NX-OS Software
CVEs (136)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-0301 | Cri | 0.65 | 9.8 | 0.18 | Jun 20, 2018 | A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow. The vulnerability is due to incorrect input validation in the… | ||
| CVE-2021-1361 | Cri | 0.64 | 9.8 | 0.02 | Feb 24, 2021 | A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create,… | ||
| CVE-2018-0314 | Cri | 0.64 | 9.8 | 0.06 | Jun 20, 2018 | A vulnerability in the Cisco Fabric Services (CFS) component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability exists because the affected software insufficiently… | ||
| CVE-2018-0312 | Cri | 0.64 | 9.8 | 0.06 | Jun 20, 2018 | A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because… | ||
| CVE-2018-0308 | Cri | 0.64 | 9.8 | 0.06 | Jun 20, 2018 | A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability exists because the affected software… | ||
| CVE-2018-0304 | Cri | 0.64 | 9.8 | 0.09 | Jun 20, 2018 | A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to read sensitive memory content, create a denial of service (DoS) condition, or execute arbitrary code as root. The… | ||
| CVE-2022-20650 | Hig | 0.58 | 8.8 | 0.15 | Feb 23, 2022 | A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation of user supplied data that is sent to the NX-API. An attacker… | ||
| CVE-2018-0293 | Hig | 0.58 | 8.8 | 0.05 | Jun 20, 2018 | A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device.… | ||
| CVE-2022-20824 | Hig | 0.57 | 8.8 | 0.00 | Aug 25, 2022 | A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This… | ||
| CVE-2022-20624 | Hig | 0.57 | 8.6 | 0.12 | Feb 23, 2022 | A vulnerability in the Cisco Fabric Services over IP (CFSoIP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of incoming… | ||
| CVE-2022-20623 | Hig | 0.57 | 8.6 | 0.12 | Feb 23, 2022 | A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device. This vulnerability is… | ||
| CVE-2021-1368 | Hig | 0.57 | 8.8 | 0.00 | Feb 24, 2021 | A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an… | ||
| CVE-2020-3415 | Hig | 0.57 | 8.8 | 0.01 | Aug 27, 2020 | A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to… | ||
| CVE-2020-3217 | Hig | 0.57 | 8.8 | 0.01 | Jun 3, 2020 | A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a denial of… | ||
| CVE-2020-3172 | Hig | 0.57 | 8.8 | 0.02 | Feb 26, 2020 | A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability… | ||
| CVE-2019-1901 | Hig | 0.57 | 8.8 | 0.01 | Jul 31, 2019 | A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code… | ||
| CVE-2019-1599 | Hig | 0.57 | 8.6 | 0.14 | Mar 7, 2019 | A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and freeing memory buffers in the network stack.… | ||
| CVE-2018-0395 | Hig | 0.57 | 8.8 | 0.01 | Oct 17, 2018 | A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when the device unexpectedly reloads. The vulnerability is… | ||
| CVE-2018-0303 | Hig | 0.57 | 8.8 | 0.01 | Jun 21, 2018 | A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability… | ||
| CVE-2018-0330 | Hig | 0.57 | 8.8 | 0.03 | Jun 20, 2018 | A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly… |
- risk 0.65cvss 9.8epss 0.18
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow. The vulnerability is due to incorrect input validation in the…
- risk 0.64cvss 9.8epss 0.02
A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create,…
- risk 0.64cvss 9.8epss 0.06
A vulnerability in the Cisco Fabric Services (CFS) component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability exists because the affected software insufficiently…
- risk 0.64cvss 9.8epss 0.06
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because…
- risk 0.64cvss 9.8epss 0.06
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability exists because the affected software…
- risk 0.64cvss 9.8epss 0.09
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to read sensitive memory content, create a denial of service (DoS) condition, or execute arbitrary code as root. The…
- risk 0.58cvss 8.8epss 0.15
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation of user supplied data that is sent to the NX-API. An attacker…
- risk 0.58cvss 8.8epss 0.05
A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device.…
- risk 0.57cvss 8.8epss 0.00
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This…
- risk 0.57cvss 8.6epss 0.12
A vulnerability in the Cisco Fabric Services over IP (CFSoIP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of incoming…
- risk 0.57cvss 8.6epss 0.12
A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device. This vulnerability is…
- risk 0.57cvss 8.8epss 0.00
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an…
- risk 0.57cvss 8.8epss 0.01
A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to…
- risk 0.57cvss 8.8epss 0.01
A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a denial of…
- risk 0.57cvss 8.8epss 0.02
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability…
- risk 0.57cvss 8.8epss 0.01
A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code…
- risk 0.57cvss 8.6epss 0.14
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and freeing memory buffers in the network stack.…
- risk 0.57cvss 8.8epss 0.01
A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when the device unexpectedly reloads. The vulnerability is…
- risk 0.57cvss 8.8epss 0.01
A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability…
- risk 0.57cvss 8.8epss 0.03
A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly…
Page 1 of 7