EUVD-2026-31135

A vulnerability in the Border Gateway Protocol BGP enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to trigger BGP peer flaps, resulting in a denial of service DoS condition...

CVE-2026-20010

A vulnerability in the Link Layer Discovery Protocol LLDP feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the LLDP process to restart, which could cause an affected device to reload unexpectedly. This vulnerability is due to improper handling of specific...

Cisco UCS Manager Software Privilege Escalation Vulnerability

A vulnerability in the NX-OS CLI privilege levels of Cisco UCS Manager Software could allow an authenticated, local attacker with read-only privileges to modify files and perform unauthorized actions on an affected system. This vulnerability exists because unnecessary privileges are given to the...

Security Bulletin: Vulnerability in NX-OS Firmware and DCNM Software used by IBM c-type SAN directors and switches.

Summary Public disclosed OpenSSL vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches. The vulnerability has been addressed and can be resolved by applying the NX-OS code and NDFC code levels listed below. Vulnerability Details CVEID:CVE-2022-4304 DESCRIPTION: A timing...

Cisco Nexus 3000 9000 Series Switches Protocol Independent Multicast Version 6 DoS (cisco-sa-nxospc-pim6-vG4jFPh)

According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability. - A vulnerability in the Protocol Independent Multicast Version 6 PIM6 feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticate...

EUVD-2022-25900

Malicious code in bioql PyPI...

Vulnerabilities fixed in Cisco NX-OS Software

Cisco has fixed vulnerabilities in Cisco NX-OS Software for Nexus 3000 and 9000 Series Switches. The vulnerabilities are in several features of the Cisco NX-OS Software, including IS-IS, PIM6, logging, command-line interface CLI, and the REST API of the Nexus Dashboard. These vulnerabilities can ...

CVE-2025-20290

A vulnerability in the logging feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches in standalone NX-OS mode, Cisco UCS 6400 Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects, and Cisco UCS 9108 100G Fabric Interconnects could allow...

CVE-2025-20241 Cisco Nexus 3000 and 9000 Series Switches IS-IS Protocol <TBD> Denial of Service Vulnerability

A vulnerability in the Intermediate System-to-Intermediate System IS-IS feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly...

CVE-2025-20241

CVE-2025-20241 affects Cisco NX-OS Software on Nexus 3000 and Nexus 9000 Series switches (standalone NX-OS mode). The issue is caused by insufficient input validation when parsing ingress IS-IS packets, allowing an unauthenticated, Layer-2-adjacent attacker to trigger an IS-IS process restart and...

CVE-2025-20290 Cisco NXOS Software Sensitive Log Information Disclosure Vulnerability

A vulnerability in the logging feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches in standalone NX-OS mode, Cisco UCS 6400 Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects, and Cisco UCS 9108 100G Fabric Interconnects could allow...

CVE-2025-20292 Cisco NXOS Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device. This...

PT-2025-34890 · Cisco · Cisco Nx-Os

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an...

CVE-2024-20284

A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of...

Cisco NX-OS Software 安全漏洞

Cisco NX-OS Software is a suite of data center-grade operating system software used by switches from Cisco USA. A security vulnerability exists in Cisco NX-OS Software that stems from insufficient validation of parameters for specific CLI commands. An attacker exploiting this vulnerability could...

Cisco NX-OS Software 安全漏洞

Cisco NX-OS Software is a suite of data center-grade operating system software used by switches from Cisco USA. A security vulnerability exists in Cisco NX-OS Software that originates from insufficient validation of user-supplied input. An attacker could exploit the vulnerability to execute...

Cisco NX-OS Software 安全漏洞

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. An elevation of privilege vulnerability exists in Cisco NX-OS Software, which stems from insufficient security restrictions when executing application parameters from a Bas...

Cisco NX-OS Software 安全漏洞

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. Cisco NX-OS Software has an authorization issue vulnerability that stems from insufficient security restrictions when executing commands from the Bash shell. An attacker...

CVE-2024-20294

A vulnerability in the Link Layer Discovery Protocol LLDP feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of specific fields i...

Vulnerabilities fixed in Cisco Nexus

Cisco has fixed vulnerabilities in NX-OS, as in use on various Nexus platforms. A malicious party could exploit them to bypass security measures to allow allow unauthorized network traffic to pass through, or to cause a denial-of-service attack. Cisco has released updates to fix the vulnerabiliti...