cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-1132,https://securityvulnerability.io/vulnerability/CVE-2021-1132,Cisco NSO Vulnerability Allows Unauthenticated Access to Sensitive Data,"A vulnerability in the API subsystem and web-management interface of Cisco Network Services Orchestrator (NSO) enables an unauthenticated remote attacker to potentially access sensitive data. This issue arises from inadequate validation of user-supplied input in specific HTTP-based APIs and the web-management interface. Attackers can exploit this vulnerability by sending specially crafted HTTP requests containing directory traversal sequences to the affected system. Successfully executing such an attack could grant unauthorized access to files that contain sensitive information. Cisco has provided software updates to mitigate this issue, and no alternative workarounds are available.",Cisco,Cisco Network Services Orchestrator,5.3,MEDIUM,0.0005799999926239252,false,false,false,false,,false,false,2024-11-18T15:42:08.936Z,0
CVE-2022-20655,https://securityvulnerability.io/vulnerability/CVE-2022-20655,Command Injection Vulnerability in ConfD Could Allow Authenticated Attacker to Execute Arbitrary Commands with Root Privileges,"An issue within the command line interface (CLI) implementation in Cisco's ConfD can allow authenticated, local attackers to conduct command injection attacks. This vulnerability stems from insufficient validation of process arguments, enabling an attacker to inject malicious commands during execution. Successfully exploiting this vulnerability can lead to the execution of arbitrary commands on the underlying operating system with the same privileges as ConfD, often equivalent to root access, thereby posing severe risks to system security and integrity.",Cisco,"Cisco iOS Xr Software,Cisco Virtual Topology System (vts),Cisco Network Services Orchestrator,Cisco Enterprise Nfv Infrastructure Software,Cisco Catalyst Sd-wan,Cisco Catalyst Sd-wan Manager,Cisco iOS Xe Catalyst Sd-wan,Cisco Sd-wan Vedge Router,Cisco Ultra Gateway Platform,Cisco Carrier Packet Transport",8.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-11-15T15:56:42.927Z,0
CVE-2024-20381,https://securityvulnerability.io/vulnerability/CVE-2024-20381,Cisco ConfD JSON-RPC API Vulnerability Could Allow Remote Authenticated Attacker to Modify Configuration,"A vulnerability exists in the JSON-RPC API feature of Cisco's Crosswork Network Services Orchestrator and ConfD, utilized by the management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers. This vulnerability arises from improper authorization checks, allowing an authenticated remote attacker to exploit the API by sending malicious requests. A successful attack may enable the attacker to modify the configurations of affected applications or devices, potentially leading to unauthorized changes such as creating new user accounts or elevating privileges within the system.",Cisco,"Cisco iOS Xr Software,Cisco Network Services Orchestrator,Cisco Small Business Rv Series Router Firmware",8.8,HIGH,0.0005000000237487257,false,false,false,false,,false,false,2024-09-11T16:38:42.096Z,0
CVE-2024-20389,https://securityvulnerability.io/vulnerability/CVE-2024-20389,Arbitrary File Read and Write Vulnerability in Cisco ConfD and Crosswork Network Services Orchestrator CLI,"A vulnerability exists in the ConfD CLI and Cisco Crosswork Network Services Orchestrator CLI, allowing a local, authenticated attacker with low privileges to manipulate arbitrary files on the operating system. This issue arises from improper authorization enforcement when certain command-line interface (CLI) commands are executed. By utilizing crafted command arguments, an attacker can exploit this vulnerability to read or write files with root user privileges, potentially leading to unauthorized access or system compromise.",Cisco,"Cisco Confd,Cisco Confd Basic,Cisco Network Services Orchestrator",7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-16T14:08:21.745Z,0
CVE-2024-20326,https://securityvulnerability.io/vulnerability/CVE-2024-20326,Arbitrary File Read and Write Vulnerability in Cisco ConfD and Crosswork Network Services Orchestrator CLI,"A vulnerability exists in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI, enabling an authenticated, low-privileged local attacker to gain unauthorized access to critical files on the underlying operating system. The issue arises from improper authorization enforcement associated with certain CLI commands, allowing for crafted command arguments to circumvent security measures. Consequently, this could lead to unauthorized reading or writing of arbitrary files with root user privileges, posing significant risks to system integrity and confidentiality.",Cisco,"Cisco Confd,Cisco Confd Basic,Cisco Network Services Orchestrator",7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-16T14:08:18.634Z,0
CVE-2024-20366,https://securityvulnerability.io/vulnerability/CVE-2024-20366,Cisco NSO Vulnerability Allows Elevation of Privileges,"A vulnerability exists within the Tail-f High Availability Cluster Communications function pack of Cisco's Crosswork Network Services Orchestrator, which permits an authenticated local attacker to elevate privileges to root on the affected devices. This security flaw arises due to a user-controlled search path utilized for locating executable files. An attacker exploiting this vulnerability could manipulate the application configuration to trigger the execution of a malicious file. Successful exploitation enables the attacker to run arbitrary code on the affected device as a root user, requiring prior valid credentials. Thus, the impacted environment should be closely monitored and fortified against such attacks.",Cisco,Cisco Network Services Orchestrator,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-15T17:25:09.258Z,0
CVE-2024-20369,https://securityvulnerability.io/vulnerability/CVE-2024-20369,Cisco NSO Vulnerability: Unauthenticated Remote Redirection to Malicious Website,"A vulnerability in the web-based management interface of Cisco Crosswork Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.

