VYPR

Nexus 9000 Series Fabric Switches in ACI mode

by Cisco Systems, Inc.

CVEs (37)

  • CVE-2019-1804CriMay 3, 2019
    risk 0.64cvss 9.8epss 0.03

    A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is…

  • CVE-2019-1614HigMar 11, 2019
    risk 0.58cvss 8.8epss 0.04

    A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to incorrect input validation of user-supplied data by the NX-API subsystem. An attacker could…

  • CVE-2019-1599HigMar 7, 2019
    risk 0.57cvss 8.6epss 0.14

    A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and freeing memory buffers in the network stack.…

  • CVE-2021-1586HigAug 25, 2021
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service…

  • CVE-2019-1616HigMar 11, 2019
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Cisco Fabric…

  • CVE-2019-1598HigMar 7, 2019
    risk 0.56cvss 8.6epss 0.03

    Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service…

  • CVE-2019-1597HigMar 7, 2019
    risk 0.56cvss 8.6epss 0.03

    Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service…

  • CVE-2019-1590HigMay 3, 2019
    risk 0.53cvss 8.1epss 0.01

    A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an…

  • CVE-2019-1592HigMay 3, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. The vulnerability is due to…

  • CVE-2019-1618HigMar 11, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to execute arbitrary code as root. The vulnerability is due to an incorrect permissions setting. An attacker could exploit…

  • CVE-2019-1606HigMar 8, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI…

  • CVE-2019-1605HigMar 8, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary code as root. The vulnerability is due to incorrect input validation in the NX-API feature. An attacker could exploit this vulnerability by sending a…

  • CVE-2019-1596HigMar 7, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root. The attacker must authenticate with valid user credentials. The vulnerability is due to incorrect permissions of a…

  • CVE-2019-1593HigMar 6, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The…

  • CVE-2019-1591HigMar 6, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in a specific CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escape a restricted shell on an affected device. The vulnerability is due to insufficient sanitization of user-supplied…

  • CVE-2026-20048HigFeb 25, 2026
    risk 0.50cvss 7.7epss 0.00

    A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to…

  • CVE-2026-20033HigFeb 25, 2026
    risk 0.48cvss 7.4epss 0.00

    A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation when processing specific Ethernet…

  • CVE-2025-20111HigFeb 26, 2025
    risk 0.48cvss 7.4epss 0.00

    A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service…

  • CVE-2023-20089HigFeb 23, 2023
    risk 0.48cvss 7.4epss 0.00

    A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload…

  • CVE-2021-1228HigFeb 24, 2021
    risk 0.48cvss 7.4epss 0.00

    A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized…

Page 1 of 2