VYPR

Nx OS

by Cisco Systems, Inc.

CVEs (151)

  • CVE-2014-3330Aug 11, 2014
    risk 0.00cvss epss 0.02

    Cisco NX-OS 6.1(2)I2(1) on Nexus 9000 switches does not properly process packet-drop policy checks for logged packets, which allows remote attackers to bypass intended access restrictions via a flood of packets matching a policy that contains the log keyword, aka Bug ID…

  • CVE-2014-3295Jun 14, 2014
    risk 0.00cvss epss 0.01

    The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authentication and cause a denial of service (group-member state modification and traffic blackholing) via malformed HSRP packets, aka Bug ID CSCup11309.

  • CVE-2014-3261May 26, 2014
    risk 0.00cvss epss 0.02

    Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices, NX-OS 4.1 before 4.1(2)E1(1l) on Nexus 4000 devices, NX-OS 5.x before…

  • CVE-2014-2201May 26, 2014
    risk 0.00cvss epss 0.02

    The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bug ID…

  • CVE-2014-2200May 26, 2014
    risk 0.00cvss epss 0.01

    Cisco NX-OS 5.0 before 5.0(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via an SSH session to a management interface, aka Bug ID CSCti11629.

  • CVE-2013-1191May 26, 2014
    risk 0.00cvss epss 0.02

    Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted SSH key data in an SSH session to a management interface, aka Bug ID CSCud88400.

  • CVE-2013-6975May 20, 2014
    risk 0.00cvss epss 0.01

    Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and earlier allows local users to read arbitrary files via unspecified input, aka Bug ID CSCul05217.

  • CVE-2014-0684May 7, 2014
    risk 0.00cvss epss 0.00

    Cisco NX-OS 6.2(2) on Nexus 7000 switches allows local users to cause a denial of service via crafted sed input, aka Bug ID CSCui56136.

  • CVE-2014-0677Jan 22, 2014
    risk 0.00cvss epss 0.02

    The Label Distribution Protocol (LDP) functionality in Cisco NX-OS allows remote attackers to cause a denial of service (temporary LDP session outage) via LDP discovery traffic containing malformed Hello messages, aka Bug ID CSCul88851.

  • CVE-2014-0676Jan 22, 2014
    risk 0.00cvss epss 0.00

    Cisco NX-OS allows local users to bypass intended TACACS+ command restrictions via a series of multiple commands, aka Bug ID CSCum47367.

  • CVE-2013-6982Jan 8, 2014
    risk 0.00cvss epss 0.03

    The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not properly handle the interaction of UPDATE messages with IPv6, VPNv4, and VPNv6 labeled unicast-address families, which allows remote attackers to cause a denial of service (peer reset) via a crafted message, aka…

  • CVE-2012-4135Dec 21, 2013
    risk 0.00cvss epss 0.00

    Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and earlier allows local users to access arbitrary files via crafted command-line arguments during a delete action, aka Bug IDs CSCty07270, CSCty07271, CSCty07273, and CSCty07275.

  • CVE-2012-4131Dec 21, 2013
    risk 0.00cvss epss 0.01

    Directory traversal vulnerability in tar in Cisco NX-OS allows local users to access arbitrary files via crafted command-line arguments, aka Bug IDs CSCty07157, CSCty07159, CSCty07162, and CSCty07164.

  • CVE-2013-6683Nov 13, 2013
    risk 0.00cvss epss 0.01

    The IPv6 implementation in Cisco NX-OS does not properly handle neighbor-table adjacencies, which allows remote attackers to cause a denial of service (NS processing outage) via a series of malformed packets, aka Bug ID CSCtd15904.

  • CVE-2013-5566Nov 8, 2013
    risk 0.00cvss epss 0.02

    Cisco NX-OS 5.0 and earlier on MDS 9000 devices allows remote attackers to cause a denial of service (supervisor CPU consumption) via Authentication Header (AH) authentication in a Virtual Router Redundancy Protocol (VRRP) frame, aka Bug ID CSCte27874.

  • CVE-2012-4121Oct 14, 2013
    risk 0.00cvss epss 0.00

    Cisco NX-OS allows local users to gain privileges, and read or modify arbitrary files, via the sed (1) r and (2) w commands, aka Bug IDs CSCts56559, CSCts56565, CSCts56570, and CSCts56574.

  • CVE-2012-4099Oct 14, 2013
    risk 0.00cvss epss 0.02

    The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service (BGP service reset and resync) via a malformed UPDATE message, aka Bug ID CSCtn13065.

  • CVE-2012-4097Oct 14, 2013
    risk 0.00cvss epss 0.02

    The BGP implementation in Cisco NX-OS does not properly filter segment types in AS paths, which allows remote attackers to cause a denial of service (BGP service reset) via a malformed UPDATE message, aka Bug ID CSCtn13043.

  • CVE-2012-4077Oct 14, 2013
    risk 0.00cvss epss 0.00

    Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via the sed e option, aka Bug IDs CSCtf25457 and CSCtf27651.

  • CVE-2012-4076Oct 14, 2013
    risk 0.00cvss epss 0.00

    Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in a command that calls the system library function, aka Bug IDs CSCtf23559 and CSCtf27780.

Page 6 of 8