VYPR

Nexus 7000 and 7700 Series Switches

by Cisco Systems, Inc.

CVEs (10)

  • CVE-2017-12341MedNov 30, 2017
    risk 0.44cvss 6.7epss 0.01

    A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation…

  • CVE-2017-12333MedNov 30, 2017
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. The vulnerability is due to insufficient NX-OS signature verification for software images. An authenticated, local attacker…

  • CVE-2017-12331MedNov 30, 2017
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. The vulnerability is due to insufficient NX-OS signature verification for software patches. An authenticated, local…

  • CVE-2017-12301MedOct 19, 2017
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and gain unauthorized access to the underlying operating system of the device. The vulnerability exists due to insufficient…

  • CVE-2017-12335MedNov 30, 2017
    risk 0.41cvss 6.3epss 0.01

    A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting…

  • CVE-2017-12330MedNov 30, 2017
    risk 0.41cvss 6.3epss 0.01

    A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this…

  • CVE-2017-12339MedNov 30, 2017
    risk 0.37cvss 5.7epss 0.01

    A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this…

  • CVE-2017-12332MedNov 30, 2017
    risk 0.29cvss 4.4epss 0.00

    A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this…

  • CVE-2017-12340MedNov 30, 2017
    risk 0.27cvss 4.2epss 0.00

    A vulnerability in Cisco NX-OS System Software running on Cisco MDS Multilayer Director Switches, Cisco Nexus 7000 Series Switches, and Cisco Nexus 7700 Series Switches could allow an authenticated, local attacker to access the Bash shell of an affected device's operating…

  • CVE-2019-1600Mar 7, 2019
    risk 0.00cvss epss 0.00

    A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive information that is stored in the file system of an affected system. The vulnerability is due to improper…