Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco iox - vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2020-3396
A vulnerability in the file system on the pluggable USB 3.0 Solid State Drive (SSD) for Cisco IOS XE Software could allow an authenticated, physical malicious user to remove the USB 3.0 SSD and modify sensitive areas of the file system, including the namespace container protectio...
Cisco Ios Xe 16.12.1
6.7
CVSSv3
CVE-2022-20727
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an malicious user to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install appl...
Cisco Ios 15.6\\(2\\)t3
Cisco Ios 15.6\\(1\\)t2
Cisco Ios 15.6\\(2\\)t1
Cisco Ios 15.6\\(3\\)m1
Cisco Ios 15.6\\(3\\)m3
Cisco Ios 15.7\\(3\\)m
Cisco Ios 15.6\\(3\\)m2a
Cisco Ios Xe 16.6.1
Cisco Ios 15.6\\(2\\)t2
Cisco Ios 15.6\\(1\\)t1
Cisco Ios 15.6\\(3\\)m1b
Cisco Ios 15.6\\(3\\)m
Cisco Ios 15.6\\(2\\)t
Cisco Ios 15.6\\(3\\)m0a
Cisco Ios Xe 16.4.1
Cisco Ios 15.6\\(3\\)m2
Cisco Ios Xe 16.3.1
Cisco Ios 15.2\\(5\\)e1
Cisco Ios Xe 16.3.1a
Cisco Ios Xe 16.3.2
Cisco Ios Xe 16.3.3
Cisco Ios 15.6\\(1\\)t3
6.7
CVSSv3
CVE-2022-20677
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an malicious user to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install appl...
Cisco Ios 17.6.1
6.7
CVSSv3
CVE-2019-12670
A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker within the IOx Guest Shell to modify the namespace container protections on an affected device. The vulnerability is due to insufficient file permissions. An attacker could exp...
Cisco Ios 16.10.1
6.6
CVSSv3
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 up to and including 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the tar...
Apache Log4j 2.0
Apache Log4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Primavera Gateway
Oracle Retail Assortment Planning 16.0.3
Oracle Primavera Unifier 21.12
Oracle Primavera P6 Enterprise Project Portfolio Management 21.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera Gateway 21.12.0
Oracle Retail Fiscal Management 14.2
Oracle Siebel Ui Framework 21.12
Oracle Communications Diameter Signaling Router
Cisco Cloudcenter 4.10.0.16
Fedoraproject Fedora 34
Fedoraproject Fedora 35
34 Github repositories
4 Articles
6.5
CVSSv3
CVE-2021-1385
A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote malicious user to conduct directory traversal attacks and read and write files on the underlying operating system or host system. This vulnerability o...
Cisco Ios Xe 16.12.1
Cisco Ios Xe 16.11.1
Cisco Ios Xe 17.1.1
Cisco Ios Xe 16.11.1a
Cisco Ios Xe 16.12.1c
Cisco Ios Xe 16.12.1t
Cisco Ios Xe 16.11.2
Cisco Ios Xe 16.12.1s
Cisco Ios Xe 16.12.1a
Cisco Ios Xe 16.12.1x
Cisco Ios Xe 16.11.1c
Cisco Ios Xe 16.11.1b
Cisco Ios Xe 16.11.1s
Cisco Ios Xe 16.12.1w
Cisco Ios Xe 16.12.1y
Cisco Ios Xe 16.12.2
Cisco Ios 15.8\\(3\\)m3
Cisco Ios 15.8\\(3\\)m2a
Cisco Ios 15.9\\(3\\)m
Cisco Ios Xe 16.12.2a
Cisco Ios Xe 16.12.4
Cisco Ios 15.8\\(3\\)m4
6.5
CVSSv3
CVE-2016-9199
A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authenticated, remote malicious user to read arbitrary files on a targeted system. Affected Products: This vulnerability affects specific releases of the Cisco IOx subsystem of Cisco IOS ...
Cisco Iox 1.1.0
6.5
CVSSv3
CVE-2016-6410
The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuy19856.
Cisco Ios 15.5\\(2\\)t
6.5
CVSSv3
CVE-2016-6412
The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows man-in-the-middle malicious users to trigger arbitrary downloads via crafted HTTP headers, aka Bug ID CSCuz84773.
Cisco Ios 15.6\\(1\\)t1
6.5
CVSSv3
CVE-2016-6405
Cisco Fog Director 1.0(0) for IOx allows remote authenticated users to bypass intended access restrictions and write to arbitrary files via the Cartridge interface, aka Bug ID CSCuz89368.
Cisco Fog Director 1.0\\(0\\)
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »