VYPR

NX-OS Software

by Cisco Systems, Inc.

CVEs (136)

  • CVE-2024-20397MedDec 4, 2024
    risk 0.34cvss 5.2epss 0.00

    A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification. This…

  • CVE-2020-3174MedFeb 26, 2020
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability…

  • CVE-2023-20050MedFeb 23, 2023
    risk 0.29cvss 4.4epss 0.00

    A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific…

  • CVE-2019-1808MedMay 15, 2019
    risk 0.29cvss 4.4epss 0.00

    A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of…

  • CVE-2019-1731MedMay 15, 2019
    risk 0.29cvss 4.4epss 0.00

    A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device…

  • CVE-2022-20625MedFeb 23, 2022
    risk 0.28cvss 4.3epss 0.03

    A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper…

  • CVE-2021-1367MedFeb 24, 2021
    risk 0.28cvss 4.3epss 0.00

    A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An…

  • CVE-2019-1612MedMar 11, 2019
    risk 0.27cvss 4.2epss 0.00

    A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI…

  • CVE-2024-20399KEVJul 1, 2024
    risk 0.12cvss epss 0.04

    A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation…

  • CVE-2024-20291Feb 28, 2024
    risk 0.01cvss epss 0.01

    A vulnerability in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device. …

  • CVE-2024-20284Aug 28, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient…

  • CVE-2024-20285Aug 28, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient…

  • CVE-2024-20286Aug 28, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient…

  • CVE-2024-20294Feb 28, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper…

  • CVE-2024-20267Feb 28, 2024
    risk 0.00cvss epss 0.01

    A vulnerability with the handling of MPLS traffic for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the netstack process to unexpectedly restart, which could cause the device to stop processing network traffic or to reload. This vulnerability…

  • CVE-2024-20321Feb 28, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because eBGP traffic is mapped…

Page 7 of 7