Nx-os Security Vulnerabilities and Issues — Nx-os CVE List

Lucene search

CiscoNx-os

12 matches found

CVE•added 2014/05/26 12:25 a.m.•55 views

CVE-2013-1191

Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted SSH key data in an SSH session to a management interface, aka Bug ID CSCud88400.

7.1CVSS6.7AI score0.00891EPSS

CVE•added 2014/05/07 10:55 a.m.•54 views

CVE-2014-0684

Cisco NX-OS 6.2(2) on Nexus 7000 switches allows local users to cause a denial of service via crafted sed input, aka Bug ID CSCui56136.

4.6CVSS6.3AI score0.00208EPSS

CVE•added 2014/05/20 11:13 a.m.•50 views

CVE-2013-6975

Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and earlier allows local users to read arbitrary files via unspecified input, aka Bug ID CSCul05217.

4.6CVSS6.5AI score0.00033EPSS

CVE•added 2014/05/26 12:25 a.m.•48 views

CVE-2014-2200

Cisco NX-OS 5.0 before 5.0(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via an SSH session to a management interface, aka Bug ID CSCti11629.

7.1CVSS6.7AI score0.00657EPSS

CVE•added 2014/05/26 12:25 a.m.•46 views

CVE-2014-2201

The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bug ID CSCtw98915.

7.8CVSS6.5AI score0.0071EPSS

CVE•added 2014/01/22 9:55 p.m.•45 views

CVE-2014-0677

The Label Distribution Protocol (LDP) functionality in Cisco NX-OS allows remote attackers to cause a denial of service (temporary LDP session outage) via LDP discovery traffic containing malformed Hello messages, aka Bug ID CSCul88851.

5CVSS6.8AI score0.01295EPSS

CVE•added 2014/01/08 9:55 p.m.•44 views

CVE-2013-6982

The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not properly handle the interaction of UPDATE messages with IPv6, VPNv4, and VPNv6 labeled unicast-address families, which allows remote attackers to cause a denial of service (peer reset) via a crafted message, aka Bug ID CSCuj03174.

4.3CVSS6.7AI score0.01292EPSS

CVE•added 2014/01/22 9:55 p.m.•43 views

CVE-2014-0676

Cisco NX-OS allows local users to bypass intended TACACS+ command restrictions via a series of multiple commands, aka Bug ID CSCum47367.

6.8CVSS6.6AI score0.00084EPSS

CVE•added 2014/05/26 12:25 a.m.•42 views

CVE-2014-3261

Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices, NX-OS 4.1 before 4.1(2)E1(1l) on Nexus 4000 devices, NX-OS 5.x before 5.1(3)N1(1) on Nexus 5000 devi...

7.6CVSS7.8AI score0.0082EPSS

CVE•added 2014/08/19 11:16 a.m.•42 views

CVE-2014-3341

The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows remote attackers to enumerate VLANs via a series of requests, aka Bug ID CSCup85616.

5CVSS6.9AI score0.2449EPSS

CVE•added 2014/06/14 4:26 a.m.•37 views

CVE-2014-3295

The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authentication and cause a denial of service (group-member state modification and traffic blackholing) via malformed HSRP packets, aka Bug ID CSCup11309.

4.8CVSS7.1AI score0.01123EPSS

CVE•added 2014/08/11 10:55 p.m.•34 views

CVE-2014-3330

Cisco NX-OS 6.1(2)I2(1) on Nexus 9000 switches does not properly process packet-drop policy checks for logged packets, which allows remote attackers to bypass intended access restrictions via a flood of packets matching a policy that contains the log keyword, aka Bug ID CSCuo02489.

5CVSS6.8AI score0.00179EPSS