Skip to main content

Nx Os

268 CVEs product

Monthly

CVE-2017-6649 HIGH This Week

A vulnerability in the CLI of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2017-3879 MEDIUM This Month

A Denial of Service vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Nx Os
NVD
CVSS 3.0
5.3
EPSS
0.9%
CVE-2017-3878 MEDIUM This Month

A Denial of Service vulnerability in the Telnet remote login functionality of Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Nx Os
NVD
CVSS 3.0
5.3
EPSS
0.9%
CVE-2017-3875 MEDIUM This Month

An Access-Control Filtering Mechanisms Bypass vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could allow an unauthenticated, remote attacker to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Nx Os
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2017-3804 MEDIUM This Month

A vulnerability in Intermediate System-to-Intermediate System (IS-IS) protocol packet processing of Cisco Nexus 5000, 6000, and 7000 Series Switches software could allow an unauthenticated, adjacent. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD VulDB
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-6457 MEDIUM This Month

A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Buffer Overflow Application Policy Infrastructure Controller Nx Os
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2016-1454 MEDIUM This Month

Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2016-1453 CRITICAL Act Now

Buffer overflow in the Overlay Transport Virtualization (OTV) GRE feature in Cisco NX-OS 5.0 through 7.3 on Nexus 7000 and 7700 devices allows remote attackers to execute arbitrary code via long. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 26.1% and no vendor patch available.

Cisco Buffer Overflow RCE Nx Os
NVD
CVSS 3.1
9.8
EPSS
26.1%
CVE-2015-6393 HIGH This Week

Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2015-0721 HIGH This Week

Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Nx Os
NVD
CVSS 3.0
8.0
EPSS
0.1%
CVE-2015-6392 HIGH This Week

Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2016-1455 HIGH This Week

Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an incorrect iptables local-interface configuration, which allows remote attackers to obtain sensitive information via TCP or UDP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Nx Os
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2016-1465 MEDIUM This Month

Cisco Nexus 1000v Application Virtual Switch (AVS) devices before 5.2(1)SV3(1.5i) allow remote attackers to cause a denial of service (ESXi hypervisor crash and purple screen) via a crafted Cisco. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco VMware Nx Os
NVD
CVSS 3.0
6.5
EPSS
0.9%
CVE-2016-1409 HIGH This Week

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Cisco Denial Of Service iOS Ios Xe +2
NVD
CVSS 3.0
7.5
EPSS
4.9%
CVE-2016-1351 HIGH This Week

The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1 through 6.2 allows remote attackers to cause a denial of service (device reload) via a crafted header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Cisco Denial Of Service iOS Nx Os
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2015-0718 HIGH This Week

Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Unified Computing System Nx Os Jr6150 Firmware +4
NVD
CVSS 3.0
7.5
EPSS
6.0%
CVE-2016-1341 CRITICAL Act Now

Cisco NX-OS 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1) on Nexus 2000 Fabric Extender devices has a blank root password, which allows local users to gain privileges via unspecified vectors, aka Bug ID. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Nx Os
NVD
CVSS 3.0
9.8
EPSS
0.3%
CVE-2016-1302 HIGH This Week

Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass X14J Firmware Opensolaris Gs1900 10Hp Firmware +2
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2015-6394 MEDIUM This Month

The kernel in Cisco NX-OS 5.2(9)N1(1) on Nexus 5000 devices allows local users to cause a denial of service (device crash) via crafted USB parameters, aka Bug ID CSCus89408. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
CVSS 2.0
4.9
EPSS
0.1%
CVE-2015-6308 MEDIUM This Month

Cisco NX-OS 6.0(2)U6(0.46) on N3K devices allows remote authenticated users to cause a denial of service (temporary SNMP outage) via an SNMP request for an OID that does not exist, aka Bug ID. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
CVSS 2.0
4.0
EPSS
0.4%
CVE-2015-6295 MEDIUM This Month

Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
CVSS 2.0
4.8
EPSS
0.6%
CVE-2015-6277 MEDIUM This Month

