VYPR

Nx OS

by Cisco Systems, Inc.

CVEs (151)

  • CVE-2017-12342MedNov 30, 2017
    risk 0.44cvss 6.8epss 0.00

    A vulnerability in the Open Agent Container (OAC) feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and send packets outside the scope of the OAC. The vulnerability is due to insufficient internal security measures in the OAC feature.…

  • CVE-2017-12341MedNov 30, 2017
    risk 0.44cvss 6.7epss 0.01

    A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation…

  • CVE-2017-12334MedNov 30, 2017
    risk 0.44cvss 6.7epss 0.01

    A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation…

  • CVE-2017-12333MedNov 30, 2017
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. The vulnerability is due to insufficient NX-OS signature verification for software images. An authenticated, local attacker…

  • CVE-2017-12331MedNov 30, 2017
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. The vulnerability is due to insufficient NX-OS signature verification for software patches. An authenticated, local…

  • CVE-2017-12301MedOct 19, 2017
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and gain unauthorized access to the underlying operating system of the device. The vulnerability exists due to insufficient…

  • CVE-2017-6655MedJun 13, 2017
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when an FCoE-related process unexpectedly reloads. This vulnerability affects…

  • CVE-2016-6457MedNov 19, 2016
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability affects Cisco Nexus 9000…

  • CVE-2016-1454MedOct 6, 2016
    risk 0.42cvss 6.5epss 0.02

    Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug…

  • CVE-2016-1465MedJul 28, 2016
    risk 0.42cvss 6.5epss 0.01

    Cisco Nexus 1000v Application Virtual Switch (AVS) devices before 5.2(1)SV3(1.5i) allow remote attackers to cause a denial of service (ESXi hypervisor crash and purple screen) via a crafted Cisco Discovery Protocol packet that triggers an out-of-bounds memory access, aka Bug ID…

  • CVE-2017-12335MedNov 30, 2017
    risk 0.41cvss 6.3epss 0.01

    A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting…

  • CVE-2017-12330MedNov 30, 2017
    risk 0.41cvss 6.3epss 0.01

    A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this…

  • CVE-2017-12329MedNov 30, 2017
    risk 0.41cvss 6.3epss 0.01

    A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the…

  • CVE-2017-3804MedJan 26, 2017
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in Intermediate System-to-Intermediate System (IS-IS) protocol packet processing of Cisco Nexus 5000, 6000, and 7000 Series Switches software could allow an unauthenticated, adjacent attacker to cause a reload of the affected device. Switches in the FabricPath…

  • CVE-2017-12338MedNov 30, 2017
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. The vulnerability is due to insufficient input validation for a specific CLI command. An attacker could exploit this vulnerability by…

  • CVE-2011-4667MedSep 25, 2017
    risk 0.38cvss 5.9epss 0.01

    The encryption library in Cisco IOS Software 15.2(1)T, 15.2(1)T1, and 15.2(2)T, Cisco NX-OS in Cisco MDS 9222i Multiservice Modular Switch, Cisco MDS 9000 18/4-Port Multiservice Module, and Cisco MDS 9000 Storage Services Node module before 5.2(6), and Cisco IOS in Cisco VPN…

  • CVE-2017-12351MedNov 30, 2017
    risk 0.37cvss 5.7epss 0.00

    A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container. An attacker would need valid administrator credentials to perform this attack. The…

  • CVE-2017-12339MedNov 30, 2017
    risk 0.37cvss 5.7epss 0.01

    A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this…

  • CVE-2017-3879MedMar 17, 2017
    risk 0.35cvss 5.3epss 0.02

    A Denial of Service vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a process used for login to terminate unexpectedly and the login attempt to fail.…

  • CVE-2017-3878MedMar 17, 2017
    risk 0.35cvss 5.3epss 0.02

    A Denial of Service vulnerability in the Telnet remote login functionality of Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt…

Page 2 of 8