Cisco

Network Services Orchestrator

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
0

CVE-2026-20188

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 06.05.2026 16:15:37
  • Zuletzt bearbeitet 14.05.2026 17:16:19

Following the initial publication of the Security Advisory about a denial of service (DoS) condition in Cisco Crosswork Network Controller and Cisco Network Services Orchestrator (NSO), additional information has been made available to the Cisco Prod...

10

CVE-2025-32433

Warnung Medienbericht Exploit
  • EPSS 47.07%
  • Veröffentlicht 16.04.2025 21:34:37
  • Zuletzt bearbeitet 04.11.2025 14:49:05

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in S...

7.5

CVE-2021-1132

  • EPSS 0.67%
  • Veröffentlicht 18.11.2024 16:15:08
  • Zuletzt bearbeitet 05.08.2025 13:21:24

A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to access sensitive data. This vulnerability exists because the web-management...

8.8

CVE-2022-20655

  • EPSS 0.4%
  • Veröffentlicht 15.11.2024 16:15:20
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an a...

8.8

CVE-2024-20381

  • EPSS 1.48%
  • Veröffentlicht 11.09.2024 17:15:12
  • Zuletzt bearbeitet 08.10.2024 21:43:28

A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an...

7.8

CVE-2024-20326

  • EPSS 0.33%
  • Veröffentlicht 16.05.2024 14:15:08
  • Zuletzt bearbeitet 25.07.2025 14:39:47

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerabilit...

7.8

CVE-2024-20389

  • EPSS 0.11%
  • Veröffentlicht 16.05.2024 14:15:08
  • Zuletzt bearbeitet 30.07.2025 19:17:36

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerabilit...

7.8

CVE-2024-20366

  • EPSS 0.12%
  • Veröffentlicht 15.05.2024 18:15:09
  • Zuletzt bearbeitet 25.03.2025 17:49:13

A vulnerability in the Tail-f High Availability Cluster Communications (HCC) function pack of Cisco Crosswork Network Services Orchestrator (NSO) could allow an authenticated, local attacker to elevate privileges to root on an affected device. Thi...

6.1

CVE-2024-20369

  • EPSS 0.22%
  • Veröffentlicht 15.05.2024 18:15:09
  • Zuletzt bearbeitet 25.03.2025 17:44:05

A vulnerability in the web-based management interface of Cisco Crosswork Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input ...

5.5

CVE-2023-20040

  • EPSS 1.5%
  • Veröffentlicht 20.01.2023 07:15:15
  • Zuletzt bearbeitet 21.11.2024 07:40:24

A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to cause a denial of service (DoS) on an affected system that is running as the root user. To exploit this vulnerability...