndExcluding: "3.5", versionStartIncluding: "3.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*", matchCriteriaId: "74D1F4AD-9A60-4432-864F-4505B3C60659", versionEndIncluding: "1.1.3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sentron_powermanager:4.1:*:*:*:*:*:*:*", matchCriteriaId: "7ABA5332-8D1E-4129-A557-FCECBAC12827", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sentron_powermanager:4.2:*:*:*:*:*:*:*", matchCriteriaId: "9C3AA865-5570-4C8B-99DE-431AD7B163F1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siguard_dsa:*:*:*:*:*:*:*:*", matchCriteriaId: "9A4B950B-4527-491B-B111-046DB1CCC037", versionEndExcluding: "4.4.1", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*", matchCriteriaId: "83E77D85-0AE8-41D6-AC0C-983A8B73C831", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*", matchCriteriaId: "02B28A44-3708-480D-9D6D-DDF8C21A15EC", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_command:*:*:*:*:*:*:*:*", matchCriteriaId: "2FC0A575-F771-4B44-A0C6-6A5FD98E5134", versionEndIncluding: "4.16.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_control_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "6D1D6B61-1F17-4008-9DFB-EF419777768E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*", matchCriteriaId: "9772EE3F-FFC5-4611-AD9A-8AD8304291BB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:*", matchCriteriaId: "CF524892-278F-4373-A8A3-02A30FA1AFF4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_vantage:*:*:*:*:*:*:*:*", matchCriteriaId: "F30DE588-9479-46AA-8346-EA433EE83A5F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_viewpoint:*:*:*:*:*:*:*:*", matchCriteriaId: "4941EAD6-8759-4C72-ABA6-259C0E838216", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:solid_edge_cam_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "5BF2708F-0BD9-41BF-8CB1-4D06C4EFB777", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:solid_edge_harness_design:*:*:*:*:*:*:*:*", matchCriteriaId: "0762031C-DFF1-4962-AE05-0778B27324B9", versionEndExcluding: "2020", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:solid_edge_harness_design:2020:*:*:*:*:*:*:*", matchCriteriaId: "96271088-1D1B-4378-8ABF-11DAB3BB4DDC", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:solid_edge_harness_design:2020:-:*:*:*:*:*:*", matchCriteriaId: "2595AD24-2DF2-4080-B780-BC03F810B9A9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:solid_edge_harness_design:2020:sp2002:*:*:*:*:*:*", matchCriteriaId: "88096F08-F261-4E3E-9EEB-2AB0225CD6F3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_4:*:*:*:*:*:*:*:*", matchCriteriaId: "044994F7-8127-4F03-AA1A-B2AB41D68AF5", versionEndExcluding: "4.70", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_4:4.70:-:*:*:*:*:*:*", matchCriteriaId: "A6CB3A8D-9577-41FB-8AC4-0DF8DE6A519C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp7:*:*:*:*:*:*", matchCriteriaId: "17B7C211-6339-4AF2-9564-94C7DE52EEB7", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp8:*:*:*:*:*:*", matchCriteriaId: "DBCCBBBA-9A4F-4354-91EE-10A1460BBA3F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_7:*:*:*:*:*:*:*:*", matchCriteriaId: "12F81F6B-E455-4367-ADA4-8A5EC7F4754A", versionEndExcluding: "2.30", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_7:2.30:*:*:*:*:*:*:*", matchCriteriaId: "A5EF509E-3799-4718-B361-EFCBA17AEEF3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_7:2.30:-:*:*:*:*:*:*", matchCriteriaId: "8CA31645-29FC-4432-9BFC-C98A808DB8CF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_7:2.30:sp2:*:*:*:*:*:*", matchCriteriaId: "BB424991-0B18-4FFC-965F-FCF4275F56C5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*", matchCriteriaId: "1B209EFE-77F2-48CD-A880-ABA0A0A81AB1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:*:*:*:*:*:*:*:*", matchCriteriaId: "72D238AB-4A1F-458D-897E-2C93DCD7BA6C", versionEndExcluding: "2019.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:2019.1:*:*:*:*:*:*:*", matchCriteriaId: "9778339A-EA93-4D18-9A03-4EB4CBD25459", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:2019.1:-:*:*:*:*:*:*", matchCriteriaId: "1747F127-AB45-4325-B9A1-F3D12E69FFC8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:2019.1:sp1912:*:*:*:*:*:*", matchCriteriaId: "18BBEF7C-F686-4129-8EE9-0F285CE38845", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:2020.1:-:*:*:*:*:*:*", matchCriteriaId: "264C7817-0CD5-4370-BC39-E1DF3E932E16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:2021.1:-:*:*:*:*:*:*", matchCriteriaId: "C7442C42-D493-46B9-BCC2-2C62EAD5B945", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:xpedition_enterprise:-:*:*:*:*:*:*:*", matchCriteriaId: "AD525494-2807-48EA-AED0-11B9CB5A6A9B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:xpedition_package_integrator:-:*:*:*:*:*:*:*", matchCriteriaId: "1EDCBF98-A857-48BC-B04D-6F36A1975AA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:computer_vision_annotation_tool:-:*:*:*:*:*:*:*", matchCriteriaId: "12A06BF8-E4DC-4389-8A91-8AC7598E0009", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:datacenter_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EAD1E1F3-F06B-4D17-8854-2CDA7E6D872D", versionEndExcluding: "5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:genomics_kernel_library:-:*:*:*:*:*:*:*", matchCriteriaId: "18989EBC-E1FB-473B-83E0-48C8896C2E96", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_sample_browser:-:*:*:*:*:eclipse:*:*", matchCriteriaId: "EDE66B6C-25E5-49AE-B35F-582130502222", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:secure_device_onboard:-:*:*:*:*:*:*:*", matchCriteriaId: "22BEE177-D117-478C-8EAD-9606DEDF9FD5", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:system_studio:-:*:*:*:*:*:*:*", matchCriteriaId: "FC619106-991C-413A-809D-C2410EBA4CDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*", matchCriteriaId: "CA7D45EF-18F7-43C6-9B51-ABAB7B0CA3CD", versionEndExcluding: "10.0.13", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*", matchCriteriaId: "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", matchCriteriaId: "B55E8D50-99B4-47EC-86F9-699B67D473CE", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:brocade_san_navigator:-:*:*:*:*:*:*:*", matchCriteriaId: "25FA7A4D-B0E2-423E-8146-E221AE2D6120", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*", matchCriteriaId: "26FCA75B-4282-4E0F-95B4-640A82C8E91C", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "197D0D80-6702-4B61-B681-AFDBA7D69067", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "CBCC384C-5DF0-41AB-B17B-6E9B6CAE8065", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "F3A48D58-4291-4D3C-9CEA-BF12183468A7", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_storage_node:-:*:*:*:*:*:*:*", matchCriteriaId: "D452B464-1200-4B72-9A89-42DC58486191", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire_enterprise_sds:-:*:*:*:*:*:*:*", matchCriteriaId: "5D18075A-E8D6-48B8-A7FA-54E336A434A2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:advanced_malware_protection_virtual_private_cloud_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "4E52AF19-0158-451B-8E36-02CB6406083F", versionEndExcluding: "3.5.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:automated_subsea_tuning:*:*:*:*:*:*:*:*", matchCriteriaId: "CB21CFB4-4492-4C5D-BD07-FFBE8B5D92B6", versionEndExcluding: "2.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:broadworks:*:*:*:*:*:*:*:*", matchCriteriaId: "97426511-9B48-46F5-AC5C-F9781F1BAE2F", versionEndExcluding: "2021.11_1.162", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*", matchCriteriaId: "82306B9F-AE97-4E29-A8F7-2E5BA52998A7", versionEndExcluding: "3.0.000.115", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*", matchCriteriaId: "4C903C85-DC0F-47D8-B8BE-7A666877B017", versionEndExcluding: "3.1.000.044", versionStartIncluding: "3.1.000.000", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*", matchCriteriaId: "E4C6F9E0-5DCE-431D-AE7E-B680AC1F9332", versionEndExcluding: "3.2.000.009", versionStartIncluding: "3.2.000.000", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloud_connect:*:*:*:*:*:*:*:*", matchCriteriaId: "52CF6199-8028-4076-952B-855984F30129", versionEndExcluding: "12.6\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter:*:*:*:*:*:*:*:*", matchCriteriaId: "622BB8D9-AC81-4C0F-A5C5-C5E51F0BC0D1", versionEndExcluding: "4.10.0.16", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_cost_optimizer:*:*:*:*:*:*:*:*", matchCriteriaId: "38FB3CE1-5F62-4798-A825-4E3DB07E868F", versionEndExcluding: "5.5.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite_admin:*:*:*:*:*:*:*:*", matchCriteriaId: "29CDB878-B085-448E-AB84-25B1E2D024F8", versionEndExcluding: "5.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_workload_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C25FDA96-9490-431F-B8B6-CC2CC272670E", versionEndExcluding: "5.5.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*", matchCriteriaId: "51CD9E4C-9385-435C-AD18-6C36C8DF7B65", versionEndExcluding: "2.9.1.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*", matchCriteriaId: "FC0AC4C1-CB06-4084-BFBB-5B702C384C53", versionEndExcluding: "2.10.0.1", versionStartIncluding: "2.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_mobile_experiences:-:*:*:*:*:*:*:*", matchCriteriaId: "3871EBD2-F270-435A-B98C-A282E1C52693", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:contact_center_domain_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8D4DF34B-E8C2-41C8-90E2-D119B50E4E7E", versionEndExcluding: "12.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:contact_center_management_portal:*:*:*:*:*:*:*:*", matchCriteriaId: "C8EF64DA-73E4-4E5E-8F9A-B837C947722E", versionEndExcluding: "12.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "66E1E4FC-0B6E-4CFA-B003-91912F8785B2", versionEndExcluding: "2.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_data_gateway:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1B2390C3-C319-4F05-8CF0-0D30F9931507", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "C154491E-06C7-48B0-AC1D-89BBDBDB902E", versionEndExcluding: "2.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_controller:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1E98EC48-0CED-4E02-9CCB-06EF751F2BDC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_optimization_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "C569DC2A-CFF6-4E13-A50C-E215A4F96D99", versionEndExcluding: "2.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_optimization_engine:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "258A51AC-6649-4F67-A842-48A7AE4DCEE1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_platform_infrastructure:*:*:*:*:*:*:*:*", matchCriteriaId: "8DC22505-DE11-4A1B-8C06-1E306419B031", versionEndExcluding: "4.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_platform_infrastructure:4.1.0:*:*:*:*:*:*:*", matchCriteriaId: "9E31AC54-B928-48B5-8293-F5F4A7A8C293", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*", matchCriteriaId: "5B8AE870-6FD0-40D2-958B-548E2D7A7B75", versionEndExcluding: "2.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "68E7D83B-B6AC-45B1-89A4-D18D7A6018DD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:customer_experience_cloud_agent:*:*:*:*:*:*:*:*", matchCriteriaId: "17660B09-47AA-42A2-B5FF-8EBD8091C661", versionEndExcluding: "1.12.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:*:*:*:*:*:*:*:*", matchCriteriaId: "FBEF9A82-16AE-437A-B8CF-CC7E9B6C4E44", versionEndExcluding: "4.0.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:data_center_network_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "843147AE-8117-4FE9-AE74-4E1646D55642", versionEndExcluding: "11.3\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:data_center_network_manager:11.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7EB871C9-CA14-4829-AED3-CC2B35E99E92", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*", matchCriteriaId: "4FF8A83D-A282-4661-B133-213A8838FB27", versionEndExcluding: "2.1.2.8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*", matchCriteriaId: "139CDAA5-63E9-4E56-AF72-745BD88E4B49", versionEndExcluding: "2.2.2.8", versionStartIncluding: "2.2.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*", matchCriteriaId: "01FD99C4-BCB1-417E-ADCE-73314AD2E857", versionEndExcluding: "2.2.3.4", versionStartIncluding: "2.2.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_spaces\\:_connector:*:*:*:*:*:*:*:*", matchCriteriaId: "9031BE8A-646A-4581-BDE5-750FB0CE04CB", versionEndExcluding: "2.