Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2018-0123

Published: 08/02/2018 Updated: 09/10/2019
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:N/I:C/A:N
Subscribe to Ios Xe

Vulnerability Summary

A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow an authenticated, local malicious user to use certain diagnostic shell commands that can overwrite system files. These system files may be sensitive and should not be able to be overwritten by a user of the diagnostic shell. The vulnerability is due to lack of proper input validation for certain diagnostic shell commands. An attacker could exploit this vulnerability by authenticating to the device, entering the diagnostic shell, and providing crafted user input to commands at the local diagnostic shell CLI. Successful exploitation could allow the malicious user to overwrite system files that should be restricted. Cisco Bug IDs: CSCvg41950.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco ios xe -

cisco ios 16.7\\(1\\)

Vendor Advisories

Cisco: Cisco IOS XE Software Diagnostic Shell Path Traversal Vulnerability
A vulnerability in the diagnostic shell for Cisco IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite system files These system files may be sensitive and should not be able to be overwritten by a user of the diagnostic shell The vulnerability is due to lack of proper input val ...
HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBHF03638 rev. 4 - Intel 2019.2 IPU BIOS Security Updates
Multiple security vulnerabilities have been identified by Intel Intel is releasing updates for BIOS, Voltage Modulation, Intel Processor Graphics, Intel SGX, Intel SGX and Intel TXT, Intel SGX and Intel Processor Graphics, Intel Trusted Execution Technology (TXT), Intel System Management Mode (SMM), Intel CPU Local Privilege Escalation, TSX Asynch ...
HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBHF03638 rev. 4 - Intel 2019.2 IPU BIOS Security Updates
Multiple security vulnerabilities have been identified by Intel Intel is releasing updates for BIOS, Voltage Modulation, Intel Processor Graphics, Intel SGX, Intel SGX and Intel TXT, Intel SGX and Intel Processor Graphics, Intel Trusted Execution Technology (TXT), Intel System Management Mode (SMM), Intel CPU Local Privilege Escalation, TSX Asynch ...

References

CWE-22https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-ioshttp://www.securitytracker.com/id/1040346http://www.securityfocus.com/bid/102967https://nvd.nist.govhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-ios
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761command injectionCVE-2024-3676IDORCVE-2024-30039CVE-2024-32113CVE-2024-30049CVE-2024-4776SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook