Lucene search
K

67 matches found

Prion
Prion
added 2018/06/20 9:29 p.m.24 views

Design/Logic Flaw

A vulnerability in the NX-API management application programming interface API in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly validate certain...

6.5CVSS8.8AI score0.02792EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/06/20 9:29 p.m.24 views

Buffer overflow

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow. The vulnerability is due to incorrect input validation in the authentication module of the...

10CVSS9.8AI score0.1767EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2018/06/20 9:29 p.m.22 views

CVE-2018-0330

A vulnerability in the NX-API management application programming interface API in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly validate certain...

8.8CVSS8.9AI score0.02792EPSS
Exploits0References2
CVE
CVE
added 2018/06/20 9:0 p.m.55 views

CVE-2018-0330

The CVE-2018-0330 issue concerns the NX-API management API in Cisco NX-OS Software. Affected devices include Cisco MDS 9000, Nexus 2000/3000/3500/5500/5600/6000/7000/7700 series, and NX-OS in standalone mode. Root cause: improper validation of parameters within NX-API requests, enabling an authen...

8.8CVSS8.9AI score0.02792EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/06/20 9:0 p.m.60 views

CVE-2018-0301

The CVE-2018-0301 entry describes a vulnerability in Cisco NX-OS NX-API where an unauthenticated remote attacker can send crafted HTTP/HTTPS packets to the management interface, triggering a buffer overflow due to improper input validation in the NX-API authentication module. This could allow arb...

10CVSS9.7AI score0.1767EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/06/20 9:0 p.m.20 views

CVE-2018-0330

A vulnerability in the NX-API management application programming interface API in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly validate certain...

9AI score0.02792EPSS
Exploits0References2
Cisco
Cisco
added 2018/06/20 4:0 p.m.95 views

Cisco NX-OS Software NX-API Arbitrary Command Execution Vulnerability

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to send a malicious packet to the management interface on an affected system and execute a command-injection exploit. The vulnerability is due to incorrect input validation of user-supplied...

8.8CVSS2AI score0.03996EPSS
Exploits0References1
Rows per page
Query Builder