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*", matchCriteriaId: "15BED3E2-46FF-4E58-8C5D-4D8FE5B0E527", versionEndExcluding: "11.5\\(4\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:enterprise_chat_and_email:*:*:*:*:*:*:*:*", matchCriteriaId: "7C950436-2372-4C4B-9B56-9CB48D843045", versionEndExcluding: "12.0\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0B61F186-D943-4711-B3E0-875BB570B142", versionEndIncluding: "4.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:*:*:*:*:*:*:*:*", matchCriteriaId: "2A285C40-170D-4C95-8031-2C6E4D5FB1D4", versionEndExcluding: "12.6\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "3C0F02B5-AA2A-48B2-AE43-38B45532C563", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:fog_director:-:*:*:*:*:*:*:*", matchCriteriaId: "830BDB28-963F-46C3-8D50-638FDABE7F64", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "54553C65-6BFA-40B1-958D-A4E3289D6B1D", versionEndExcluding: "2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:2.4.0:-:*:*:*:*:*:*", matchCriteriaId: "439948AD-C95D-4FC3-ADD1-C3D241529F12", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*", matchCriteriaId: "9C2002AE-0F3C-4A06-9B9A-F77A9F700EB2", versionEndExcluding: "2.3.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:intersight_virtual_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "596A986D-E7DC-4FC4-A776-6FE87A91D7E4", versionEndExcluding: "1.0.9-361", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:iot_operations_dashboard:-:*:*:*:*:*:*:*", matchCriteriaId: "DD93434E-8E75-469C-B12B-7E2B6EDCAA79", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_assurance_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "78684844-4974-41AD-BBC1-961F60025CD2", versionEndExcluding: "6.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "3A00D235-FC9C-4EB7-A16C-BB0B09802E61", versionEndExcluding: "5.3.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "C60FDD1B-898E-4FCB-BDE2-45A7CBDBAF4F", versionEndExcluding: "5.4.5.2", versionStartIncluding: "5.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "E7A33E5F-BBC7-4917-9C63-900248B546D9", versionEndExcluding: "5.5.4.1", versionStartIncluding: "5.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "12D98A7C-4992-4E58-A6BD-3D8173C8F2B0", versionEndExcluding: "5.6.3.1", versionStartIncluding: "5.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:nexus_dashboard:*:*:*:*:*:*:*:*", matchCriteriaId: "E2DDC1AF-31B5-4F05-B84F-8FD23BE163DA", versionEndExcluding: "2.1.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:nexus_insights:*:*:*:*:*:*:*:*", matchCriteriaId: "A4540CF6-D33E-4D33-8608-11129D6591FA", versionEndExcluding: "6.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:optical_network_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "129A7615-99E7-41F8-8EBC-CEDA10AD89AD", versionEndExcluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:packaged_contact_center_enterprise:*:*:*:*:*:*:*:*", matchCriteriaId: "5F46A7AC-C133-442D-984B-BA278951D0BF", versionEndExcluding: "11.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:packaged_contact_center_enterprise:11.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "A1A75AB6-C3A7-4299-B35A-46A4BCD00816", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:*:*:*:*:*:*:*:*", matchCriteriaId: "0A73E888-C8C2-4AFD-BA60-566D45214BCA", versionEndExcluding: "14.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:prime_service_catalog:*:*:*:*:*:*:*:*", matchCriteriaId: "4B0D0FD0-ABC6-465F-AB8D-FA8788B1B2DD", versionEndExcluding: "12.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "D673F6F7-C42A-4538-96F0-34CB4F0CB080", versionEndExcluding: "20.3.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "FD374819-3CED-4260-90B6-E3C1333EAAD2", versionEndExcluding: "20.4.2.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "D2D89973-94AF-4BE7-8245-275F3FEB30F4", versionEndExcluding: "20.5.1.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "91A9A889-2C2B-4147-8108-C35291761C15", versionEndExcluding: "20.6.2.1", versionStartIncluding: "20.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:*:*:*:*:*:*:*:*", matchCriteriaId: "D0EEA1EC-C63C-4C7D-BFAE-BA4556332242", versionEndExcluding: "3.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central:*:*:*:*:*:*:*:*", matchCriteriaId: "ACE22D97-42FA-4179-99E5-C2EE582DB7FF", versionEndExcluding: "2.0\\(1p\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_director:*:*:*:*:*:*:*:*", matchCriteriaId: "F6B5DB6D-9E7D-4403-8028-D7DA7493716B", versionEndExcluding: "6.8.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:-:*:*:*", matchCriteriaId: "B98D7AD5-0590-43FB-8AC0-376C9C500C15", versionEndExcluding: "11.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*", matchCriteriaId: "D9DA1900-9972-4DFD-BE2E-74DABA1ED9A9", versionEndExcluding: "11.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "42A41C41-A370-4C0E-A49D-AD42B2F3FB5C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:-:*:*:*", matchCriteriaId: "7E958AFF-185D-4D55-B74B-485BEAEC42FD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:session_management:*:*:*", matchCriteriaId: "F770709C-FFB2-4A4E-A2D8-2EAA23F2E87C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su3:*:*:*:*:*:*:*", matchCriteriaId: "B85B81F9-8837-426E-8639-AB0712CD1A96", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:*:*:*:*:*:*:*:*", matchCriteriaId: "C1CCCD27-A247-4720-A2FE-C8ED55D1D0DE", versionEndExcluding: "11.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "34D89C42-AAD9-4B04-9F95-F77681E39553", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:*:*:*:*:*:*:*:*", matchCriteriaId: "897C8893-B0B6-4D6E-8D70-31B421D80B9A", versionEndExcluding: "11.6\\(2\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "91D62A73-21B5-4D16-A07A-69AED2D40CC0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_express:*:*:*:*:*:*:*:*", matchCriteriaId: "B0492049-D3AC-4512-A4BF-C9C26DA72CB0", versionEndExcluding: "12.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:*:*:*:*:*:*:*:*", matchCriteriaId: "3868A8AA-6660-4332-AB0C-089C150D00E7", versionEndExcluding: "11.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:11.6:*:*:*:*:*:*:*", matchCriteriaId: "58BD72D6-4A79-49C9-9652-AB0136A591FA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:12.0:*:*:*:*:*:*:*", matchCriteriaId: "A32761FD-B435-4E51-807C-2B245857F90E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:12.5:*:*:*:*:*:*:*", matchCriteriaId: "154F7F71-53C5-441C-8F5C-0A82CB0DEC43", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*", matchCriteriaId: "65FD3873-2663-4C49-878F-7C65D4B8E455", versionEndExcluding: "11.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:video_surveillance_operations_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0886FB04-24AA-4995-BA53-1E44F94E114E", versionEndExcluding: "7.14.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:virtual_topology_system:*:*:*:*:*:*:*:*", matchCriteriaId: "C61805C1-1F73-462C-A9CA-BB0CA4E57D0B", versionEndExcluding: "2.6.7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5EB39834-0F6D-4BD7-AFEC-DD8BEE46DA50", versionEndExcluding: "3.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0B78DD21-15F2-47A4-8A99-6DB6756920AC", versionEndExcluding: "3.4.4", versionStartIncluding: "3.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:virtualized_voice_browser:*:*:*:*:*:*:*:*", matchCriteriaId: "7C6222EB-36E1-4CD5-BD69-5A921ED5DA6A", versionEndExcluding: "12.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "C200CABD-F91B-49C4-A262-C56370E44B4C", versionEndExcluding: "7.3.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*", matchCriteriaId: "DE22BE9B-374E-43DC-BA91-E3B9699A4C7C", versionEndExcluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:-:*:*:*:*:*:*", matchCriteriaId: "61D1081F-87E8-4E8B-BEBD-0F239E745586", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release1:*:*:*:*:*:*", matchCriteriaId: "8D138973-02B0-4FEC-A646-FF1278DA1EDF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2:*:*:*:*:*:*", matchCriteriaId: "30B55A5B-8C5E-4ECB-9C85-A8A3A3030850", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:*:*:*:*:*:*", matchCriteriaId: "14DBEC10-0641-441C-BE15-8F72C1762DCE", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:-:*:*:*:*:*", matchCriteriaId: "205C1ABA-2A4F-480F-9768-7E3EC43B03F5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch4:*:*:*:*:*:*", matchCriteriaId: "D36FE453-C43F-448B-8A59-668DE95468C0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch5:*:*:*:*:*:*", matchCriteriaId: "E8DF0944-365F-4149-9059-BDFD6B131DC5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_2:*:*:*:*:*:*", matchCriteriaId: "6B37AA08-13C7-4FD0-8402-E344A270C8F7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_3:*:*:*:*:*:*", matchCriteriaId: "2AA56735-5A5E-4D8C-B09D-DBDAC2B5C8E9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release4:*:*:*:*:*:*", matchCriteriaId: "4646849B-8190-4798-833C-F367E28C1881", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*", matchCriteriaId: "4D6CF856-093A-4E89-A71D-50A2887C265B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release1:*:*:*:*:*:*", matchCriteriaId: "B36A9043-0621-43CD-BFCD-66529F937859", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release2:*:*:*:*:*:*", matchCriteriaId: "8842B42E-C412-4356-9F54-DFC53B683D3E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release3:*:*:*:*:*:*", matchCriteriaId: "D25BC647-C569-46E5-AD45-7E315EBEB784", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:workload_optimization_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B468EDA1-CDEF-44D4-9D62-C433CF27F631", versionEndExcluding: "3.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:unified_intelligence_center:*:*:*:*:*:*:*:*", matchCriteriaId: "C90C6CD1-4678-4621-866B-F0CE819C8000", versionEndExcluding: "12.6\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:unified_sip_proxy:*:*:*:*:*:*:*:*", matchCriteriaId: "9E4905E2-2129-469C-8BBD-EDA258815E2B", versionEndExcluding: "10.2.1v2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:unified_workforce_optimization:*:*:*:*:*:*:*:*", matchCriteriaId: "EC86AC6C-7C08-4EB9-A588-A034113E4BB1", versionEndExcluding: "11.5\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fxos:6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "82C8AD48-0130-4C20-ADEC-697668E2293B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:6.3.0:*:*:*:*:*:*:*", matchCriteriaId: "4E75EF7C-8D71-4D70-91F0-74FC99A90CC3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:6.4.0:*:*:*:*:*:*:*", matchCriteriaId: "2DB7EE7D-8CB4-4804-9F9D-F235608E86E1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:6.5.0:*:*:*:*:*:*:*", matchCriteriaId: "77571973-2A94-4E15-AC5B-155679C3C565", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CA405A50-3F31-48ED-9AF1-4B02F5B367DE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:6.7.0:*:*:*:*:*:*:*", matchCriteriaId: "D3753953-04E8-4382-A6EC-CD334DD83CF4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B4A5F89F-1296-4A0F-A36D-082A481F190F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:7.1.0:*:*:*:*:*:*:*", matchCriteriaId: "F50F48AF-44FF-425C-9685-E386F956C901", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:automated_subsea_tuning:02.01.00:*:*:*:*:*:*:*", matchCriteriaId: "A4D28E76-56D4-4C9A-A660-7CD7E0A1AC9F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:broadworks:-:*:*:*:*:*:*:*", matchCriteriaId: "CD975A0E-00A6-475E-9064-1D64E4291499", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite:4.10\\(0.15\\):*:*:*:*:*:*:*", matchCriteriaId: "2E50AC21-DA54-4BC8-A503-1935FD1714C7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite:5.3\\(0\\):*:*:*:*:*:*:*", matchCriteriaId: "4D05E169-4AF1-4127-A917-056EC2CE781B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite:5.