67 matches found
Cisco NX-OS Software NX-API Privilege Escalation (CVE-2018-0330)
A vulnerability in the NX-API management application programming interface API in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly validate certain...
Cisco NX-OS Software NX-API Command Injection (CVE-2022-20650)
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation of user supplied data that is sent to the NX-API. An attacker could exploit thi...
CVE-2022-20650
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation of user supplied data that is sent to the NX-API. An attacker could exploit thi...
CVE-2022-20650
CVE-2022-20650 affects Cisco NX-OS NX-API Command Injection. The issue arises from insufficient input validation in the NX-API, enabling an authenticated remote attacker to send a crafted HTTP POST to the NX-API and execute arbitrary commands with root privileges on the underlying OS. Impact is o...
Cisco NX-OS Software NX-API Command Injection Vulnerability
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation of user supplied data that is sent to the NX-API. An attacker could exploit thi...
Cisco NX-OS Cross-Site Request Forgery Vulnerability
Cisco NX-OS is the network operating system for the Cisco Nexus family of Ethernet switches and the MDS family of Fibre Channel storage area network switches. A cross-site request forgery CSRF vulnerability exists in the NX-API feature of Cisco NX-OS. The vulnerability stems from insufficient CSR...
CVE-2021-1227
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the NX-API on an affected device. An attacker cou...
CVE-2021-1227
Summary: CVE-2021-1227 is a CSRF vulnerability in Cisco NX-OS NX-API. An unauthenticated, remote attacker could coerce a user into following a malicious link to perform arbitrary actions with the affected user’s privileges, potentially viewing and modifying device configuration. The NX-API featur...
Cisco NX-OS Software NX-API Cross-Site Request Forgery Vulnerability
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the NX-API on an affected device. An attacker cou...
The vulnerability of the NX-API network operating system function of Cisco NX-OS routers allows attackers to compromise the accessibility of protected information.
The vulnerability of the NX-API network operating system of Cisco NX-OS routers is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to compromise the accessibility of protected information...
Cisco NX-OS Software NX-API Denial of Service Vulnerability
A denial of service DoS vulnerability exists in the NX-API feature of Cisco NX-OS due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An unauthenticated, remote attacker can exploit this issue, via a specially crafted HTTP request to NX-API, to cause the NX-API...
CVE-2020-3170 Cisco NX-OS Software NX-API Denial of Service Vulnerability
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could...
CVE-2020-3170
The CVE-2020-3170 entry covers Cisco NX-OS Software NX-API Denial of Service. Affected component: NX-API feature. Root cause: incorrect validation of the HTTP header in requests to NX-API. Impact: unauthenticated, remote attacker can cause the NX-API system process to restart, resulting in a DoS ...
Cisco NX-OS Software NX-API Denial of Service Vulnerability
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could...
Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability
According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability in the NX-API feature of Cisco NX-OS Software that could allow an authenticated, local attacker to execute arbitrary code as root. The vulnerability is due to incorrect input validation in the NX-API...
Cisco NX-OS Software Privilege Escalation Vulnerability
According to its self-reported version, Cisco NX-OS Software is affected by following vulnerability - A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to...
CVE-2019-1968
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could...
CVE-2019-1968
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could...
Design/Logic Flaw
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could...
CVE-2019-1968 Cisco NX-OS Software NX-API Denial of Service Vulnerability
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could...