The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Cisco VMware Nx Os San Os +2
NVD
CVSS 2.0
6.1
EPSS
0.4%
CVE-2015-4323 MEDIUM This Month

Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.9); Nexus 3000 devices 6.0(2)U5(1.41), 7.0(3)I2(0.373), and 7.3(0)ZN(0.83); Nexus 4000 devices 4.1(2)E1(1b); Nexus. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Cisco Buffer Overflow VMware Nx Os +1
NVD
CVSS 2.0
6.1
EPSS
0.8%
CVE-2015-4296 MEDIUM This Month

Nexus Data Broker (NDB) on Cisco Nexus 3000 devices with software 6.0(2)A6(1) allows remote attackers to cause a denial of service (Java process restart) via crafted connections to the Java. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Java Nx Os
NVD
CVSS 2.0
5.0
EPSS
0.9%
CVE-2015-4277 MEDIUM This Month

The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
CVSS 2.0
4.9
EPSS
0.3%
CVE-2015-4324 MEDIUM This Month

Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Cisco Buffer Overflow VMware Nx Os
NVD
CVSS 2.0
6.1
EPSS
0.8%
CVE-2015-4301 MEDIUM This Month

Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-4235 CRITICAL Act Now

Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3o) and 1.1 before 1.1(1j) and Nexus 9000 ACI devices with software before 11.0(4o) and 11.1 before 11.1(1j). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Application Policy Infrastructure Controller Apic Nx Os
NVD
CVSS 2.0
9.0
EPSS
0.7%
CVE-2015-4237 MEDIUM This Month

The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Cisco Nx Os
NVD
CVSS 2.0
4.6
EPSS
0.2%
CVE-2015-4234 HIGH This Week

Cisco NX-OS 6.0(2) and 6.2(2) on Nexus devices has an improper OS configuration, which allows local users to obtain root access via unspecified input to the Python interpreter, aka Bug IDs. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Cisco Python Privilege Escalation Nx Os
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-4232 MEDIUM This Month

Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Nx Os
NVD
CVSS 2.0
4.6
EPSS
0.3%
CVE-2015-4231 LOW Monitor

The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC's files by leveraging administrative. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. No vendor patch available.

Cisco Python Privilege Escalation Nx Os
NVD
CVSS 2.0
3.6
EPSS
0.1%
CVE-2015-4225 MEDIUM This Month

Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Nx Os
NVD
CVSS 2.0
4.0
EPSS
0.3%
CVE-2015-4213 MEDIUM This Month

Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Nx Os
NVD
CVSS 2.0
4.0
EPSS
0.7%
CVE-2015-4197 MEDIUM This Month

Cisco NX-OS 5.2(5) on Nexus 7000 devices allows remote attackers to cause a denial of service (device crash) by sending a malformed LLDP packet on the local network, aka Bug ID CSCud89415. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
CVSS 2.0
6.1
EPSS
0.6%
CVE-2015-0775 MEDIUM This Month

The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os Nexus 1000V Mds 9000 Nx Os
NVD
CVSS 2.0
5.0
EPSS
1.2%
CVE-2015-0686 MEDIUM This Month

The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
CVSS 2.0
6.3
EPSS
0.8%
CVE-2015-0658 HIGH This Week

The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary. Rated high severity (CVSS 7.9). No vendor patch available.

Cisco Information Disclosure Nx Os
NVD
CVSS 2.0
7.9
EPSS
0.5%
CVE-2014-8013 MEDIUM This Month

The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a denial of service (device reload) via a long CLI command, aka Bug ID CSCur54182. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
CVSS 2.0
4.9
EPSS
0.3%
CVE-2015-0582 MEDIUM This Month

The High Availability (HA) subsystem in Cisco NX-OS on MDS 9000 devices allows remote attackers to cause a denial of service via crafted traffic, aka Bug ID CSCuo09129. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2014-3341 MEDIUM This Month

The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.5% and no vendor patch available.