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "8AD415A2-422E-4F15-A177-C3696FEAFF0C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(0\\):*:*:*:*:*:*:*", matchCriteriaId: "134443B7-7BA8-4B50-8874-D4BF931BECFD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "73ADF6EA-CD29-4835-8D72-84241D513AFF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.000\\):*:*:*:*:*:*:*", matchCriteriaId: "BAC1A386-04C7-45B2-A883-1CD9AB60C14B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.001\\):*:*:*:*:*:*:*", matchCriteriaId: "3F0F1639-D69E-473A-8926-827CCF73ACC9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.002\\):*:*:*:*:*:*:*", matchCriteriaId: "F4FDF900-E9D6-454A-BF6B-821620CA59F4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.000\\):*:*:*:*:*:*:*", matchCriteriaId: "1859BD43-BA2B-45A5-B523-C6BFD34C7B01", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.001\\):*:*:*:*:*:*:*", matchCriteriaId: "1EBC145C-9A2F-4B76-953E-0F690314511C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.002\\):*:*:*:*:*:*:*", matchCriteriaId: "158B7A53-FEC1-4B42-A1E2-E83E99564B07", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.010\\(000.000\\):*:*:*:*:*:*:*", matchCriteriaId: "3A378971-1A08-4914-B012-8E24DCDEFC68", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.004.000.003:*:*:*:*:*:*:*", matchCriteriaId: "4E5CC012-DC85-481A-B82A-9323C19674DA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.:*:*:*:*:*:*:*", matchCriteriaId: "76CF59ED-685D-46CD-80A2-AEDA4F03FE53", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.000:*:*:*:*:*:*:*", matchCriteriaId: "960B07C0-E205-47E7-B578-46A0AF559D04", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.000.001:*:*:*:*:*:*:*", matchCriteriaId: "A1A194E1-405E-47FA-8CDF-58EB78883ACC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.001.000:*:*:*:*:*:*:*", matchCriteriaId: "2E628231-61FB-40AF-A20B-00F5CB78E63B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.002.000:*:*:*:*:*:*:*", matchCriteriaId: "2EA25E92-2C76-4722-BA06-53F33C0D961C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:7.3:*:*:*:*:*:*:*", matchCriteriaId: "51D2940A-0D03-415B-B72E-1F6862DDAC41", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.000:*:*:*:*:*:*:*", matchCriteriaId: "8B346ADC-00BE-4409-B658-A11351D2A7D4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.001.001:*:*:*:*:*:*:*", matchCriteriaId: "5A0E44A9-C427-493B-868A-8A8DA405E759", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.003:*:*:*:*:*:*:*", matchCriteriaId: "B2B31E7C-0EB3-4996-8859-DF94A3EE20B3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000:*:*:*:*:*:*:*", matchCriteriaId: "3EAB3E03-275F-4942-9396-FC7A22F42C8D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000.000.004:*:*:*:*:*:*:*", matchCriteriaId: "19DAD751-D170-4914-BAB2-6054DFEEF404", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_automation:-:*:*:*:*:*:*:*", matchCriteriaId: "2F429F37-3576-4D8A-9901-359D65EC3CF4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_automation:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F526DEF1-4A3E-4FE1-8153-E9252DAE5B92", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_automation:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "C19679D0-F4DC-4130-AFFD-692E5130531A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_automation:4.1.0:*:*:*:*:*:*:*", matchCriteriaId: "60D2FBF3-D8AB-41F0-B170-9E56FBF7E2F7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_automation:4.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F60324DD-8450-4B14-A7A1-0D5EA5163580", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cx_cloud_agent:001.012:*:*:*:*:*:*:*", matchCriteriaId: "12F6DFD1-273B-4292-A22C-F2BE0DD3FB3F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cyber_vision:4.0.2:*:*:*:*:*:*:*", matchCriteriaId: "13EA024C-97A4-4D33-BC3E-51DB77C51E76", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:4.0.2:*:*:*:*:*:*:*", matchCriteriaId: "85289E35-C7C2-46D0-9BDC-10648DD2C86F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_center:2.2.2.8:*:*:*:*:*:*:*", matchCriteriaId: "17282822-C082-4FBC-B46D-468DCF8EF6B8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_spaces:-:*:*:*:*:*:*:*", matchCriteriaId: "F5463DA6-5D44-4C32-B46C-E8A2ADD7646B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_spaces_connector:-:*:*:*:*:*:*:*", matchCriteriaId: "54A237CF-A439-4114-AF81-D75582F29573", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:emergency_responder:11.5:*:*:*:*:*:*:*", matchCriteriaId: "A37D19BF-E4F5-4AF4-8942-0C3B62C4BF2B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:emergency_responder:11.5\\(4.65000.14\\):*:*:*:*:*:*:*", matchCriteriaId: "EF25688B-6659-4C7C-866D-79AA1166AD7A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:emergency_responder:11.5\\(4.66000.14\\):*:*:*:*:*:*:*", matchCriteriaId: "47B70741-90D9-4676-BF16-8A21E147F532", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:enterprise_chat_and_email:12.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "ED862A1B-E558-4D44-839C-270488E735BB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:enterprise_chat_and_email:12.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2678AF98-1194-4810-9933-5BA50E409F88", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:enterprise_chat_and_email:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "37E7DEBD-9E47-4D08-86BC-D1B013450A98", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:*:*:*:*:*:*:*", matchCriteriaId: "1A935862-18F7-45FE-B647-1A9BA454E304", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:*:*:*:*:*:*:*", matchCriteriaId: "69594997-2568-4C10-A411-69A50BFD175F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:*:*:*:*:*:*:*", matchCriteriaId: "1EC39E2D-C47B-4311-BC7B-130D432549F4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:*:*:*:*:*:*:*", matchCriteriaId: "EE5E6CBE-D82C-4001-87CB-73DF526F0AB1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:*:*:*:*:*:*:*", matchCriteriaId: "460E6456-0E51-45BC-868E-DEEA5E3CD366", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:*:*:*:*:*:*:*", matchCriteriaId: "F7F58659-A318-42A0-83C5-8F09FCD78982", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su1:*:*:*:*:*:*", matchCriteriaId: "D8A49E46-8501-4697-A17A-249A7D9F5A0B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su2:*:*:*:*:*:*", matchCriteriaId: "5D81E7A9-0C2B-4603-91F0-ABF2380DBBA3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.6\\(1\\):-:*:*:*:*:*:*", matchCriteriaId: "4DFCE723-9359-40C7-BA35-B71BDF8E3CF3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es01:*:*:*:*:*:*", matchCriteriaId: "28B1524E-FDCA-4570-86DD-CE396271B232", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es02:*:*:*:*:*:*", matchCriteriaId: "74DC6F28-BFEF-4D89-93D5-10072DAC39C8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es03:*:*:*:*:*:*", matchCriteriaId: "BA1D60D7-1B4A-4EEE-A26C-389D9271E005", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "1D726F07-06F1-4B0A-B010-E607E0C2A280", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0:*:*:*:*:*:*:*", matchCriteriaId: "3ED58B0E-FCC7-48E3-A5C0-6CC54A38BAE3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*", matchCriteriaId: "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0:*:*:*:*:*:*:*", matchCriteriaId: "41E168ED-D664-4749-805E-77644407EAFE", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "DCD69468-8067-4A5D-B2B0-EC510D889AA0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*", matchCriteriaId: "85F22403-B4EE-4303-9C94-915D3E0AC944", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BBCA75A6-0A3E-4393-8884-9F3CE190641E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*", matchCriteriaId: "D619BF54-1BA9-45D0-A876-92D7010088A0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:002.004\\(000.914\\):-:*:*:*:*:*:*", matchCriteriaId: "808F8065-BD3A-4802-83F9-CE132EDB8D34", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:002.006\\(000.156\\):-:*:*:*:*:*:*", matchCriteriaId: "B236B13E-93B9-424E-926C-95D3DBC6CA5D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:002.007\\(000.356\\):-:*:*:*:*:*:*", matchCriteriaId: "8A63CC83-0A6E-4F33-A1BE-214A33B51518", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:003.000\\(000.458\\):-:*:*:*:*:*:*", matchCriteriaId: "37DB7759-6529-46DE-B384-10F060D86A97", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:003.001\\(000.518\\):-:*:*:*:*:*:*", matchCriteriaId: "8C640AD9-146E-488A-B166-A6BB940F97D3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:003.002\\(000.116\\):-:*:*:*:*:*:*", matchCriteriaId: "DAC1FA7E-CB1B-46E5-A248-ABACECFBD6E8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:integrated_management_controller_supervisor:002.003\\(002.000\\):*:*:*:*:*:*:*", matchCriteriaId: "7C3BD5AF-9FC1-494B-A676-CC3D4B8EAC8D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.3.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F477CACA-2AA0-417C-830D-F2D3AE93153A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:intersight_virtual_appliance:1.0.9-343:*:*:*:*:*:*:*", matchCriteriaId: "7E3BE5E1-A6B6-46C7-B93B-8A9F5AEA2731", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:mobility_services_engine:-:*:*:*:*:*:*:*", matchCriteriaId: "04E0BB7B-0716-4DBD-89B9-BA11AAD77C00", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_assurance_engine:6.0\\(2.1912\\):*:*:*:*:*:*:*", matchCriteriaId: "64C98A76-0C31-45E7-882B-35AE0D2C5430", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "379F8D86-BE87-4250-9E85-494D331A0398", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "71F69E51-E59D-4AE3-B242-D6D2CFDB3F46", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "578DA613-8E15-4748-A4B7-646415449609", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "544EFAD6-CE2F-4E1D-9A00-043454B72889", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2E16DF9C-3B64-4220-82B6-6E20C7807BAA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B9CD5B8A-9846-48F1-9495-77081E44CBFC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "68E6CD49-6F71-4E17-B046-FBE91CE91CB7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "0BDD8018-7E77-4C89-917E-ACDC678A7DE2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_insights_for_data_center:6.0\\(2.1914\\):*:*:*:*:*:*:*", matchCriteriaId: "A7D39156-A47D-405E-8C02-CAE7D637F99A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:-:*:*:*:*:*:*:*", matchCriteriaId: "5426FC59-411D-4963-AFEF-5B55F68B8958", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:optical_network_controller:1.1:*:*:*:*:*:*:*", matchCriteriaId: "810E9A92-4302-4396-94D3-3003947DB2A7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:8.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "522C36A5-7520-4368-BD92-9AB577756493", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:8.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "CB2EC4BE-FFAF-4605-8A96-2FEF35975540", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:8.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "CA1D3C2A-E5FA-400C-AC01-27A3E5160477", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:9.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "63B27050-997B-4D54-8E5A-CE9E33904318", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:9.0\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "5ABF05B8-1B8A-4CCF-A1AD-D8602A247718", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:9.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2F74580D-0011-4ED9-9A00-B4CDB6685154", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:12.5\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "17A3C22E-1980-49B6-8985-9FA76A77A836", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:14.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B1AB42DC-CE58-448A-A6B5-56F31B15F4A0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:prime_service_catalog:12.1:*:*:*:*:*:*:*", matchCriteriaId: "9DC32B55-0C76-4669-8EAD-DCC16355E887", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.3:*:*:*:*:*:*:*", matchCriteriaId: "6CDA737F-337E-4C30-B68D-EF908A8D6840", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.4:*:*:*:*:*:*:*", matchCriteriaId: "9DC5A89C-CCCF-49EC-B4FC-AB98ACB79233", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.5:*:*:*:*:*:*:*", matchCriteriaId: "4BA4F513-CBA1-4523-978B-D498CEDAE0CF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.6:*:*:*:*:*:*:*", matchCriteriaId: "6C53C6FD-B98E-4F7E-BA4D-391C90CF9E83", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.6.1:*:*:*:*:*:*:*", matchCriteriaId: "D00F6719-2C73-4D8D-8505-B9922E8A4627", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.7:*:*:*:*:*:*:*", matchCriteriaId: "EFE9210F-39C5-4828-9608-6905C1D378D4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.8:*:*:*:*:*:*:*", matchCriteriaId: "A1CEDCE4-CFD1-434B-B157-D63329CBA24A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:3.1.2:*:*:*:*:*:*:*", matchCriteriaId: "33660EB8-2984-4258-B8AD-141B7065C85E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:3.1.3:*:*:*:*:*:*:*", matchCriteriaId: "0ACA346D-5103-47F0-8BD9-7A8AD9B92E98", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:3.1.4:*:*:*:*:*:*:*", matchCriteriaId: "A38BDF03-23C8-4BB6-A44D-68818962E7CB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:3.1.5:*:*:*:*:*:*:*", matchCriteriaId: "3104C099-FEDA-466B-93CC-D55F058F7CD3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:3.2.1:*:*:*:*:*:*:*", matchCriteriaId: "890EA1C7-5990-4C71-857F-197E6F5B4089", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:21.3:*:*:*:*:*:*:*", matchCriteriaId: "56F21CF4-83FE-4529-9871-0FDD70D3095E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0:*:*:*:*:*:*:*", matchCriteriaId: "B9331834-9EAD-46A1-9BD4-F4027E49D0C3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "0E707E44-12CD-46C3-9124-639D0265432E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "2FEE8482-DB64-4421-B646-9E5F560D1712", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "4385CE6E-6283-4621-BBD9-8E66E2A34843", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "9A6CDBD4-889B-442D-B272-C8E9A1B6AEC0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "FF1E59F9-CF4F-4EFB-872C-5F503A04CCF4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1f\\):*:*:*:*:*:*:*", matchCriteriaId: "1782219F-0C3D-45B7-80C7-D1DAA70D90B1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1g\\):*:*:*:*:*:*:*", matchCriteriaId: "DDAB3BAD-1EC6-4101-A58D-42DA48D04D0C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "8F7AA674-6BC2-490F-8D8A-F575B11F4BE0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "6945C4DE-C070-453E-B641-2F5B9CFA3B6D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "DAB8C7C0-D09B-4232-A88E-57D25AF45457", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.17900.52\\):*:*:*:*:*:*:*", matchCriteriaId: "ACEDB7B4-EBD4-4A37-9EE3-07EE3B46BE44", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18119.2\\):*:*:*:*:*:*:*", matchCriteriaId: "820D579C-AA45-4DC1-945A-748FFCD51CA2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18900.97\\):*:*:*:*:*:*:*", matchCriteriaId: "7B23A9A6-CD04-4D76-BE3F-AFAFBB525F5E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.21900.40\\):*:*:*:*:*:*:*", matchCriteriaId: "A44E6007-7A3A-4AD3-9A65-246C59B73FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.22900.28\\):*:*:*:*:*:*:*", matchCriteriaId: "3D508E51-4075-4E34-BB7C-65AF9D56B49F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager_im_\\&_presence_service:11.