VYPR

NX-OS Software

by Cisco Systems, Inc.

CVEs (136)

  • CVE-2019-1611MedMar 11, 2019
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed…

  • CVE-2019-1610MedMar 11, 2019
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI…

  • CVE-2019-1608MedMar 8, 2019
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI…

  • CVE-2018-0294MedJun 20, 2018
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not…

  • CVE-2017-12301MedOct 19, 2017
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and gain unauthorized access to the underlying operating system of the device. The vulnerability exists due to insufficient…

  • CVE-2020-3120MedFeb 5, 2020
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.…

  • CVE-2019-1732MedMay 15, 2019
    risk 0.42cvss 6.4epss 0.00

    A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use (TOCTOU) race condition to corrupt local variables, which could lead to…

  • CVE-2018-0331MedJun 21, 2018
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability…

  • CVE-2018-0291MedJun 20, 2018
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper…

  • CVE-2019-1729MedMay 15, 2019
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. These file overwrites by the attacker are…

  • CVE-2021-1591MedAug 25, 2021
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the EtherChannel port subscription logic of Cisco Nexus 9500 Series Switches could allow an unauthenticated, remote attacker to bypass access control list (ACL) rules that are configured on an affected device. This vulnerability is due to oversubscription of…

  • CVE-2021-1229MedFeb 24, 2021
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in ICMP Version 6 (ICMPv6) processing in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a slow system memory leak, which over time could lead to a denial of service (DoS) condition. This vulnerability is due to improper error…

  • CVE-2021-1389MedFeb 4, 2021
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the IPv6 traffic processing of Cisco IOS XR Software and Cisco NX-OS Software for certain Cisco devices could allow an unauthenticated, remote attacker to bypass an IPv6 access control list (ACL) that is configured for an interface of an affected device. The…

  • CVE-2025-20290MedAug 27, 2025
    risk 0.36cvss 5.5epss 0.00

    A vulnerability in the logging feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches in standalone NX-OS mode, Cisco UCS 6400 Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects, and Cisco UCS 9108 100G Fabric…

  • CVE-2019-1734MedNov 5, 2019
    risk 0.36cvss 5.5epss 0.00

    A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional…

  • CVE-2023-20115MedAug 23, 2023
    risk 0.35cvss 5.4epss 0.00

    A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device. …

  • CVE-2021-1590MedAug 25, 2021
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service (DoS) condition. This vulnerability is due to a…

  • CVE-2020-3170MedFeb 26, 2020
    risk 0.35cvss 5.3epss 0.01

    A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API.…

  • CVE-2019-1969MedAug 30, 2019
    risk 0.35cvss 5.3epss 0.01

    A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP…

  • CVE-2019-1733MedMay 15, 2019
    risk 0.35cvss 5.4epss 0.01

    A vulnerability in the NX API (NX-API) Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the NX-API Sandbox interface of an affected device. The vulnerability is due to…

Page 6 of 7