VYPR

Nexus 9000 Series Fabric Switches in ACI mode

by Cisco Systems, Inc.

CVEs (31)

  • CVE-2019-1804CriMay 3, 2019
    risk 0.64cvss 9.8epss 0.03

    A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is…

  • CVE-2019-1614HigMar 11, 2019
    risk 0.58cvss 8.8epss 0.04

    A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to incorrect input validation of user-supplied data by the NX-API subsystem. An attacker could…

  • CVE-2019-1599HigMar 7, 2019
    risk 0.57cvss 8.6epss 0.14

    A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and freeing memory buffers in the network stack.…

  • CVE-2019-1616HigMar 11, 2019
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Cisco Fabric…

  • CVE-2019-1598HigMar 7, 2019
    risk 0.56cvss 8.6epss 0.03

    Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service…

  • CVE-2019-1597HigMar 7, 2019
    risk 0.56cvss 8.6epss 0.03

    Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service…

  • CVE-2019-1590HigMay 3, 2019
    risk 0.53cvss 8.1epss 0.01

    A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an…

  • CVE-2019-1592HigMay 3, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. The vulnerability is due to…

  • CVE-2019-1618HigMar 11, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to execute arbitrary code as root. The vulnerability is due to an incorrect permissions setting. An attacker could exploit…

  • CVE-2019-1606HigMar 8, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI…

  • CVE-2019-1605HigMar 8, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary code as root. The vulnerability is due to incorrect input validation in the NX-API feature. An attacker could exploit this vulnerability by sending a…

  • CVE-2019-1596HigMar 7, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root. The attacker must authenticate with valid user credentials. The vulnerability is due to incorrect permissions of a…

  • CVE-2019-1593HigMar 6, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The…

  • CVE-2019-1591HigMar 6, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in a specific CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escape a restricted shell on an affected device. The vulnerability is due to insufficient sanitization of user-supplied…

  • CVE-2026-20048HigFeb 25, 2026
    risk 0.50cvss 7.7epss 0.00

    A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to…

  • CVE-2026-20033HigFeb 25, 2026
    risk 0.48cvss 7.4epss 0.00

    A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation when processing specific Ethernet…

  • CVE-2019-1617HigMar 11, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port Virtualization (NPV) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to an incorrect…

  • CVE-2019-1594HigMar 6, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the 802.1X implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation of Extensible Authentication…

  • CVE-2019-1836HigMay 3, 2019
    risk 0.46cvss 7.1epss 0.00

    A vulnerability in the system shell for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to use symbolic links to overwrite system files. These system files may be sensitive and should not be…

  • CVE-2026-20171MedMay 20, 2026
    risk 0.44cvss 6.8epss 0.00

    A vulnerability in the Border Gateway Protocol (BGP) enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to trigger BGP peer flaps, resulting in a…

Page 1 of 2