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "376D06D5-D68E-4FF0-97E5-CBA2165A05CF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager_im_\\&_presence_service:11.5\\(1.22900.6\\):*:*:*:*:*:*:*", matchCriteriaId: "18ED6B8F-2064-4BBA-A78D-4408F13C724D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_computing_system:006.008\\(001.000\\):*:*:*:*:*:*:*", matchCriteriaId: "94091FE3-AB88-4CF5-8C4C-77B349E716A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "91D62A73-21B5-4D16-A07A-69AED2D40CC0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "53F1314A-9A2C-43DC-8203-E4654EF013CC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0ADE468B-8F0C-490D-BB4C-358D947BA8E4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "32FEE78D-309E-491D-9AB6-98005F1CBF49", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "878D9901-675D-4444-B094-0BA505E7433F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):-:*:*:*:*:*:*", matchCriteriaId: "66E25EE4-AB7B-42BF-A703-0C2E83E83577", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):su1:*:*:*:*:*:*", matchCriteriaId: "D8F35520-F04A-4863-A1BC-0EDD2D1804F7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "EF9855FD-7747-4D9E-9542-703B1EC9A382", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "E07AF386-D8A5-44F5-A418-940C9F88A36A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_management_portal:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "113C77DA-AC22-4D67-9812-8510EFC0A95F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:11.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4BE221AB-A3B0-4CFF-9BC0-777773C2EF63", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:12.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "15941265-1E7E-4C3E-AF1D-027C5E0D3141", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:12.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "54AA2B0C-92A1-4B53-88D7-6E31120F5041", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F9BD7207-85FB-4484-8720-4D11F296AC10", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):-:*:*:*:*:*:*", matchCriteriaId: "62E009C4-BE3E-4A14-91EF-8F667B2220A7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es01:*:*:*:*:*:*", matchCriteriaId: "088512E1-434D-4685-992E-192A98ECAD9A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es02:*:*:*:*:*:*", matchCriteriaId: "50A7BBC6-077C-4182-AA7A-577C4AAC3CD8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(2\\):-:*:*:*:*:*:*", matchCriteriaId: "E0536F45-3A49-4F93-942E-AF679DFC7017", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(000\\):*:*:*:*:*:*:*", matchCriteriaId: "3D54794B-6CD5-46D7-B9E9-62A642143562", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(001\\):*:*:*:*:*:*:*", matchCriteriaId: "BE844DCA-FF52-43F5-BDD9-836A812A8CFF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(000\\):*:*:*:*:*:*:*", matchCriteriaId: "07B261EB-CA63-4796-BD15-A6770FD68B34", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(001\\):*:*:*:*:*:*:*", matchCriteriaId: "29F9067A-B86C-4A6B-ACB7-DB125E04B795", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_workforce_optimization:11.5\\(1\\):sr7:*:*:*:*:*:*", matchCriteriaId: "FAC4CC92-8BA0-4D96-9C48-5E311CDED53F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unity_connection:11.5:*:*:*:*:*:*:*", matchCriteriaId: "8F2437A5-217A-4CD1-9B72-A31BDDC81F42", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unity_connection:11.5\\(1.10000.6\\):*:*:*:*:*:*:*", matchCriteriaId: "9C3CFF0D-BD70-4353-AE2F-6C55F8DE56A2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(1.26\\):*:*:*:*:*:*:*", matchCriteriaId: "2CE47760-0E71-4FCA-97D1-CF0BB71CAC17", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(2.26\\):*:*:*:*:*:*:*", matchCriteriaId: "89B2D4F5-CB86-4B25-8C14-CED59E8A3F22", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(3.025\\):*:*:*:*:*:*:*", matchCriteriaId: "B150B636-6267-4504-940F-DC37ABEFB082", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(4.018\\):*:*:*:*:*:*:*", matchCriteriaId: "D00B9911-A7CA-467E-B7A3-3AF31828D5D9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:virtual_topology_system:2.6.6:*:*:*:*:*:*:*", matchCriteriaId: "B67C08C3-412F-4B7F-B98C-EEAEE77CBE4B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.1.3:*:*:*:*:*:*:*", matchCriteriaId: "6D428C9B-53E1-4D26-BB4D-57FDE02FA613", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "CDB41596-FACF-440A-BB6C-8CAD792EC186", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "D8C88EE2-5702-4E8B-A144-CB485435FD62", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.2.3:*:*:*:*:*:*:*", matchCriteriaId: "1BC62844-C608-4DB1-A1AD-C1B55128C560", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.3:*:*:*:*:*:*:*", matchCriteriaId: "EFF2FFA4-358A-4F33-BC67-A9EF8A30714E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.4:*:*:*:*:*:*:*", matchCriteriaId: "53C0BBDE-795E-4754-BB96-4D6D4B5A804F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.5:*:*:*:*:*:*:*", matchCriteriaId: "7A41E377-16F9-423F-8DC2-F6EDD54E1069", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.6:*:*:*:*:*:*:*", matchCriteriaId: "F0C2789E-255B-45D9-9469-B5B549A01F53", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:*:*:*:*:*:*:*", matchCriteriaId: "EFAFEC61-2128-4BFA-992D-54742BD4911A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F12AF70E-2201-4F5D-A929-A1A057B74252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:snowsoftware:snow_commander:*:*:*:*:*:*:*:*", matchCriteriaId: "A2CBCDC4-02DF-47F4-A01C-7CBCB2FF0163", versionEndExcluding: "8.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:snowsoftware:vm_access_proxy:*:*:*:*:*:*:*:*", matchCriteriaId: "C42D44C8-9894-4183-969B-B38FDA1FEDF9", versionEndExcluding: "3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:bentley:synchro:*:*:*:*:pro:*:*:*", matchCriteriaId: "452D8730-F273-4AB4-9221-E82EC2CAAFD8", versionEndExcluding: "6.2.4.2", versionStartIncluding: "6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:bentley:synchro_4d:*:*:*:*:pro:*:*:*", matchCriteriaId: "F2EF5054-EECB-4489-B27A-AACB96B25B97", versionEndExcluding: "6.4.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:percussion:rhythmyx:*:*:*:*:*:*:*:*", matchCriteriaId: "16E0A04D-30BE-4AB3-85A1-13AF614C425C", versionEndIncluding: "7.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", matchCriteriaId: "E0755E91-2F36-4EC3-8727-E8BF0427E663", versionEndExcluding: "13.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.", }, { lang: "es", value: "Las características JNDI de Apache Log4j2 2.0-beta9 hasta 2.15.0 (excluyendo las versiones de seguridad 2.12.2, 2.12.3 y 2.3.1) utilizadas en la configuración, los mensajes de registro y los parámetros no protegen contra LDAP controlado por un atacante y otros puntos finales relacionados con JNDI. Un atacante que pueda controlar los mensajes de registro o los parámetros de los mensajes de registro puede ejecutar código arbitrario cargado desde servidores LDAP cuando la sustitución de la búsqueda de mensajes está habilitada. A partir de la versión 2.15.0 de log4j, este comportamiento ha sido deshabilitado por defecto. A partir de la versión 2.16.0 (junto con las versiones 2.12.2, 2.12.3 y 2.3.1), esta funcionalidad se ha eliminado por completo. Tenga en cuenta que esta vulnerabilidad es específica de log4j-core y no afecta a log4net, log4cxx u otros proyectos de Apache Logging Services", }, ], id: "CVE-2021-44228", lastModified: "2025-04-03T20:53:22.977", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2021-12-10T10:15:09.143", references: [ { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", "Broken Link", ], url: "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Dec/2", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Jul/11", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Mar/23", }, { source: "security@apache.org", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/1", }, { source: "security@apache.org", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/2", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/3", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/1", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/2", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/14/4", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/15/3", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://github.com/cisagov/log4j-affected-db", }, { source: "security@apache.org", tags: [ "Broken Link", "Product", "US Government Resource", ], url: "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html", }, { source: "security@apache.org", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/", }, { source: "security@apache.org", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/", }, { source: "security@apache.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://logging.apache.org/log4j/2.x/security.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", "Vendor Advisory", ], url: "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211210-0007/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213189", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Broken Link", "Exploit", "Third Party Advisory", ], url: "https://twitter.com/kurtseifried/status/1469345530182455296", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5020", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", "Broken Link", ], url: "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Dec/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Jul/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Mar/23", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/14/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/15/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/cisagov/log4j-affected-db", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Product", "US Government Resource", ], url: "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://logging.apache.org/log4j/2.x/security.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "Vendor Advisory", ], url: "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211210-0007/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213189", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Exploit", "Third Party Advisory", ], url: "https://twitter.com/kurtseifried/status/1469345530182455296", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5020", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, { lang: "en", value: "CWE-400", }, { lang: "en", value: "CWE-502", }, ], source: "security@apache.org", type: "Primary", }, { description: [ { lang: "en", value: "CWE-917", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-11 17:15
Modified
2024-10-08 21:43
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the configuration of an affected application or device.
