3 matches found
Cisco NX-OS Software Call Home Command Injection (cisco-sa-callhome-cmdinj-zkxzSCY)
According to its self-reported version, Cisco NX-OS Software is affected by a command injection vulnerability due to insufficient input validation of specific Call Home configuration parameters when configured for transport method HTTP. An authenticated, remote attacker could modify parameters...
CVE-2020-3454
CVE-2020-3454 – Cisco NX-OS Call Home command injection is a network-remote flaw in the Call Home feature of Cisco NX-OS Software. The issue stems from insufficient input validation of Call Home configuration parameters when using HTTP, allowing an authenticated, remote attacker to modify setting...
Cisco Patches 'High-Severity' Bugs Impacting Switches, Fibre Storage
Cisco Systems disclosed eight high-severity bugs impacting a range of its networking gear, including its switches and fiber storage solutions. Cisco’s NX-OS was hardest hit, with six security alerts tied to the network operating system that underpins the networking giant’s Nexus-series Ethernet...