CVE-2019-12700

A vulnerability in the configuration of the Pluggable Authentication Module PAM used in Cisco Firepower Threat Defense FTD Software, Cisco Firepower Management Center FMC Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of service DoS condition. Th...

Cisco FXOS Software and Firepower Threat Defense Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute commands on the underlying operating system OS with root privileges. These vulnerabilities are due to insufficient input validation. A...

CVE-2019-1963

Cisco FXOS and NX-OS Software are affected by CVE-2019-1963 in the SNMP input packet processor. The issue arises from improper validation of ASN.1-encoded SNMP variables, allowing an authenticated, remote attacker to trigger the SNMP daemon to restart, potentially causing multiple restarts and a ...

CVE-2019-1780

CVE-2019-1780 is a Cisco FXOS/NX-OS command-injection vulnerability in the CLI caused by insufficient validation of arguments passed to certain CLI commands. An authenticated local attacker with administrator credentials can exploit this to execute arbitrary commands on the underlying operating s...

Design/Logic Flaw

A vulnerability in the Simple Network Management Protocol SNMP input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly...

CVE-2019-1858

Summary (CVE-2019-1858) : A vulnerability in the SNMP input packet processor on Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, leading to repeated restarts and a DoS condition. Root cause is imprope...

CVE-2019-1781

CVE-2019-1781 affects Cisco FXOS and Cisco NX-OS Software. The issue is a CLI input-validation flaw in certain commands that allows an authenticated, local attacker to pass malicious input and execute arbitrary commands on the device’s underlying OS with elevated privileges. Affected components a...

CVE-2019-1728

A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of...

PT-2019-2152 · Cisco · Cisco Nx-Os +2

Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software affected versions not specified Cisco NX-OS Software affected versions not specified Description: A vulnerability in the Simple Network Management Protocol SNMP input packet processor could allow an unauthenticated, remote...

CVE-2019-1600

A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive information that is stored in the file system of an affected system. The vulnerability is due to improper implementation of file system...

CVE-2019-1598

Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol LDAP feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The...

CVE-2019-1598

Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol LDAP feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The...

CVE-2019-1597

CVE-2019-1597 describes multiple LDAP parsing flaws in Cisco FXOS/NX-OS that permit an unauthenticated, remote attacker to force a device reload and DoS by sending a BER-crafted LDAP packet from a configured LDAP server IP. Affected product families and versions include: Firepower 4100 series: &l...

CVE-2018-0395 Cisco FXOS and NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Link Layer Discovery Protocol LLDP implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition when the device unexpectedly reloads. The vulnerability is due to improper input...

Input validation

A vulnerability in the Link Layer Discovery Protocol LLDP implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition when the device unexpectedly reloads. The vulnerability is due to improper input...

PT-2018-1743 · Cisco · Cisco Fxos +2

Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software affected versions not specified Cisco NX-OS Software affected versions not specified Description: A vulnerability in the Link Layer Discovery Protocol LLDP implementation could allow an unauthenticated, adjacent attacker t...

Multiple Cisco Products FXOS Software and UCS Fabric Interconnect Software CLI Parser Input Validation Vulnerability

Cisco Firepower 4100 Series Next-Generation Firewall and so on are the products of the American Cisco company.Cisco Firepower 4100 Series Next-Generation Firewall is a firewall product.UCS 6200 Series Fabric Interconnects is a set of switch matrix dedicated to Cisco devices. FXOS Software is a se...

Buffer overflow

A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could...

CVE-2018-0305

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. The vulnerability exists because the affected software insufficiently validates...

CVE-2018-0303

A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service DoS condition on the affected device. The vulnerability exists because of...