This vulnerability is due to improper authorization checks on the API. An attacker with privileges sufficient to access the affected application or device could exploit this vulnerability by sending malicious requests to the JSON-RPC API. A successful exploit could allow the attacker to make unauthorized modifications to the configuration of the affected application or device, including creating new user accounts or elevating their own privileges on an affected system.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.1:*:*:*:*:*:*:*", matchCriteriaId: "B2FD2C84-CD64-4C1C-BC38-2F7A2A6EEF45", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.2:*:*:*:*:*:*:*", matchCriteriaId: "2DE98B34-501B-449A-843A-58F297EDBE1B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*", matchCriteriaId: "86E05C3F-4095-4B9C-8C11-E32567EB14AC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.15:*:*:*:*:*:*:*", matchCriteriaId: "582B1A3D-68F5-4047-98B2-FEC2A9569828", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.25:*:*:*:*:*:*:*", matchCriteriaId: "EDAABB7C-DD62-418F-9CD3-B868913453AF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.26:*:*:*:*:*:*:*", matchCriteriaId: "DECAACAE-0DFF-43CE-83AF-84FEABAB2CAF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.28:*:*:*:*:*:*:*", matchCriteriaId: "4B9EE8F5-2F17-45E8-91BD-9DB5EE97B0CD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.29:*:*:*:*:*:*:*", matchCriteriaId: "C3C1199B-57C2-4076-A612-5F75AE46B3D1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.31:*:*:*:*:*:*:*", matchCriteriaId: "6CB20C4D-F8AD-4887-8B73-07495439BA3D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.32:*:*:*:*:*:*:*", matchCriteriaId: "EE3676F8-475D-4C5D-A932-633E55A1C115", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.33:*:*:*:*:*:*:*", matchCriteriaId: "13E2915D-36F8-4AFE-A2E0-59A8DF87A101", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.90:*:*:*:*:*:*:*", matchCriteriaId: "2F6FF116-1FFB-4960-942E-A1A16ACEA7F0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.92:*:*:*:*:*:*:*", matchCriteriaId: "6CFC77F8-4131-42E1-93A4-13149BDCDC1D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.93:*:*:*:*:*:*:*", matchCriteriaId: "676F3DD0-6081-4C37-8E4F-210BC59C3C09", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "54EA6C52-E541-4426-A3DF-2FA88CA28BA1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*", matchCriteriaId: "B8AE8971-5003-4A39-8173-E17CE9C2523F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.6.3:*:*:*:*:*:*:*", matchCriteriaId: "36944A2B-E4F5-41DE-AC4D-55BFA603BE5E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.6.4:*:*:*:*:*:*:*", matchCriteriaId: "4E6EA55E-05BA-483F-AAE1-DD573D22D6A9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.6.11:*:*:*:*:*:*:*", matchCriteriaId: "BC51CBC1-3303-43EF-B617-AD0C59E36000", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.6.12:*:*:*:*:*:*:*", matchCriteriaId: "C710E576-B368-41C9-88A8-75D88E00F4B4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*", matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.7.1:*:*:*:*:*:*:*", matchCriteriaId: "DB06AB15-7F91-4B17-BBBD-AC4E4D1EBF9E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.7.2:*:*:*:*:*:*:*", matchCriteriaId: "D1D7FA61-7D81-4FF3-827C-A97D35AB541B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.7.3:*:*:*:*:*:*:*", matchCriteriaId: "870B498C-3358-4EC0-B75A-B9A5D1DD40DC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.7.4:*:*:*:*:*:*:*", matchCriteriaId: "95BB2A02-11B4-48C1-97D7-25A9DF28ABB2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.7.35:*:*:*:*:*:*:*", matchCriteriaId: "A5CEC350-6245-453D-BB6D-79D444E1A5FA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.8.1:*:*:*:*:*:*:*", matchCriteriaId: "004286E0-375F-4385-87EB-0C74BD9CAF6F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.8.2:*:*:*:*:*:*:*", matchCriteriaId: "1B255442-4F12-41A1-8050-B805AAE65947", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.9.1:*:*:*:*:*:*:*", matchCriteriaId: "89FBA2B4-490F-4A00-8967-063F91F197E7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:6.9.2:*:*:*:*:*:*:*", matchCriteriaId: "93125F1D-0CE5-423F-A73E-46F2A91E5FC2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "00D33162-F298-4B99-A3D4-283A2A4FA091", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "82AF763B-9299-4EDC-B42D-B83736839CA1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.0.2:*:*:*:*:*:*:*", matchCriteriaId: "5F70AB37-3C0B-40A8-BC37-5A79DA5F45F6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.0.11:*:*:*:*:*:*:*", matchCriteriaId: "921B3622-76A3-4D9F-936C-25A965CE1A0E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.0.12:*:*:*:*:*:*:*", matchCriteriaId: "56092600-ABD2-4703-BA00-9DD0AE09B46D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.0.14:*:*:*:*:*:*:*", matchCriteriaId: "C4B7EEF2-9B6A-43FC-8DBE-F82B8E01BCAE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.0.90:*:*:*:*:*:*:*", matchCriteriaId: "2E5C0909-27D8-4B6E-A644-9B8ADFA24266", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E90BEFD1-AAA5-4D39-A180-4B5ED3427AFC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.1.2:*:*:*:*:*:*:*", matchCriteriaId: "8B842317-A5DB-4890-948A-DD26B7AE2540", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.1.3:*:*:*:*:*:*:*", matchCriteriaId: "00EA89C8-AAE8-48F1-91E4-7AE46083A802", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.1.15:*:*:*:*:*:*:*", matchCriteriaId: "48928FFF-871C-4C07-8352-8C802FAD8F53", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.1.25:*:*:*:*:*:*:*", matchCriteriaId: "06FDB11D-C54D-4654-8142-B50D306A6A28", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "84BABFE7-1350-4FB0-B9ED-5F08E386BC40", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "B7FE3667-1B5E-48FB-B3BB-1C1854FFEE72", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "2B0370A9-E422-4109-81A3-DE2118A20827", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.2.12:*:*:*:*:*:*:*", matchCriteriaId: "3E20F814-87D4-41A5-B0A0-30AC6C6F2BB8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.3.1:*:*:*:*:*:*:*", matchCriteriaId: "82CD7F68-9569-43F4-88ED-96F9A15C065D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.3.2:*:*:*:*:*:*:*", matchCriteriaId: "D2C4C062-F816-41FE-ADAD-F994F4FA4A07", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.3.3:*:*:*:*:*:*:*", matchCriteriaId: "A07E9C56-D143-45FA-99FF-30F54A828BF6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.3.4:*:*:*:*:*:*:*", matchCriteriaId: "F406EAA7-0607-419F-97E3-7ACEC8A3FA5B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.3.5:*:*:*:*:*:*:*", matchCriteriaId: "DB9D0641-28F8-4CCB-AEC3-205409D1704A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.3.6:*:*:*:*:*:*:*", matchCriteriaId: "1ECA7B4C-8FDD-4053-B37B-E5E0969C0CB4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.3.15:*:*:*:*:*:*:*", matchCriteriaId: "D21DEFD5-EC43-496B-BBE1-C71C6055BC04", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.3.16:*:*:*:*:*:*:*", matchCriteriaId: "83150BDE-63B7-4B36-8584-E2E950E878CE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.3.27:*:*:*:*:*:*:*", matchCriteriaId: "8511927B-4297-47BA-BC02-6250BC40DF2B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.4.1:*:*:*:*:*:*:*", matchCriteriaId: "40C6D7C4-A5D9-4365-9664-EF35586925AA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.4.2:*:*:*:*:*:*:*", matchCriteriaId: "EC41A004-2029-4E22-A88F-2B93D9786B6C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.4.15:*:*:*:*:*:*:*", matchCriteriaId: "2E19F529-B25B-4B4B-879B-872D45C7C3B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.4.16:*:*:*:*:*:*:*", matchCriteriaId: "D501F5A6-4E23-4A9F-A550-37BB94691687", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.5.1:*:*:*:*:*:*:*", matchCriteriaId: "57F7D7FD-24A8-4DD4-8280-A18244059F34", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.5.2:*:*:*:*:*:*:*", matchCriteriaId: "7A7448D1-BC19-45AB-BF6F-3434F8CA2CC8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.5.3:*:*:*:*:*:*:*", matchCriteriaId: "7A057808-1BCA-4C7C-A2D9-0BD5B09D20F6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.5.4:*:*:*:*:*:*:*", matchCriteriaId: "A7D09FC0-73C5-4F7A-8013-0B0E5CC834FB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.5.5:*:*:*:*:*:*:*", matchCriteriaId: "DFA4A8AF-348D-4F90-B1CB-AE784E0A6EBE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.5.12:*:*:*:*:*:*:*", matchCriteriaId: "23A66FF7-9BAB-40DA-8B90-C3C271D7E893", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.5.52:*:*:*:*:*:*:*", matchCriteriaId: "88776859-57A0-4422-8D23-A09D64E72F63", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.6.1:*:*:*:*:*:*:*", matchCriteriaId: "6C95648D-A37A-446B-B106-12612C00A34D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.6.2:*:*:*:*:*:*:*", matchCriteriaId: "4DF31489-C029-4D4C-8401-26873FC469E3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.6.3:*:*:*:*:*:*:*", matchCriteriaId: "2F79CAFA-73B0-4589-9938-B7898071279C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.6.15:*:*:*:*:*:*:*", matchCriteriaId: "43AA14EF-3240-442E-935A-DF455FB107D7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.7.1:*:*:*:*:*:*:*", matchCriteriaId: "1807BE16-BAA9-4BC6-B98A-13D584A12821", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.7.2:*:*:*:*:*:*:*", matchCriteriaId: "375746CB-695E-4019-89C9-42ED37A5E958", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.7.21:*:*:*:*:*:*:*", matchCriteriaId: "CE7D05C0-4065-448B-AAC6-F29E379F3DA6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.8.1:*:*:*:*:*:*:*", matchCriteriaId: "D8ADA2B1-FD5A-4900-953B-30951C8EF9AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.8.2:*:*:*:*:*:*:*", matchCriteriaId: "9B4C7223-3EFB-48C2-BE22-941F60826D0C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.8.12:*:*:*:*:*:*:*", matchCriteriaId: "9A14959D-63E1-4B5A-BB7F-A9A2AF3F1137", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.8.22:*:*:*:*:*:*:*", matchCriteriaId: "4EE83701-C0B7-4ED2-866B-44B7F54FCA0F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.9.1:*:*:*:*:*:*:*", matchCriteriaId: "164B241C-397A-4921-BC5B-F928A21E91C2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.9.2:*:*:*:*:*:*:*", matchCriteriaId: "FAD3875D-D283-4961-BE31-750FDF9CDF56", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.9.21:*:*:*:*:*:*:*", matchCriteriaId: "87EF9DC5-4BE2-429D-B9BA-EF9F29E7E0F7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.10.1:*:*:*:*:*:*:*", matchCriteriaId: "BAEC28C0-8091-49F9-88D1-CB96234BF52A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.10.2:*:*:*:*:*:*:*", matchCriteriaId: "E1ED2B72-A65C-47E4-87B3-D83F29428396", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.11.1:*:*:*:*:*:*:*", matchCriteriaId: "8904CAA5-4E01-462C-AE57-067902CD95FC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:7.11.2:*:*:*:*:*:*:*", matchCriteriaId: "7750EA99-EC55-4F94-8730-18583647BBBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:24.1.1:*:*:*:*:*:*:*", matchCriteriaId: "BCE8E968-111F-4F57-93D3-E509AB540B87", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:24.1.2:*:*:*:*:*:*:*", matchCriteriaId: "B342A550-8600-45CF-8B9A-530770C9A0F4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:24.2.1:*:*:*:*:*:*:*", matchCriteriaId: "D64E1C4D-46B0-4A18-B8EE-BEA732CBF1F8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:24.2.11:*:*:*:*:*:*:*", matchCriteriaId: "11288A28-F0CF-4FEC-A0B7-3D93866F01FE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:4.4.1:*:*:*:*:*:*:*", matchCriteriaId: "E443700B-7420-4959-8781-29A961DE3144", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:4.5.1:*:*:*:*:*:*:*", matchCriteriaId: "6A41FC95-2C56-41FE-9C1B-853E7D685024", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:4.7.1:*:*:*:*:*:*:*", matchCriteriaId: "C41EF180-BDD5-459B-A3FA-3A34E34A8672", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:4.7.3:*:*:*:*:*:*:*", matchCriteriaId: "2714BDA1-C8C6-46FB-9467-8AE2E4545753", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "6E525F90-EC23-4625-9A9F-0A924D0C4D6F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "F07294F0-BDB0-426B-8C37-737C9EB4E605", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.1.2:*:*:*:*:*:*:*", matchCriteriaId: "4DF1323A-CD68-4CD9-A8D8-7966399DB432", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "3E2331E2-7ED7-49A4-93DE-A7D3D5E63CA7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.2.0.3:*:*:*:*:*:*:*", matchCriteriaId: "4FC7C531-EB15-48CB-B38E-2BA17D6637FF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.2.0.4:*:*:*:*:*:*:*", matchCriteriaId: "A6BCD116-1AE8-4DA4-9B64-B552EFF23C2C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "413626AE-64BD-4A3D-8D59-ADD65EFCCA44", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.2.1.1:*:*:*:*:*:*:*", matchCriteriaId: "3A71B27F-1A89-4E35-BA75-695DE524B4C5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.2.3.2:*:*:*:*:*:*:*", matchCriteriaId: "C6E8040D-FA4A-44BD-BD20-2A76CC6507AF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "765BBD25-32E8-486B-8380-67A5424E4943", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.3.4.3:*:*:*:*:*:*:*", matchCriteriaId: "B6CCEB57-23E8-455F-A2EC-2C4478E1CCE7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4:*:*:*:*:*:*:*", matchCriteriaId: "F53CA675-2B6A-4AF0-B47A-9CF131914D08", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.0.1:*:*:*:*:*:*:*", matchCriteriaId: "F1F1E3B6-75B4-4A65-A94C-14A5BE5D646E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.0.2:*:*:*:*:*:*:*", matchCriteriaId: "F91B24FC-A609-4EE9-8D34-CD1B299E7B31", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.1:*:*:*:*:*:*:*", matchCriteriaId: "8F4C10EB-D35C-4A89-98A8-91AE7294A704", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.1.1:*:*:*:*:*:*:*", matchCriteriaId: "802BC39C-C12B-457F-9146-6714EB3A6B65", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.2:*:*:*:*:*:*:*", matchCriteriaId: "FA6BBC9B-3CF2-4FCC-B05E-9CCFEAEB0444", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.2.1:*:*:*:*:*:*:*", matchCriteriaId: "D2DF3DDC-D4DE-4C57-A268-3F76D5C187AA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.2.2:*:*:*:*:*:*:*", matchCriteriaId: "82400920-83E5-4CEA-B82C-3565F51A8AA2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.3:*:*:*:*:*:*:*", matchCriteriaId: "2D60C892-4637-4C1D-A409-D387293148E6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.3.1:*:*:*:*:*:*:*", matchCriteriaId: "A58DBD73-7EB9-4037-9958-AB86B1B89FF2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.3.2:*:*:*:*:*:*:*", matchCriteriaId: "0B54847A-2DDA-4732-83CA-A7C5B712F8D3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.3.3:*:*:*:*:*:*:*", matchCriteriaId: "9B8EDA7A-2225-434C-92FB-46811B86E8AB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.3.4:*:*:*:*:*:*:*", matchCriteriaId: "156A30C4-43FE-4FEB-B02E-091D52219FF4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.4:*:*:*:*:*:*:*", matchCriteriaId: "CD917986-623C-40F0-9259-7C1C8DAB7FE7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.4.1:*:*:*:*:*:*:*", matchCriteriaId: "A252665A-9552-4E5A-8E2D-91367935243A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.4.2:*:*:*:*:*:*:*", matchCriteriaId: "6EEC76C9-943E-493D-8CB3-52CFF1A72B33", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.4.3:*:*:*:*:*:*:*", matchCriteriaId: "06CAC133-30EF-46B7-891A-A9BB491A28BC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.5:*:*:*:*:*:*:*", matchCriteriaId: "5F0610DF-ED6B-4CE0-B370-BBB0E304F4EA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.5.1:*:*:*:*:*:*:*", matchCriteriaId: "4B0392BF-9CE5-4100-B693-63396A0B4B43", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.5.2:*:*:*:*:*:*:*", matchCriteriaId: "AEBF62D1-DF1B-4AF6-BC49-AB9466308EB7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.6:*:*:*:*:*:*:*", matchCriteriaId: "BF057C73-364F-4F2D-962B-2AA1D85ED7AB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.7:*:*:*:*:*:*:*", matchCriteriaId: "D8DBC58D-9DCD-42A5-99D6-07D3596795A2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.4.7.1:*:*:*:*:*:*:*", matchCriteriaId: "B8E6BA26-1B17-4E73-A296-F54961B0ACF0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5:*:*:*:*:*:*:*", matchCriteriaId: "9F85FA2F-AEBF-4E2C-957E-DE7A9A1C02EF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "BB4824C6-B348-44B9-A8AD-CAC1F6A563CD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "3ABACE44-9BAE-4095-9295-91C07DBE595D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "64EB1AD9-9113-4B16-AE62-C0F0DFBEB018", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.2.2:*:*:*:*:*:*:*", matchCriteriaId: "23CE49FB-254A-4E44-B517-6C288B711F2B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.2.3:*:*:*:*:*:*:*", matchCriteriaId: "DF11B736-689B-4C7F-A1F3-CD97A094F43F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.2.4:*:*:*:*:*:*:*", matchCriteriaId: "C5D3D6E8-5143-4628-84FA-848621ADEC63", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.2.5:*:*:*:*:*:*:*", matchCriteriaId: "9A2E2B31-CB8A-4951-AF08-CFA80E8B27FD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.2.6:*:*:*:*:*:*:*", matchCriteriaId: "AC7116FF-1330-4A46-AF91-2C5D27B1318D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.2.7:*:*:*:*:*:*:*", matchCriteriaId: "AC7154C5-A846-4886-81FF-64214FED7D4D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.2.8:*:*:*:*:*:*:*", matchCriteriaId: "295C0732-456E-4F07-8A38-5957948817EC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.2.9:*:*:*:*:*:*:*", matchCriteriaId: "403FE9A9-E2A3-433E-B548-8D95651E7C3E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.2.10:*:*:*:*:*:*:*", matchCriteriaId: "C835D3D2-E6AD-440E-A2F5-082F4C99153B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.2.11:*:*:*:*:*:*:*", matchCriteriaId: "58F8CDAD-EAEC-4797-A21D-8ABF16B32475", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.2.12:*:*:*:*:*:*:*", matchCriteriaId: "4A1B0F01-0271-4BBD-9889-DEE18BAD5AF3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "B3F66603-F8EF-4CA1-9879-42E99C210BC6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "309CA68A-C1F4-439A-98D3-741935B8CC3C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "DCA46058-3BE0-4BC1-82CA-0AE53A80F3FF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.4.1:*:*:*:*:*:*:*", matchCriteriaId: "144C1FCD-2447-4E07-BD2B-871EC06354F2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "87EFD8DD-FD2B-4E0A-8303-17DB29E7F5B8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "D0FA1FB8-C19E-43D6-84A7-F897160C26A7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "B71D5A54-601E-42A0-AB91-D1E761E0744E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "3C6998BB-36BA-4810-9B71-ECA7F33E0016", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "1F3ACECC-02D8-4BC3-B078-1BADA71E1DE4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "6BA03D9B-31BC-45F5-990A-874AE3DCAA36", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "BCA19CDA-271E-4595-AD80-770B4538BA40", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6:*:*:*:*:*:*:*", matchCriteriaId: "0D050B2A-27E4-44BF-93B5-0E6BB468D7DE", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "70FC4BAB-3B19-4BCA-9D42-1B98F9838152", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "C84A3BFC-6EB7-4033-98DA-29AEBD99CC8B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "C093AC95-6AF3-4DC0-908F-ADF772E4F666", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E6E5028C-382E-4A03-9A43-F7209BD97539", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "72232584-47D2-4F3F-BFB8-1095E6724C28", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "E9443CC5-E05C-4A18-ACD9-C19B6E6418BF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "AA243285-5232-4A98-B9BE-B12CD3587FF3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.6.1:*:*:*:*:*:*:*", matchCriteriaId: "FB01732E-6DB7-412B-A637-48E0172E6C96", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "55B68999-C474-4B21-9111-3260E0F18BE4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.7.1:*:*:*:*:*:*:*", matchCriteriaId: "932CCBCA-DF46-452F-ABCB-C5C3175FA85F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.7.2:*:*:*:*:*:*:*", matchCriteriaId: "1D92B9DB-E9C5-4001-8447-5C2472688194", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.8:*:*:*:*:*:*:*", matchCriteriaId: "91C0DDE0-E180-4AE2-940A-0C89EF7DB4B2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.8.1:*:*:*:*:*:*:*", matchCriteriaId: "BC224D85-8E47-4A58-A4C9-5D41DDB9D73A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.9:*:*:*:*:*:*:*", matchCriteriaId: "199C8B23-6D39-492C-993E-6225286A0A34", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.10:*:*:*:*:*:*:*", matchCriteriaId: "A9399BB6-714F-4DEA-8ECC-2D0893B672DE", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.11:*:*:*:*:*:*:*", matchCriteriaId: "98602BBC-C114-418B-B88D-D4AD339B290A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.12:*:*:*:*:*:*:*", matchCriteriaId: "4CBD78F0-B77C-4148-A3B2-0C6016930939", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.13:*:*:*:*:*:*:*", matchCriteriaId: "B4F05686-485D-439C-BEA9-926FAB21F12E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.14:*:*:*:*:*:*:*", matchCriteriaId: "73C8D395-56A0-4566-847B-7D5C4B2C42B2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.6.14.1:*:*:*:*:*:*:*", matchCriteriaId: "D92EC730-B1F6-4EAC-BBEF-B5D9C4C85E49", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7:*:*:*:*:*:*:*", matchCriteriaId: "1145978F-E24C-47ED-84FC-2AFFBC272DD3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.1:*:*:*:*:*:*:*", matchCriteriaId: "CF994951-C059-4EE9-8591-0695A96A0BF2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.1.1:*:*:*:*:*:*:*", matchCriteriaId: "CDEC30FD-F737-4E66-9C01-95BA35514568", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.2:*:*:*:*:*:*:*", matchCriteriaId: "1CA4D17C-F749-4EB5-8286-E0E4AA44493A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "391047D2-AF48-422D-972E-F223291ABD68", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.3:*:*:*:*:*:*:*", matchCriteriaId: "A49A79FA-8AEF-44C3-8699-4CEC4D766904", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.4:*:*:*:*:*:*:*", matchCriteriaId: "19AE4D74-EC42-4B22-A797-61BDBCADF924", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.5:*:*:*:*:*:*:*", matchCriteriaId: "4BF753CA-96BE-48AD-B270-759B5A18DAF7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.5.1:*:*:*:*:*:*:*", matchCriteriaId: "9F189855-3A32-41EB-9443-FDDE4A89F5A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.6:*:*:*:*:*:*:*", matchCriteriaId: "1025F731-68B9-45AD-A241-5D1495A29BE0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.6.1:*:*:*:*:*:*:*", matchCriteriaId: "800E3600-ADCA-4E34-9577-C72D16A2066E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.6.2:*:*:*:*:*:*:*", matchCriteriaId: "705000A2-856C-4D55-8110-2CBFF703C8D7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.6.3:*:*:*:*:*:*:*", matchCriteriaId: "7C68D55F-DA33-4399-9B7D-9554BFAB406C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.7:*:*:*:*:*:*:*", matchCriteriaId: "8B622A5A-E399-41D8-8793-AFBB8EE75B99", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.8:*:*:*:*:*:*:*", matchCriteriaId: "90BA565B-2CA1-450C-B70A-674E0ADDF064", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.8.1:*:*:*:*:*:*:*", matchCriteriaId: "1D70D77E-525B-4BC6-B3AE-F8A44FEC61AB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.9:*:*:*:*:*:*:*", matchCriteriaId: "918BA5DD-7471-435D-B63B-502EB376F85C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.9.1:*:*:*:*:*:*:*", matchCriteriaId: "A0317414-CCA7-4FAC-913D-F4C00705EA57", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.10:*:*:*:*:*:*:*", matchCriteriaId: "2E065BC8-435E-4839-9567-E5FDBF661205", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.10.1:*:*:*:*:*:*:*", matchCriteriaId: "9C4FCC3F-F93C-42B2-B8D2-99BCF4DEB635", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.10.2:*:*:*:*:*:*:*", matchCriteriaId: "179C0976-C7FC-42C7-83E5-86EC9B5D532C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.11:*:*:*:*:*:*:*", matchCriteriaId: "8DCE317C-C735-42E2-9DB3-BD196BA76D78", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.12:*:*:*:*:*:*:*", matchCriteriaId: "3AC45034-E4BE-4F06-8309-E549E0D9B562", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.13:*:*:*:*:*:*:*", matchCriteriaId: "E05877D6-C2C6-41CD-A991-744D118D3002", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.14:*:*:*:*:*:*:*", matchCriteriaId: "C166F45B-D549-4923-AB36-92B3CA62CBB4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.15:*:*:*:*:*:*:*", matchCriteriaId: "C9F97DD8-908D-463E-A450-6C779654F000", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.15.1:*:*:*:*:*:*:*", matchCriteriaId: "15E92D58-E51B-4342-964F-C000BD71BF69", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.7.17:*:*:*:*:*:*:*", matchCriteriaId: "C0BE2AA5-4CF8-4D0A-B352-BE14726F3BB1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8:*:*:*:*:*:*:*", matchCriteriaId: "DAF61782-327C-4318-A4D1-DCB18CD835B0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8.1:*:*:*:*:*:*:*", matchCriteriaId: "A2E8DD03-132C-4817-B933-2407B5E0AD7D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8.2:*:*:*:*:*:*:*", matchCriteriaId: "85101BB8-0B1C-4427-8036-9010D1ECE540", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8.2.1:*:*:*:*:*:*:*", matchCriteriaId: "496BA920-9C48-421C-A57F-BE9D915AD579", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8.3:*:*:*:*:*:*:*", matchCriteriaId: "68C9ADE2-55B2-4DF0-8260-442FE5A9793E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8.4:*:*:*:*:*:*:*", matchCriteriaId: "9B88C8BB-4F6A-46A8-A497-9C60ECEE1007", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8.5:*:*:*:*:*:*:*", matchCriteriaId: "CE403468-28B3-4D77-A9D7-1EE6D76CE471", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8.6:*:*:*:*:*:*:*", matchCriteriaId: "AF76BE52-F087-4CA5-8C24-8BC2F1C97095", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8.7:*:*:*:*:*:*:*", matchCriteriaId: "D4AA8354-B5EF-4531-BAD5-DD93B2B3D4AE", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8.8:*:*:*:*:*:*:*", matchCriteriaId: "C21305D6-69A0-404F-89DC-A0E86F80E697", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8.9:*:*:*:*:*:*:*", matchCriteriaId: "CE99795F-00D9-42F4-815D-19E521082BD6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8.10:*:*:*:*:*:*:*", matchCriteriaId: "45C6B391-8090-4497-9EC9-4FD94AAC68DC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8.11:*:*:*:*:*:*:*", matchCriteriaId: "151E7ABB-C721-4D6A-B3BD-68940759E82C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8.12:*:*:*:*:*:*:*", matchCriteriaId: "FDAA2184-FAEF-4922-9BAB-852877668DBF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:5.8.13:*:*:*:*:*:*:*", matchCriteriaId: "1C051D85-8C16-491B-85A9-0FC1E145C26C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.0:*:*:*:*:*:*:*", matchCriteriaId: "12372956-7A20-41A8-99AC-681CEAF3CDC1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "068388B1-70D0-4564-A522-674DC5841A8D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.0.1.1:*:*:*:*:*:*:*", matchCriteriaId: "30FAE307-7F0B-4EE2-952C-ECC8BA23182D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.0.2:*:*:*:*:*:*:*", matchCriteriaId: "44965AAD-ED9A-4B36-B3BD-BE7847F4B792", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.0.3:*:*:*:*:*:*:*", matchCriteriaId: "9AB064EC-1DFE-4867-996A-07B5A79DCF23", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.0.4:*:*:*:*:*:*:*", matchCriteriaId: "68BF41E7-5FDF-4CC6-8FF0-CFE38F6389CD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.0.5:*:*:*:*:*:*:*", matchCriteriaId: "0F4EABC1-BBBD-4071-B2CA-907B6308860E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.0.6:*:*:*:*:*:*:*", matchCriteriaId: "A75324A4-4D55-4BB6-9339-A03043180792", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.0.7:*:*:*:*:*:*:*", matchCriteriaId: "219EC420-2380-4F9D-B82F-5CFA269775A4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.0.8:*:*:*:*:*:*:*", matchCriteriaId: "990B90E2-10A8-42EA-B4EB-F732DED56228", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.0.9:*:*:*:*:*:*:*", matchCriteriaId: "32CF825B-3833-4C72-B184-7A632EDBD44F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.0.10:*:*:*:*:*:*:*", matchCriteriaId: "BA216821-8CBB-4516-8A14-D2BCF5788370", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.0.11:*:*:*:*:*:*:*", matchCriteriaId: "1579B285-C10F-41AB-A1AD-EC5F90B20B7A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.0.12:*:*:*:*:*:*:*", matchCriteriaId: "63F2B96F-260C-4B52-B13A-062829EC9606", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1:*:*:*:*:*:*:*", matchCriteriaId: "E5D03E31-1D49-4E2C-B4D1-36C5FDEB49A8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.1:*:*:*:*:*:*:*", matchCriteriaId: "AC39C270-F394-45D7-AEF1-90B0BD79196F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.2:*:*:*:*:*:*:*", matchCriteriaId: "61F637D6-B3E9-4360-BF15-4DF0578FB44E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "49E7F783-AB7E-4AAC-AB55-2A583F12F304", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.3:*:*:*:*:*:*:*", matchCriteriaId: "88604B7A-5229-4AE0-A9CE-26807EE8462F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "FF72DE28-B9B9-4610-9134-815F9ECA91B0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "CF9E6216-ABF2-423C-AF6A-8CA2A59C727F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.4:*:*:*:*:*:*:*", matchCriteriaId: "33CE392E-4967-4642-8684-255D3F1495A7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.5:*:*:*:*:*:*:*", matchCriteriaId: "7278073E-4120-4F18-B1F2-BB7CD3906036", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.6:*:*:*:*:*:*:*", matchCriteriaId: "D43C8648-6252-4F46-83F6-2AB426B9EE0D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "9A0DC561-807C-403D-8411-10D29452B556", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.7:*:*:*:*:*:*:*", matchCriteriaId: "A9F82F88-BF9E-46F6-89EE-EF40A52AC3DD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "2BAB7B15-928C-46EE-9492-5A90F90B2AEF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.8:*:*:*:*:*:*:*", matchCriteriaId: "11EA9560-627B-481F-9D4A-50D3405EECD1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.10:*:*:*:*:*:*:*", matchCriteriaId: "D3F11CA7-FDA9-4619-8348-6D64AE7F0B6A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.11:*:*:*:*:*:*:*", matchCriteriaId: "90A9E632-E565-495C-9320-B60C0453255E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "0AF233BA-F8C3-42A4-8B4A-4B8E30D8BFA2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "88FEF411-FBD1-4325-80B7-7332404E394D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.1.12:*:*:*:*:*:*:*", matchCriteriaId: "96648453-E5C8-4918-8F41-96D42E1BFFD4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.2:*:*:*:*:*:*:*", matchCriteriaId: "450ADE1F-34F3-4D70-9751-2F5B218E4DFB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:6.2.2:*:*:*:*:*:*:*", matchCriteriaId: "A48EF6BA-EAA4-4003-AEE9-022640F2DE17", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.00.29:*:*:*:*:*:*:*", matchCriteriaId: "786614DB-8964-4884-9E0A-193C89D417D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.00.33:*:*:*:*:*:*:*", matchCriteriaId: "36B965F4-8FB6-407C-9B88-53FE29DEF602", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.01.16:*:*:*:*:*:*:*", matchCriteriaId: "AD660011-2247-4F85-BA11-1DB838506AAF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.01.17:*:*:*:*:*:*:*", matchCriteriaId: "01EFE926-5578-40D7-851D-001F16CE28A0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.01.18:*:*:*:*:*:*:*", matchCriteriaId: "743F3329-FAB7-482C-BD92-5C0C619BA53E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.01.20:*:*:*:*:*:*:*", matchCriteriaId: "12716096-EB28-4677-AAA9-53F522450BBF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.02.16:*:*:*:*:*:*:*", matchCriteriaId: "4BB289D6-3B6F-4390-A48D-1585C4D17771", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.03.15:*:*:*:*:*:*:*", matchCriteriaId: "FE174F74-9CA2-4099-9C36-62F442F17EFF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.03.16:*:*:*:*:*:*:*", matchCriteriaId: "C2A8DA1B-25AC-4720-A9F2-0F0C20FB064B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.03.17:*:*:*:*:*:*:*", matchCriteriaId: "F21E0381-D214-42C2-824D-140DC25961F3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.03.18:*:*:*:*:*:*:*", matchCriteriaId: "058A5EA8-4B92-4FC9-B7A2-2C0AD98E86F7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.03.19:*:*:*:*:*:*:*", matchCriteriaId: "4CFAA7D9-44BC-4E66-8E5C-C09077A6B9B3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.03.20:*:*:*:*:*:*:*", matchCriteriaId: "543D0D44-2738-4879-A175-B062B6DD4F49", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.03.21:*:*:*:*:*:*:*", matchCriteriaId: "29D4A2D7-7FE7-48D5-A851-AC4A182A4C74", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.03.22:*:*:*:*:*:*:*", matchCriteriaId: "74B7A5F1-31FA-4E38-BCB4-4BBA3EA043E2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.03.24:*:*:*:*:*:*:*", matchCriteriaId: "61782FA1-1755-4EDE-AEF1-242576D42D5D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.03.26:*:*:*:*:*:*:*", matchCriteriaId: "DB56C4B6-49B4-4F2D-8C9A-A2C2CEE6B08E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.03.27:*:*:*:*:*:*:*", matchCriteriaId: "2BABC34E-7579-4ABF-A67C-15E781400A9E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.03.28:*:*:*:*:*:*:*", matchCriteriaId: "274BDB13-1477-44BB-A71E-965491FE63A1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:1.0.03.29:*:*:*:*:*:*:*", matchCriteriaId: "E6D6D4EA-3873-4A3E-8226-0B2FBD91D85F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the configuration of an affected application or device. \r\n\r\nThis vulnerability is due to improper authorization checks on the API. An attacker with privileges sufficient to access the affected application or device could exploit this vulnerability by sending malicious requests to the JSON-RPC API. A successful exploit could allow the attacker to make unauthorized modifications to the configuration of the affected application or device, including creating new user accounts or elevating their own privileges on an affected system.", }, { lang: "es", value: "Una vulnerabilidad en la función API JSON-RPC en ConfD que utilizan las interfaces de administración basadas en web de Cisco Crosswork Network Services Orchestrator (NSO), Cisco Optical Site Manager y Cisco RV340 Dual WAN Gigabit VPN Routers podría permitir que un atacante remoto autenticado modifique la configuración de una aplicación o dispositivo afectado. Esta vulnerabilidad se debe a comprobaciones de autorización incorrectas en la API. Un atacante con privilegios suficientes para acceder a la aplicación o dispositivo afectado podría explotar esta vulnerabilidad enviando solicitudes maliciosas a la API JSON-RPC. Una explotación exitosa podría permitir al atacante realizar modificaciones no autorizadas a la configuración de la aplicación o dispositivo afectado, incluida la creación de nuevas cuentas de usuario o la elevación de sus propios privilegios en un sistema afectado.", }, ], id: "CVE-2024-20381", lastModified: "2024-10-08T21:43:28.757", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-09-11T17:15:12.403", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-auth-bypass-QnTEesp", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-285", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-10-05 14:29
Modified
2024-11-21 03:38
Severity ?