 This vulnerability is due to improper input validation of a parameter in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website.",Cisco,Cisco Network Services Orchestrator,4.7,MEDIUM,0.0006099999882280827,false,false,false,false,,false,false,2024-05-15T17:23:34.938Z,0
CVE-2023-20040,https://securityvulnerability.io/vulnerability/CVE-2023-20040,,"A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to cause a denial of service (DoS) on an affected system that is running as the root user. To exploit this vulnerability, the attacker must be a member of the admin group.
 This vulnerability exists because user-supplied input is not properly validated when NETCONF is used to upload packages to an affected device. An attacker could exploit this vulnerability by uploading a specially crafted package file. A successful exploit could allow the attacker to write crafted files to arbitrary locations on the filesystem or delete arbitrary files from the filesystem of an affected device, resulting in a DoS condition. 
 Note: By default, during install, Cisco NSO will be set up to run as the root user unless the --run-as-user option is used.",Cisco,Cisco Network Services Orchestrator,5.5,MEDIUM,0.0010900000343099236,false,false,false,false,,false,false,2023-01-20T07:15:00.000Z,0
CVE-2020-3362,https://securityvulnerability.io/vulnerability/CVE-2020-3362,Cisco Network Services Orchestrator Information Disclosure Vulnerability,"A vulnerability in the CLI of Cisco Network Services Orchestrator (NSO) could allow an authenticated, local attacker to access confidential information on an affected device. The vulnerability is due to a timing issue in the processing of CLI commands. An attacker could exploit this vulnerability by executing a specific sequence of commands on the CLI. A successful exploit could allow the attacker to read configuration information that would normally be accessible to administrators only.",Cisco,Cisco Network Services Orchestrator,4.7,MEDIUM,0.0004199999966658652,false,false,false,true,,false,false,2020-06-18T03:15:00.000Z,0
CVE-2018-0463,https://securityvulnerability.io/vulnerability/CVE-2018-0463,Cisco Network Services Orchestrator Network Plug and Play Information Disclosure Vulnerability,"A vulnerability in the Cisco Network Plug and Play server component of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to gain unauthorized access to configuration data that is stored on an affected NSO system. The vulnerability exists because the Network Plug and Play component performs incomplete validation when configured to use secure unique device identifiers (SUDI) for authentication. An attacker who controls a Cisco device that supports SUDI authentication and has connectivity to an affected NSO system could exploit this vulnerability. The attacker would need to leverage information about the devices that are being registered on the NSO server to send crafted Cisco Network Plug and Play authentication packets to an affected system. A successful exploit could allow the attacker to gain unauthorized access to configuration data for devices that will be managed by the NSO system.",Cisco,Cisco Network Services Orchestrator,7.5,HIGH,0.003100000089034438,false,false,false,false,,false,false,2018-10-05T14:29:00.000Z,0
CVE-2018-0274,https://securityvulnerability.io/vulnerability/CVE-2018-0274,,"A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting malicious arguments into vulnerable commands. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected system. This vulnerability affects the following releases of Cisco Network Services Orchestrator (NSO): 4.1 through 4.1.6.0, 4.2 through 4.2.4.0, 4.3 through 4.3.3.0, 4.4 through 4.4.2.0. Cisco Bug IDs: CSCvf99982.",Cisco,Cisco Network Services Orchestrator Unknown,8.8,HIGH,0.0010100000072270632,false,false,false,false,,false,false,2018-06-07T12:00:00.000Z,0