Cisco Information Disclosure Nx Os Nexus 5000 Nexus 5010 +12
NVD
CVSS 2.0
5.0
EPSS
19.5%
CVE-2014-3330 MEDIUM This Month

Cisco NX-OS 6.1(2)I2(1) on Nexus 9000 switches does not properly process packet-drop policy checks for logged packets, which allows remote attackers to bypass intended access restrictions via a flood. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Nx Os Nexus 9000
NVD
CVSS 2.0
5.0
EPSS
0.1%
CVE-2014-3295 MEDIUM This Month

The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authentication and cause a denial of service (group-member state modification and traffic blackholing) via. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Authentication Bypass Nx Os
NVD
CVSS 2.0
4.8
EPSS
0.8%
CVE-2014-3261 HIGH This Week

Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices,. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Buffer Overflow RCE Unified Computing System 6120Xp Fabric Interconnect Unified Computing System 6140Xp Fabric Interconnect +25
NVD
CVSS 2.0
7.6
EPSS
0.8%
CVE-2014-2201 HIGH This Week

The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os Nexus 7000 Nexus 7000 10 Slot +4
NVD
CVSS 2.0
7.8
EPSS
0.7%
CVE-2014-2200 HIGH This Week

Cisco NX-OS 5.0 before 5.0(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via an SSH. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Privilege Escalation Nx Os
NVD
CVSS 2.0
7.1
EPSS
0.7%
CVE-2013-1191 HIGH This Week

Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Privilege Escalation Nx Os Nexus 7000 Nexus 7000 10 Slot +2
NVD
CVSS 2.0
7.1
EPSS
0.9%
CVE-2013-6975 MEDIUM This Month

Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and earlier allows local users to read arbitrary files via unspecified input, aka Bug ID CSCul05217. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Cisco Nx Os
NVD
CVSS 2.0
4.6
EPSS
0.0%
CVE-2014-0684 MEDIUM This Month

Cisco NX-OS 6.2(2) on Nexus 7000 switches allows local users to cause a denial of service via crafted sed input, aka Bug ID CSCui56136. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os Nexus 7000 Nexus 7000 10 Slot +2
NVD
CVSS 2.0
4.6
EPSS
0.2%
CVE-2014-0677 MEDIUM This Month

The Label Distribution Protocol (LDP) functionality in Cisco NX-OS allows remote attackers to cause a denial of service (temporary LDP session outage) via LDP discovery traffic containing malformed. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 2.0
5.0
EPSS
1.3%
CVE-2014-0676 MEDIUM This Month

Cisco NX-OS allows local users to bypass intended TACACS+ command restrictions via a series of multiple commands, aka Bug ID CSCum47367. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Nx Os
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-6982 MEDIUM This Month

The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not properly handle the interaction of UPDATE messages with IPv6, VPNv4, and VPNv6 labeled unicast-address families, which allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 2.0
4.3
EPSS
1.3%
CVE-2012-4135 MEDIUM This Month

Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and earlier allows local users to access arbitrary files via crafted command-line arguments during a delete action, aka Bug IDs. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Cisco Nx Os
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2012-4131 MEDIUM This Month

Directory traversal vulnerability in tar in Cisco NX-OS allows local users to access arbitrary files via crafted command-line arguments, aka Bug IDs CSCty07157, CSCty07159, CSCty07162, and CSCty07164. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Cisco Nx Os
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2013-6683 MEDIUM This Month

The IPv6 implementation in Cisco NX-OS does not properly handle neighbor-table adjacencies, which allows remote attackers to cause a denial of service (NS processing outage) via a series of malformed. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 2.0
6.1
EPSS
0.8%
CVE-2013-5566 MEDIUM This Month

Cisco NX-OS 5.0 and earlier on MDS 9000 devices allows remote attackers to cause a denial of service (supervisor CPU consumption) via Authentication Header (AH) authentication in a Virtual Router. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Nx Os
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2012-4121 MEDIUM This Month

Cisco NX-OS allows local users to gain privileges, and read or modify arbitrary files, via the sed (1) r and (2) w commands, aka Bug IDs CSCts56559, CSCts56565, CSCts56570, and CSCts56574. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Nx Os
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-4099 MEDIUM This Month

The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service (BGP service reset and resync) via a malformed UPDATE message, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2012-4097 MEDIUM This Month

The BGP implementation in Cisco NX-OS does not properly filter segment types in AS paths, which allows remote attackers to cause a denial of service (BGP service reset) via a malformed UPDATE. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2012-4077 MEDIUM This Month

Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via the sed e option, aka Bug IDs CSCtf25457 and CSCtf27651. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Nx Os
NVD
CVSS 2.0
6.8
EPSS
0.2%
CVE-2012-4076 MEDIUM This Month

Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in a command that calls the system library function, aka Bug IDs CSCtf23559 and CSCtf27780. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nx Os
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-4141 MEDIUM This Month

Directory traversal vulnerability in the CLI parser in Cisco NX-OS allows local users to create arbitrary script files via a relative pathname in the "file name" parameter, aka Bug IDs CSCua71557 and. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Path Traversal Cisco Nx Os
NVD
CVSS 2.0
6.2
EPSS
0.2%
CVE-2012-4122 MEDIUM This Month

The CLI parser in Cisco NX-OS allows local users to bypass intended access restrictions, and overwrite or create arbitrary files, via shell output redirection, aka Bug IDs CSCts56672 and CSCts56669. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Nx Os
NVD
CVSS 2.0
6.2
EPSS
0.1%
CVE-2012-4098 MEDIUM This Month

The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service (BGP service reset and resync) via a malformed UPDATE message, aka. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2012-4091 MEDIUM This Month

The RIP service engine in Cisco NX-OS allows remote attackers to cause a denial of service (engine restart) via a malformed (1) RIPv4 or (2) RIPv6 message, aka Bug ID CSCtj73415. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 2.0
5.0
EPSS
1.4%
CVE-2012-4090 MEDIUM This Month

The management interface in Cisco NX-OS on Nexus 7000 devices allows remote authenticated users to obtain sensitive configuration-file information by leveraging the network-operator role, aka Bug ID. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Nx Os Nexus 7000 Nexus 7000 10 Slot +2
NVD
CVSS 2.0
4.0
EPSS
0.5%
CVE-2012-4075 HIGH This Week

Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in unspecified command parameters, aka Bug IDs CSCtf19827 and CSCtf27788. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Cisco Nx Os
NVD
CVSS 2.0
7.2
EPSS
0.3%
CVE-2013-1121 MEDIUM This Month

The regex engine in the BGP implementation in Cisco NX-OS, when a complex regular expression is configured for inbound routes, allows remote attackers to cause a denial of service (device reload) via. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 2.0
5.4
EPSS
0.7%
CVE-2013-5496 MEDIUM This Month

Open Network Environment Platform (ONEP) in Cisco NX-OS allows remote authenticated users to cause a denial of service (network-element reload) via a crafted packet, aka Bug ID CSCui51551. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 2.0
6.3
EPSS
0.2%
CVE-2013-0149 MEDIUM This Month

The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Cisco iOS Ios Xe +5
NVD
CVSS 2.0
5.8
EPSS
0.8%
CVE-2013-3400 MEDIUM This Month

The license-installation module in Cisco NX-OS on Nexus 1000V devices allows local users to execute arbitrary commands via crafted "install license" arguments, aka Bug ID CSCuh30824. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nx Os Nexus 1000V
NVD
CVSS 2.0
6.8
EPSS
0.3%
CVE-2013-1213 MEDIUM This Month

Cisco NX-OS on the Nexus 1000V does not assign the proper priority to heartbeat messages from a Virtual Ethernet Module (VEM) to a Virtual Supervisor Module (VSM), which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os Nexus 1000V
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-1212 MEDIUM This Month

The SSL functionality in Cisco NX-OS on the Nexus 1000V does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof servers, and intercept or modify Virtual. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

VMware Information Disclosure Cisco Nx Os Nexus 1000V
NVD
CVSS 2.0
5.8
EPSS
0.2%
CVE-2013-1211 MEDIUM This Month

Cisco NX-OS on the Nexus 1000V does not properly handle authentication for Virtual Ethernet Module (VEM) to Virtual Supervisor Module (VSM) communication, which allows remote attackers to obtain VEM. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Cisco Authentication Bypass Nx Os
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-1210 MEDIUM This Month

Array index error in the Virtual Ethernet Module (VEM) kernel driver for VMware ESXi in Cisco NX-OS on the Nexus 1000V, when STUN debugging is enabled, allows remote attackers to cause a denial of. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow VMware Denial Of Service Cisco Nx Os
NVD
CVSS 2.0
5.4
EPSS
0.7%
CVE-2013-1209 MEDIUM This Month

The encryption functionality in the Virtual Supervisor Module (VSM) to Virtual Ethernet Module (VEM) communication component in Cisco NX-OS on the Nexus 1000V does not properly authenticate VSM/VEM. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Nx Os
NVD
CVSS 2.0
5.0
EPSS
0.1%
CVE-2013-1208 MEDIUM This Month

The encryption functionality in Cisco NX-OS on the Nexus 1000V does not properly handle Virtual Supervisor Module (VSM) to Virtual Ethernet Module (VEM) communication, which allows remote attackers. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Cisco Nx Os
NVD
CVSS 2.0
5.8
EPSS
0.2%
CVE-2013-1226 MEDIUM This Month

The Ethernet frame-forwarding implementation in Cisco NX-OS on Nexus 7000 devices allows remote attackers to cause a denial of service (forwarding loop and service outage) via a crafted frame, aka. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Nx Os Nexus 7000 +3
NVD
CVSS 2.0
6.1
EPSS
0.5%
CVE-2013-1181 HIGH This Week

Cisco NX-OS on Nexus 5500 devices 4.x and 5.x before 5.0(3)N2(2), Nexus 3000 devices 5.x before 5.0(3)U3(2), and Unified Computing System (UCS) 6200 devices before 2.0(1w) allows remote attackers to. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os Nexus 5548P Nexus 5548Up +9
NVD
CVSS 2.0
7.8
EPSS
0.8%
CVE-2013-1180 CRITICAL Act Now

Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allows remote. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Nx Os Nexus 7000 +4
NVD
CVSS 2.0
9.0
EPSS
4.4%
CVE-2013-1179 CRITICAL Act Now

Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Nx Os Nexus 7000 +4
NVD
CVSS 2.0
9.0
EPSS
4.4%
CVE-2013-1178 HIGH This Week

Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Nx Os Nexus 7000 +25
NVD
CVSS 2.0
8.3
EPSS
1.6%
CVE-2013-1122 MEDIUM This Month

Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport Virtualization (OTV) configuration is used, allows remote attackers to cause a denial of service (M1-Series module reload) via crafted. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os Nexus 7000
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2012-6396 MEDIUM This Month

Cisco NX-OS on Nexus 7000 series switches does not properly handle certain line-card replacements, which might allow remote authenticated users to cause a denial of service (memory consumption) via a. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Nx Os Nexus 7000 Nexus 7000 10 Slot +2
NVD
CVSS 2.0
4.9
EPSS
0.6%
CVE-2012-3051 MEDIUM This Month

Cisco NX-OS 5.2 and 6.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (process crash or packet loss) via a large number of ARP packets, aka Bug ID CSCtr44822. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os Nexus 7000 Nexus 7000 10 Slot +2
NVD
CVSS 2.0
6.1
EPSS
0.5%
CVE-2012-1357 MEDIUM This Month

The igmp_snoop_orib_fill_source_update function in the IGMP process in NX-OS 5.0 and 5.1 on Cisco Nexus 5000 series switches allows remote attackers to cause a denial of service (device reload) via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Nx Os Nexus 5000
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2012-2469 HIGH This Week

Cisco NX-OS 4.2, 5.0, 5.1, and 5.2 on Nexus 7000 series switches, when the High Availability (HA) policy is configured for Reset, allows remote attackers to cause a denial of service (device reset). Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os Nexus 7000 Nexus 7000 10 Slot +2
NVD
CVSS 2.0
7.8
EPSS
0.8%
CVE-2012-0352 HIGH This Week

