VYPR

Iox

by Cisco Systems, Inc.

CVEs (26)

  • CVE-2017-3853CriMar 22, 2017
    risk 0.64cvss 9.8epss 0.09

    A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an…

  • CVE-2017-3852HigMar 22, 2017
    risk 0.53cvss 8.1epss 0.03

    A vulnerability in the Cisco application-hosting framework (CAF) component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device. The vulnerability is due…

  • CVE-2017-3851HigMar 22, 2017
    risk 0.49cvss 7.5epss 0.05

    A Directory Traversal vulnerability in the web framework code of the Cisco application-hosting framework (CAF) component of the Cisco IOx application environment could allow an unauthenticated, remote attacker to read any file from the CAF in the virtual instance running on the…

  • CVE-2016-9199MedDec 14, 2016
    risk 0.42cvss 6.5epss 0.03

    A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. Affected Products: This vulnerability affects specific releases of the Cisco IOx subsystem of Cisco IOS and…

  • CVE-2017-3805MedJan 26, 2017
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in the web-based management interface of Cisco IOS and Cisco IOx Software could allow an unauthenticated, remote attacker to view confidential information that is displayed without authenticating to the device. Affected Products: This vulnerability affects Cisco…

  • CVE-2021-1384Mar 24, 2021
    risk 0.01cvss epss 0.35

    A vulnerability in Cisco IOx application hosting environment of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands into the underlying operating system as the root user. This vulnerability is due to incomplete validation of fields in the…

  • CVE-2023-20235Oct 4, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the on-device application development workflow feature for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an authenticated, remote attacker to access the underlying operating system as the root user. This vulnerability…

  • CVE-2023-20065Mar 23, 2023
    risk 0.00cvss epss 0.00

    A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An…

  • CVE-2023-20076Feb 12, 2023
    risk 0.00cvss epss 0.02

    A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for…

  • CVE-2022-20720Apr 15, 2022
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install…

  • CVE-2022-20721Apr 15, 2022
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install…

  • CVE-2022-20722Apr 15, 2022
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install…

  • CVE-2022-20723Apr 15, 2022
    risk 0.00cvss epss 0.02

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install…

  • CVE-2022-20724Apr 15, 2022
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install…

  • CVE-2022-20725Apr 15, 2022
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install…

  • CVE-2022-20726Apr 15, 2022
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install…

  • CVE-2022-20727Apr 15, 2022
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install…

  • CVE-2022-20677Apr 15, 2022
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install…

  • CVE-2022-20718Apr 15, 2022
    risk 0.00cvss epss 0.02

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install…

  • CVE-2022-20719Apr 15, 2022
    risk 0.00cvss epss 0.03

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install…

Page 1 of 2