Summary
A vulnerability in the Cisco Network Plug and Play server component of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to gain unauthorized access to configuration data that is stored on an affected NSO system. The vulnerability exists because the Network Plug and Play component performs incomplete validation when configured to use secure unique device identifiers (SUDI) for authentication. An attacker who controls a Cisco device that supports SUDI authentication and has connectivity to an affected NSO system could exploit this vulnerability. The attacker would need to leverage information about the devices that are being registered on the NSO server to send crafted Cisco Network Plug and Play authentication packets to an affected system. A successful exploit could allow the attacker to gain unauthorized access to configuration data for devices that will be managed by the NSO system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | network_services_orchestrator | 1.2.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "90AD0D54-9C00-4441-BFF7-F93FFAF70053", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Network Plug and Play server component of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to gain unauthorized access to configuration data that is stored on an affected NSO system. The vulnerability exists because the Network Plug and Play component performs incomplete validation when configured to use secure unique device identifiers (SUDI) for authentication. An attacker who controls a Cisco device that supports SUDI authentication and has connectivity to an affected NSO system could exploit this vulnerability. The attacker would need to leverage information about the devices that are being registered on the NSO server to send crafted Cisco Network Plug and Play authentication packets to an affected system. A successful exploit could allow the attacker to gain unauthorized access to configuration data for devices that will be managed by the NSO system.", }, { lang: "es", value: "Una vulnerabilidad en el componente de servidor Cisco Network Plug and Play de Cisco Network Services Orchestrator (NSO) podría permitir a un atacante remoto no autenticado obtener acceso no autorizado a los datos de configuración que se almacenan en un sistema NSO afectado. La vulnerabilidad existe porque el componente Network Plug and Play realiza una validación incompleta cuando se configura para utilizar identificadores de dispositivo únicos y seguros (SUDI) para la autenticación. Un atacante que controle un dispositivo Cisco que soporte autenticación SUDI y tenga conectividad con un sistema NSO afectado podría explotar esta vulnerabilidad. El atacante tendría que aprovechar la información sobre los dispositivos que se están registrando en el servidor NSO para enviar paquetes de autenticación Cisco Network Plug and Play a un sistema afectado. Su explotación con éxito podría permitir al atacante obtener acceso no autorizado a los datos de configuración de los dispositivos que serán administrados por el sistema NSO.", }, ], id: "CVE-2018-0463", lastModified: "2024-11-21T03:38:17.087", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-10-05T14:29:04.247", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-nso-infodis", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-nso-infodis", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-05-15 18:15
Modified
2025-03-25 17:49
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Tail-f High Availability Cluster Communications (HCC) function pack of Cisco Crosswork Network Services Orchestrator (NSO) could allow an authenticated, local attacker to elevate privileges to root on an affected device.
This vulnerability exists because a user-controlled search path is used to locate executable files. An attacker could exploit this vulnerability by configuring the application in a way that causes a malicious file to be executed. A successful exploit could allow the attacker to execute arbitrary code on an affected device as the root user. To exploit this vulnerability, the attacker would need valid credentials on an affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | network_services_orchestrator | * | |
| cisco | network_services_orchestrator | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "2332A210-1906-4307-82E2-D146B4DDB170", versionEndExcluding: "5.0.5", versionStartIncluding: "5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "6BA7F497-6FDF-4AE9-B5C5-507BD0F9E463", versionEndExcluding: "6.0.2", versionStartIncluding: "6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Tail-f High Availability Cluster Communications (HCC) function pack of Cisco Crosswork Network Services Orchestrator (NSO) could allow an authenticated, local attacker to elevate privileges to root on an affected device.\r\n\r This vulnerability exists because a user-controlled search path is used to locate executable files. An attacker could exploit this vulnerability by configuring the application in a way that causes a malicious file to be executed. A successful exploit could allow the attacker to execute arbitrary code on an affected device as the root user. To exploit this vulnerability, the attacker would need valid credentials on an affected device.", }, { lang: "es", value: "Una vulnerabilidad en el paquete de funciones Tail-f High Availability Cluster Communications (HCC) de Cisco Crosswork Network Services Orchestrator (NSO) podría permitir a un atacante local autenticado elevar los privilegios a root en un dispositivo afectado. Esta vulnerabilidad existe porque se utiliza una ruta de búsqueda controlada por el usuario para localizar archivos ejecutables. Un atacante podría aprovechar esta vulnerabilidad configurando la aplicación de manera que provoque la ejecución de un archivo malicioso. Un exploit exitoso podría permitir al atacante ejecutar código arbitrario en un dispositivo afectado como usuario root. Para aprovechar esta vulnerabilidad, el atacante necesitaría credenciales válidas en un dispositivo afectado.", }, ], id: "CVE-2024-20366", lastModified: "2025-03-25T17:49:13.957", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-05-15T18:15:09.440", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-hcc-priv-esc-OWBWCs5D", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-hcc-priv-esc-OWBWCs5D", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-73", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-427", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-04 18:15
Modified
2024-11-21 05:44
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on an affected device. The vulnerability exists because the affected software incorrectly runs the SFTP user service at the privilege level of the account that was running when the ConfD built-in Secure Shell (SSH) server for CLI was enabled. If the ConfD built-in SSH server was not enabled, the device is not affected by this vulnerability. An attacker with low-level privileges could exploit this vulnerability by authenticating to an affected device and issuing a series of commands at the SFTP interface. A successful exploit could allow the attacker to elevate privileges to the level of the account under which ConfD is running, which is commonly root. Note: Any user who can authenticate to the built-in SSH server may exploit this vulnerability. By default, all ConfD users have this access if the server is enabled. Software updates that address this vulnerability have been released.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | confd | * | |
| cisco | confd | * | |
| cisco | network_services_orchestrator | * | |
| cisco | network_services_orchestrator | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:confd:*:*:*:*:*:*:*:*", matchCriteriaId: "00B1645F-8B9B-4B33-B059-6BD9F930B693", versionEndIncluding: "7.4.3", versionStartIncluding: "7.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:confd:*:*:*:*:*:*:*:*", matchCriteriaId: "B973E75F-7C45-4263-B5C2-1B343651F022", versionEndIncluding: "7.5.2", versionStartIncluding: "7.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "1001E8CE-2203-4ED3-A697-9504BADA32D2", versionEndIncluding: "5.4.3.1", versionStartIncluding: "5.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "692BACD6-9D45-4F71-8EE6-251DE929EC84", versionEndIncluding: "5.5.2.2", versionStartIncluding: "5.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on an affected device. The vulnerability exists because the affected software incorrectly runs the SFTP user service at the privilege level of the account that was running when the ConfD built-in Secure Shell (SSH) server for CLI was enabled. If the ConfD built-in SSH server was not enabled, the device is not affected by this vulnerability. An attacker with low-level privileges could exploit this vulnerability by authenticating to an affected device and issuing a series of commands at the SFTP interface. A successful exploit could allow the attacker to elevate privileges to the level of the account under which ConfD is running, which is commonly root. Note: Any user who can authenticate to the built-in SSH server may exploit this vulnerability. By default, all ConfD users have this access if the server is enabled. Software updates that address this vulnerability have been released.", }, { lang: "es", value: "Una vulnerabilidad en ConfD, podría permitir a un atacante local autenticado ejecutar comandos arbitrarios al nivel de la cuenta bajo la que se ejecuta ConfD, que suele ser root. Para explotar esta vulnerabilidad, un atacante debe tener una cuenta válida en un dispositivo afectado. La vulnerabilidad se presenta porque el software afectado ejecuta incorrectamente el servicio de usuario SFTP en el nivel de privilegio de la cuenta que se estaba ejecutando cuando el servidor Secure Shell (SSH) integrado de ConfD para CLI estaba habilitado. Si el servidor SSH integrado de ConfD no estaba habilitado, el dispositivo no está afectado por esta vulnerabilidad. Un atacante con privilegios de bajo nivel podría explotar esta vulnerabilidad al autenticarse en un dispositivo afectado y emitiendo una serie de comandos en la interfaz SFTP. Una explotación con éxito podría permitir al atacante elevar los privilegios al nivel de la cuenta bajo la cual se ejecuta ConfD, que es comúnmente root. Nota: Cualquier usuario que pueda autenticarse en el servidor SSH incorporado puede explotar esta vulnerabilidad. Por defecto, todos los usuarios de ConfD presentan este acceso si el servidor está habilitado. Se han publicado actualizaciones de software que solucionan esta vulnerabilidad", }, ], id: "CVE-2021-1572", lastModified: "2024-11-21T05:44:39.023", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-04T18:15:08.470", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-confd-priv-esc-LsGtCRx4", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-priv-esc-XXqRtTfT", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-confd-priv-esc-LsGtCRx4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-priv-esc-XXqRtTfT", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-266", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }