Cisco Confd Basic vulnerabilities
3 known vulnerabilities affecting cisco/confd_basic.
Total CVEs
3
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2025-32433CRITICALCVSS 10.0KEVPoCfixed in 7.7.19.1≥ 8.0.18, < 8.1.16.2+3 more2025-04-16
CVE-2025-32433 [CRITICAL] CWE-306 CVE-2025-32433: Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3,
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems a
nvd
CVE-2024-20326HIGHCVSS 7.8v7.1.7v7.8.3+12 more2024-05-16
CVE-2024-20326 [HIGH] CWE-78 CVE-2024-20326: A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could al
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system.
This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exp
nvd
CVE-2024-20389HIGHCVSS 7.8v8.0.112024-05-16
CVE-2024-20389 [HIGH] CWE-266 CVE-2024-20389: A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could al
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system.
This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could ex
nvd