Nx-os@8.2 Security Vulnerabilities and Issues — Nx-os@8.2 CVE List

Lucene search

CiscoNx-os8.2

22 matches found

CVE•added 2019/08/30 9:15 a.m.•79 views

CVE-2019-1967

A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a ...

8.6CVSS7.7AI score0.02573EPSS

CVE•added 2019/05/16 5:29 p.m.•61 views

CVE-2019-1780

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insuffi...

7.2CVSS5.7AI score0.0006EPSS

CVE•added 2019/05/15 8:29 p.m.•60 views

CVE-2019-1774

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could...

7.2CVSS6.6AI score0.00107EPSS

CVE•added 2018/06/20 9:29 p.m.•59 views

CVE-2018-0307

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting mali...

7.8CVSS7.8AI score0.00134EPSS

CVE•added 2019/03/08 6:29 p.m.•59 views

CVE-2019-1601

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to gain read and write access to a critical configuration file. The vulnerability is due to a failure to impose strict filesystem permissions on the targeted device. An attacker could ...

7.8CVSS7.7AI score0.00066EPSS

CVE•added 2019/05/15 8:29 p.m.•58 views

CVE-2019-1790

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to cer...

7.2CVSS6.6AI score0.00107EPSS

CVE•added 2018/06/21 11:29 a.m.•57 views

CVE-2018-0331

A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure...

6.5CVSS6.4AI score0.00319EPSS

CVE•added 2019/05/15 8:29 p.m.•57 views

CVE-2019-1779

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments p...

7.2CVSS5.7AI score0.00082EPSS

CVE•added 2019/05/15 11:29 p.m.•57 views

CVE-2019-1809

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures ...

6.7CVSS6.3AI score0.00023EPSS

CVE•added 2019/03/11 10:0 p.m.•55 views

CVE-2019-1616

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An attac...

8.6CVSS7.9AI score0.00843EPSS

CVE•added 2019/03/08 8:29 p.m.•54 views

CVE-2019-1608

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could ...

7.2CVSS5.7AI score0.00082EPSS

CVE•added 2019/03/08 8:29 p.m.•54 views

CVE-2019-1609

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could ...

7.2CVSS5.7AI score0.00261EPSS

CVE•added 2019/03/07 8:29 p.m.•51 views

CVE-2019-1600

A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive information that is stored in the file system of an affected system. The vulnerability is due to improper implementation of file system per...

6.7CVSS4.6AI score0.00131EPSS

CVE•added 2019/05/15 5:29 p.m.•50 views

CVE-2019-1728

A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of sys...

7.2CVSS6.4AI score0.00105EPSS

CVE•added 2019/05/15 8:29 p.m.•50 views

CVE-2019-1775

7.2CVSS6.6AI score0.00107EPSS

CVE•added 2019/05/15 11:29 p.m.•49 views

CVE-2019-1808

6.7CVSS4.7AI score0.00086EPSS

CVE•added 2019/08/30 9:15 a.m.•49 views

CVE-2019-1968

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exp...

7.5CVSS6.2AI score0.00436EPSS

CVE•added 2018/06/20 9:29 p.m.•48 views

CVE-2018-0301

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow. The vulnerability is due to incorrect input validation in the authentication module of the NX...

10CVSS9.7AI score0.02685EPSS

CVE•added 2019/05/15 5:29 p.m.•48 views

CVE-2019-1727

A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and issue arbitrary commands to elevate the attacker's privilege level. The vulnerability is due to insufficient sanitization of user-supplied parameter...

7.2CVSS5.8AI score0.00134EPSS

CVE•added 2017/10/19 8:29 a.m.•47 views

CVE-2017-3883

A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability occurs because AAA proce...

8.6CVSS8.5AI score0.02619EPSS

CVE•added 2018/06/20 9:29 p.m.•44 views

CVE-2018-0330

A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly validate certain param...

8.8CVSS8.9AI score0.00154EPSS

CVE•added 2019/03/11 10:0 p.m.•38 views

CVE-2019-1614

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to incorrect input validation of user-supplied data by the NX-API subsystem. An attacker could exploit this vulner...

9CVSS9AI score0.01897EPSS