Nx-os@8.1(0)bd(0.20) Security Vulnerabilities and Issues — Nx-os@8.1(0)bd(0.20) CVE List

Lucene search

CiscoNx-os8.1(0)bd(0.20)

10 matches found

CVE•added 2017/10/19 8:29 a.m.•52 views

CVE-2017-12301

A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and gain unauthorized access to the underlying operating system of the device. The vulnerability exists due to insufficient sanitization of user-supplie...

7.2CVSS6.7AI score0.0011EPSS

CVE•added 2017/11/30 9:29 a.m.•48 views

CVE-2017-12329

A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacke...

6.3CVSS6.8AI score0.00377EPSS

CVE•added 2017/11/30 9:29 a.m.•48 views

CVE-2017-12330

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this vulnerability by injecting c...

6.3CVSS6.8AI score0.00377EPSS

CVE•added 2017/11/30 9:29 a.m.•47 views

CVE-2017-12351

A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container. An attacker would need valid administrator credentials to perform this attack. The vulnerability is due to ...

5.7CVSS5.4AI score0.00066EPSS

CVE•added 2017/11/30 9:29 a.m.•46 views

CVE-2017-12332

A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installing ...

4.9CVSS4.6AI score0.00084EPSS

CVE•added 2017/11/30 9:29 a.m.•45 views

CVE-2017-12335

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arg...

6.3CVSS6.9AI score0.00275EPSS

CVE•added 2017/11/30 9:29 a.m.•45 views

CVE-2017-12336

A vulnerability in the TCL scripting subsystem of Cisco NX-OS System Software could allow an authenticated, local attacker to escape the interactive TCL shell and gain unauthorized access to the underlying operating system of the device. The vulnerability exists due to insufficient input validation...

4.6CVSS5.1AI score0.00045EPSS

CVE•added 2017/11/30 9:29 a.m.•43 views

CVE-2017-12334

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation of command argument...

7.2CVSS6.9AI score0.00106EPSS

CVE•added 2017/11/30 9:29 a.m.•41 views

CVE-2017-12338

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. The vulnerability is due to insufficient input validation for a specific CLI command. An attacker could exploit this vulnerability by issuing a crafted com...

6CVSS5.8AI score0.00077EPSS

CVE•added 2017/11/30 9:29 a.m.•41 views

CVE-2017-12339

5.7CVSS6.3AI score0.00138EPSS