Lucene search

K

Fxos Security Vulnerabilities

cve
cve

CVE-2024-20294

A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific...

6.6CVSS

6.5AI Score

0.0004EPSS

2024-02-29 01:43 AM
90
cve
cve

CVE-2023-20200

A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software for Firepower 4100 Series and Firepower 9300 Security Appliances and of Cisco UCS 6300 Series Fabric Interconnects could allow an authenticated, remote attacker to cause a denial of service (DoS)...

7.7CVSS

6.3AI Score

0.001EPSS

2023-08-23 07:15 PM
77
cve
cve

CVE-2023-20234

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command...

6CVSS

6AI Score

0.0004EPSS

2023-08-23 07:15 PM
65
cve
cve

CVE-2023-20016

A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup...

6.5CVSS

6.4AI Score

0.0004EPSS

2023-02-23 08:15 PM
24
cve
cve

CVE-2022-20934

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper input validation for specific CLI...

6.7CVSS

6.9AI Score

0.0004EPSS

2022-11-15 09:15 PM
45
5
cve
cve

CVE-2022-20865

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The attacker would need to have Administrator privileges on the device. This vulnerability is due to insufficient input validation of.....

6.7CVSS

6.6AI Score

0.0004EPSS

2022-08-25 07:15 PM
25
4
cve
cve

CVE-2021-44228

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message....

10CVSS

9.8AI Score

0.975EPSS

2021-12-10 10:15 AM
3601
In Wild
399
cve
cve

CVE-2021-34714

A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due.....

7.4CVSS

7.4AI Score

0.001EPSS

2021-09-23 03:15 AM
35
cve
cve

CVE-2020-3459

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this...

7.8CVSS

7.7AI Score

0.0004EPSS

2020-10-21 07:15 PM
21
cve
cve

CVE-2020-3455

A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into.....

7.8CVSS

7.4AI Score

0.0004EPSS

2020-10-21 07:15 PM
33
cve
cve

CVE-2020-3545

A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer overflow condition. The vulnerability is due to incorrect bounds checking of values that are parsed from a specific file. An attacker could exploit this...

6.7CVSS

6.9AI Score

0.0004EPSS

2020-09-04 03:15 AM
33
cve
cve

CVE-2020-3171

A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input...

7.8CVSS

7.8AI Score

0.0004EPSS

2020-02-26 05:15 PM
42
cve
cve

CVE-2020-3169

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root on an affected device. The vulnerability is due to insufficient validation of arguments passed to a...

6.7CVSS

6.8AI Score

0.0004EPSS

2020-02-26 05:15 PM
46
cve
cve

CVE-2020-3166

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted...

6.7CVSS

6.3AI Score

0.0004EPSS

2020-02-26 05:15 PM
69
cve
cve

CVE-2020-3120

A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is.....

6.5CVSS

6.7AI Score

0.001EPSS

2020-02-05 06:15 PM
87
cve
cve

CVE-2019-12699

Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. These vulnerabilities are due to insufficient input...

7.8CVSS

7.7AI Score

0.0004EPSS

2019-10-02 07:15 PM
33
cve
cve

CVE-2019-1858

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly.....

8.6CVSS

8.3AI Score

0.002EPSS

2019-05-16 02:29 AM
42
cve
cve

CVE-2019-1700

A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID: FPR9K-DNM-2X100G) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS)...

6.1CVSS

6.3AI Score

0.001EPSS

2019-02-21 09:29 PM
27
cve
cve

CVE-2018-0311

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates....

7.5CVSS

7.8AI Score

0.001EPSS

2018-06-21 11:29 AM
33
cve
cve

CVE-2018-0302

A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could...

7.8CVSS

7.9AI Score

0.0004EPSS

2018-06-21 11:29 AM
23
cve
cve

CVE-2018-0310

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because.....

9.8CVSS

9.4AI Score

0.003EPSS

2018-06-21 11:29 AM
31
cve
cve

CVE-2018-0331

A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a...

6.5CVSS

6.4AI Score

0.001EPSS

2018-06-21 11:29 AM
28
cve
cve

CVE-2018-0305

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability exists because the affected software insufficiently...

8.6CVSS

8.7AI Score

0.001EPSS

2018-06-21 11:29 AM
23
cve
cve

CVE-2018-0298

A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this...

7.5CVSS

7.8AI Score

0.001EPSS

2018-06-21 11:29 AM
24
cve
cve

CVE-2018-0303

A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of...

8.8CVSS

9AI Score

0.001EPSS

2018-06-21 11:29 AM
35
cve
cve

CVE-2018-0300

A vulnerability in the process of uploading new application images to Cisco FXOS on the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker using path traversal techniques to create or overwrite arbitrary...

7.2CVSS

7.3AI Score

0.008EPSS

2018-06-21 11:29 AM
18
cve
cve

CVE-2018-0312

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected...

9.8CVSS

9.9AI Score

0.035EPSS

2018-06-20 09:29 PM
27
cve
cve

CVE-2018-0294

A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete...

6.7CVSS

6.6AI Score

0.0004EPSS

2018-06-20 09:29 PM
28
cve
cve

CVE-2018-0304

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to read sensitive memory content, create a denial of service (DoS) condition, or execute arbitrary code as root. The vulnerability exists because...

9.8CVSS

9.8AI Score

0.035EPSS

2018-06-20 09:29 PM
35
cve
cve

CVE-2018-0314

A vulnerability in the Cisco Fabric Services (CFS) component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric....

9.8CVSS

9.8AI Score

0.025EPSS

2018-06-20 09:29 PM
24
cve
cve

CVE-2018-0308

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability exists because the affected software insufficiently...

9.8CVSS

9.9AI Score

0.035EPSS

2018-06-20 09:29 PM
31
cve
cve

CVE-2017-12329

A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An...

6.3CVSS

6.8AI Score

0.0004EPSS

2017-11-30 09:29 AM
25
cve
cve

CVE-2017-3883

A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability occurs because AAA...

8.6CVSS

8.5AI Score

0.002EPSS

2017-10-19 08:29 AM
28