Lucene search
K

21 matches found

OSV
OSV
added 2018/06/21 11:29 a.m.3 views

CVE-2018-0303

A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service DoS condition on the affected device. The vulnerability exists because of...

8.8CVSS6.4AI score0.01149EPSS
Exploits0References2
OSV
OSV
added 2018/06/20 9:29 p.m.4 views

CVE-2018-0304

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to read sensitive memory content, create a denial of service DoS condition, or execute arbitrary code as root. The vulnerability exists because th...

9.8CVSS6.4AI score
Exploits0References3
Prion
Prion
added 2018/06/20 9:29 p.m.24 views

Buffer overflow

A vulnerability in the Cisco Fabric Services CFS component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric...

7.5CVSS9.7AI score0.05958EPSS
Exploits0References3Affected Software5
OSV
OSV
added 2018/06/20 9:29 p.m.4 views

CVE-2018-0307

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting...

7.8CVSS6AI score0.00564EPSS
Exploits0References2
OSV
OSV
added 2018/06/20 9:29 p.m.3 views

CVE-2018-0308

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service DoS condition. The vulnerability exists because the affected software insufficiently...

9.8CVSS6.4AI score
Exploits0References3
Prion
Prion
added 2018/06/20 9:29 p.m.16 views

Command injection

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting...

7.2CVSS7.7AI score0.00564EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2018/06/20 9:0 p.m.11 views

CVE-2018-0294

A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete...

7AI score0.00466EPSS
Exploits0References2
CNVD
CNVD
added 2017/12/04 12:0 a.m.4 views

Multiple Cisco Products Cisco NX-OS System Software Arbitrary File Read Vulnerability

Cisco Multilayer Director Switches are products of Cisco Corporation.Cisco Multilayer Director Switches are switches.Nexus 2000 Series Fabric Extenders are Nexus 2000 Series Array Extenders.NX-OS System Software is a set of operating systems used in them.CLI is a command line program used in...

6CVSS6.9AI score0.00377EPSS
Exploits0References1
OSV
OSV
added 2017/11/30 9:29 a.m.2 views

CVE-2017-12335

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...

6.3CVSS6AI score0.00935EPSS
Exploits0References3
Prion
Prion
added 2017/11/30 9:29 a.m.15 views

Command injection

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this vulnerability by injecting...

4.6CVSS6.3AI score0.007EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2017/11/30 9:29 a.m.13 views

Design/Logic Flaw

A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installin...

4.9CVSS4.7AI score0.00325EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2017/11/30 9:29 a.m.20 views

Command injection

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this vulnerability by injecting...

4.6CVSS6.8AI score0.01102EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/11/30 9:29 a.m.3 views

CVE-2017-12330

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this vulnerability by injecting...

6.3CVSS6AI score0.01102EPSS
Exploits0References3
Prion
Prion
added 2017/11/30 9:29 a.m.12 views

Command injection

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation during the...

7.2CVSS6.9AI score0.0068EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2017/11/30 9:29 a.m.18 views

Command injection

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...

4.6CVSS7AI score0.00935EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2017/11/30 9:29 a.m.23 views

CVE-2017-12342

A vulnerability in the Open Agent Container OAC feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and send packets outside the scope of the OAC. The vulnerability is due to insufficient internal security measures in the OAC feature. An attacker could...

6.8CVSS6.5AI score0.00382EPSS
Exploits0References3
OSV
OSV
added 2017/11/30 9:29 a.m.3 views

CVE-2017-12342

A vulnerability in the Open Agent Container OAC feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and send packets outside the scope of the OAC. The vulnerability is due to insufficient internal security measures in the OAC feature. An attacker could...

6.8CVSS5.8AI score0.00382EPSS
Exploits0References3
OSV
OSV
added 2017/11/30 9:29 a.m.6 views

CVE-2017-12332

A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installin...

4.4CVSS5.9AI score0.00325EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/11/30 9:0 a.m.34 views

CVE-2017-12335

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...

6.9AI score0.00935EPSS
Exploits0References3
CVE
CVE
added 2017/11/30 9:0 a.m.70 views

CVE-2017-12332

CVE-2017-12332 affects Cisco NX-OS System Software on multiple Cisco Nexus series switches and UCS Manager. The issue stems from insufficient restrictions in the patch installation process, allowing an authenticated, local attacker with valid administrator credentials to install a crafted patch i...

4.9CVSS4.6AI score0.00325EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder