Lucene search
K

67 matches found

Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.26 views

Cisco NX-OS Software NX-API Privilege Escalation (CVE-2018-0330)

A vulnerability in the NX-API management application programming interface API in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly validate certain...

8.8CVSS8.2AI score0.02792EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.31 views

Cisco NX-OS Software NX-API Command Injection (CVE-2022-20650)

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation of user supplied data that is sent to the NX-API. An attacker could exploit thi...

9CVSS8.6AI score0.1455EPSS
Exploits0References2
NVD
NVD
added 2022/02/23 6:15 p.m.23 views

CVE-2022-20650

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation of user supplied data that is sent to the NX-API. An attacker could exploit thi...

9CVSS0.1455EPSS
Exploits0References1
CVE
CVE
added 2022/02/23 5:40 p.m.145 views

CVE-2022-20650

CVE-2022-20650 affects Cisco NX-OS NX-API Command Injection. The issue arises from insufficient input validation in the NX-API, enabling an authenticated remote attacker to send a crafted HTTP POST to the NX-API and execute arbitrary commands with root privileges on the underlying OS. Impact is o...

9CVSS8.9AI score0.1455EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2022/02/23 4:0 p.m.52 views

Cisco NX-OS Software NX-API Command Injection Vulnerability

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation of user supplied data that is sent to the NX-API. An attacker could exploit thi...

8.8CVSS8.9AI score0.1455EPSS
Exploits0References1
CNVD
CNVD
added 2021/02/25 12:0 a.m.8 views

Cisco NX-OS Cross-Site Request Forgery Vulnerability

Cisco NX-OS is the network operating system for the Cisco Nexus family of Ethernet switches and the MDS family of Fibre Channel storage area network switches. A cross-site request forgery CSRF vulnerability exists in the NX-API feature of Cisco NX-OS. The vulnerability stems from insufficient CSR...

8.1CVSS7AI score0.00668EPSS
Exploits0References1
NVD
NVD
added 2021/02/24 8:15 p.m.12 views

CVE-2021-1227

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the NX-API on an affected device. An attacker cou...

8.1CVSS0.00668EPSS
Exploits0References1
CVE
CVE
added 2021/02/24 7:30 p.m.81 views

CVE-2021-1227

Summary: CVE-2021-1227 is a CSRF vulnerability in Cisco NX-OS NX-API. An unauthenticated, remote attacker could coerce a user into following a malicious link to perform arbitrary actions with the affected user’s privileges, potentially viewing and modifying device configuration. The NX-API featur...

8.1CVSS8.3AI score0.00668EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2021/02/24 4:0 p.m.97 views

Cisco NX-OS Software NX-API Cross-Site Request Forgery Vulnerability

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the NX-API on an affected device. An attacker cou...

8.1CVSS8.3AI score0.00668EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/04/06 12:0 a.m.4 views

The vulnerability of the NX-API network operating system function of Cisco NX-OS routers allows attackers to compromise the accessibility of protected information.

The vulnerability of the NX-API network operating system of Cisco NX-OS routers is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to compromise the accessibility of protected information...

5.3CVSS5.9AI score0.01449EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/03/05 12:0 a.m.33 views

Cisco NX-OS Software NX-API Denial of Service Vulnerability

A denial of service DoS vulnerability exists in the NX-API feature of Cisco NX-OS due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An unauthenticated, remote attacker can exploit this issue, via a specially crafted HTTP request to NX-API, to cause the NX-API...

5.3CVSS5.8AI score0.01449EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2020/02/26 4:50 p.m.16 views

CVE-2020-3170 Cisco NX-OS Software NX-API Denial of Service Vulnerability

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could...

5.3CVSS7AI score0.01449EPSS
Exploits0References1
CVE
CVE
added 2020/02/26 4:50 p.m.96 views

CVE-2020-3170

The CVE-2020-3170 entry covers Cisco NX-OS Software NX-API Denial of Service. Affected component: NX-API feature. Root cause: incorrect validation of the HTTP header in requests to NX-API. Impact: unauthenticated, remote attacker can cause the NX-API system process to restart, resulting in a DoS ...

5.3CVSS5.3AI score0.01449EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2020/02/26 4:0 p.m.26 views

Cisco NX-OS Software NX-API Denial of Service Vulnerability

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could...

5.3CVSS1.6AI score0.01449EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/12/20 12:0 a.m.29 views

Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability

According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability in the NX-API feature of Cisco NX-OS Software that could allow an authenticated, local attacker to execute arbitrary code as root. The vulnerability is due to incorrect input validation in the NX-API...

7.8CVSS8.2AI score0.0054EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2019/12/18 12:0 a.m.31 views

Cisco NX-OS Software Privilege Escalation Vulnerability

According to its self-reported version, Cisco NX-OS Software is affected by following vulnerability - A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to...

7.8CVSS7.4AI score0.00372EPSS
Exploits0References4
NVD
NVD
added 2019/08/30 9:15 a.m.20 views

CVE-2019-1968

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could...

7.5CVSS6.1AI score0.01768EPSS
Exploits0References1
OSV
OSV
added 2019/08/30 9:15 a.m.4 views

CVE-2019-1968

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could...

7.5CVSS5.8AI score0.01768EPSS
Exploits0References1
Prion
Prion
added 2019/08/30 9:15 a.m.21 views

Design/Logic Flaw

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could...

5CVSS7.4AI score0.01768EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2019/08/29 9:50 p.m.11 views

CVE-2019-1968 Cisco NX-OS Software NX-API Denial of Service Vulnerability

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could...

5.3CVSS7.3AI score0.01768EPSS
Exploits0References1
Rows per page
Query Builder