Cisco NX-OS 4.2.x before 4.2(1)SV1(5.1) on Nexus 1000v series switches; 4.x and 5.0.x before 5.0(2)N1(1) on Nexus 5000 series switches; and 4.2.x before 4.2.8, 5.0.x before 5.0.5, and 5.1.x before. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os Nexus 1000V Nexus 5000 +9
NVD
CVSS 2.0
7.8
EPSS
0.4%
EPSS 1% CVSS 7.8
HIGH This Week

A vulnerability in the CLI of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A Denial of Service vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A Denial of Service vulnerability in the Telnet remote login functionality of Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

An Access-Control Filtering Mechanisms Bypass vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could allow an unauthenticated, remote attacker to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Nx Os
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability in Intermediate System-to-Intermediate System (IS-IS) protocol packet processing of Cisco Nexus 5000, 6000, and 7000 Series Switches software could allow an unauthenticated, adjacent. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Buffer Overflow +2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
EPSS 26% CVSS 9.8
CRITICAL Act Now

Buffer overflow in the Overlay Transport Virtualization (OTV) GRE feature in Cisco NX-OS 5.0 through 7.3 on Nexus 7000 and 7700 devices allows remote attackers to execute arbitrary code via long. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 26.1% and no vendor patch available.

Cisco Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
EPSS 0% CVSS 8.0
HIGH This Week

Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Nx Os
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an incorrect iptables local-interface configuration, which allows remote attackers to obtain sensitive information via TCP or UDP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Nx Os
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Cisco Nexus 1000v Application Virtual Switch (AVS) devices before 5.2(1)SV3(1.5i) allow remote attackers to cause a denial of service (ESXi hypervisor crash and purple screen) via a crafted Cisco. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco VMware +1
NVD
EPSS 5% CVSS 7.5
HIGH This Week

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Cisco Denial Of Service +4
NVD
EPSS 2% CVSS 7.5
HIGH This Week

The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1 through 6.2 allows remote attackers to cause a denial of service (device reload) via a crafted header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Cisco Denial Of Service +2
NVD
EPSS 6% CVSS 7.5
HIGH This Week

Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Unified Computing System +6
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Cisco NX-OS 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1) on Nexus 2000 Fabric Extender devices has a blank root password, which allows local users to gain privileges via unspecified vectors, aka Bug ID. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Nx Os
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass X14J Firmware +4
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

The kernel in Cisco NX-OS 5.2(9)N1(1) on Nexus 5000 devices allows local users to cause a denial of service (device crash) via crafted USB parameters, aka Bug ID CSCus89408. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Cisco NX-OS 6.0(2)U6(0.46) on N3K devices allows remote authenticated users to cause a denial of service (temporary SNMP outage) via an SNMP request for an OID that does not exist, aka Bug ID. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Cisco VMware +4
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.9); Nexus 3000 devices 6.0(2)U5(1.41), 7.0(3)I2(0.373), and 7.3(0)ZN(0.83); Nexus 4000 devices 4.1(2)E1(1b); Nexus. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Cisco Buffer Overflow +3
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Nexus Data Broker (NDB) on Cisco Nexus 3000 devices with software 6.0(2)A6(1) allows remote attackers to cause a denial of service (Java process restart) via crafted connections to the Java. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Java +1
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Cisco Buffer Overflow +2
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3o) and 1.1 before 1.1(1j) and Nexus 9000 ACI devices with software before 11.0(4o) and 11.1 before 11.1(1j). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Application Policy Infrastructure Controller Apic +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Cisco Nx Os
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Cisco NX-OS 6.0(2) and 6.2(2) on Nexus devices has an improper OS configuration, which allows local users to obtain root access via unspecified input to the Python interpreter, aka Bug IDs. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Cisco Python Privilege Escalation +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Nx Os
NVD
EPSS 0% CVSS 3.6
LOW Monitor

The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC's files by leveraging administrative. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. No vendor patch available.

Cisco Python Privilege Escalation +1
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Nx Os
NVD
EPSS 1% CVSS 4.0
MEDIUM This Month

Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Nx Os
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cisco NX-OS 5.2(5) on Nexus 7000 devices allows remote attackers to cause a denial of service (device crash) by sending a malformed LLDP packet on the local network, aka Bug ID CSCud89415. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os +2
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
EPSS 0% CVSS 7.9
HIGH This Week

The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary. Rated high severity (CVSS 7.9). No vendor patch available.

Cisco Information Disclosure Nx Os
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a denial of service (device reload) via a long CLI command, aka Bug ID CSCur54182. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

The High Availability (HA) subsystem in Cisco NX-OS on MDS 9000 devices allows remote attackers to cause a denial of service via crafted traffic, aka Bug ID CSCuo09129. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
EPSS 19% CVSS 5.0
MEDIUM This Month

The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.5% and no vendor patch available.

Cisco Information Disclosure Nx Os +14
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Cisco NX-OS 6.1(2)I2(1) on Nexus 9000 switches does not properly process packet-drop policy checks for logged packets, which allows remote attackers to bypass intended access restrictions via a flood. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Nx Os +1
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authentication and cause a denial of service (group-member state modification and traffic blackholing) via. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Authentication Bypass +1
NVD
EPSS 1% CVSS 7.6
HIGH This Week

Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices,. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Buffer Overflow RCE +27
NVD
EPSS 1% CVSS 7.8
HIGH This Week

The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os +6
NVD
EPSS 1% CVSS 7.1
HIGH This Week

Cisco NX-OS 5.0 before 5.0(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via an SSH. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Privilege Escalation Nx Os
NVD
EPSS 1% CVSS 7.1
HIGH This Week

Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Privilege Escalation Nx Os +4
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and earlier allows local users to read arbitrary files via unspecified input, aka Bug ID CSCul05217. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Cisco Nx Os
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Cisco NX-OS 6.2(2) on Nexus 7000 switches allows local users to cause a denial of service via crafted sed input, aka Bug ID CSCui56136. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os +4
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

The Label Distribution Protocol (LDP) functionality in Cisco NX-OS allows remote attackers to cause a denial of service (temporary LDP session outage) via LDP discovery traffic containing malformed. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Cisco NX-OS allows local users to bypass intended TACACS+ command restrictions via a series of multiple commands, aka Bug ID CSCum47367. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Nx Os
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not properly handle the interaction of UPDATE messages with IPv6, VPNv4, and VPNv6 labeled unicast-address families, which allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and earlier allows local users to access arbitrary files via crafted command-line arguments during a delete action, aka Bug IDs. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Cisco Nx Os
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Directory traversal vulnerability in tar in Cisco NX-OS allows local users to access arbitrary files via crafted command-line arguments, aka Bug IDs CSCty07157, CSCty07159, CSCty07162, and CSCty07164. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Cisco Nx Os
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

The IPv6 implementation in Cisco NX-OS does not properly handle neighbor-table adjacencies, which allows remote attackers to cause a denial of service (NS processing outage) via a series of malformed. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Cisco NX-OS 5.0 and earlier on MDS 9000 devices allows remote attackers to cause a denial of service (supervisor CPU consumption) via Authentication Header (AH) authentication in a Virtual Router. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Cisco NX-OS allows local users to gain privileges, and read or modify arbitrary files, via the sed (1) r and (2) w commands, aka Bug IDs CSCts56559, CSCts56565, CSCts56570, and CSCts56574. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Nx Os
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service (BGP service reset and resync) via a malformed UPDATE message, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The BGP implementation in Cisco NX-OS does not properly filter segment types in AS paths, which allows remote attackers to cause a denial of service (BGP service reset) via a malformed UPDATE. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via the sed e option, aka Bug IDs CSCtf25457 and CSCtf27651. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Nx Os
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in a command that calls the system library function, aka Bug IDs CSCtf23559 and CSCtf27780. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nx Os
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

Directory traversal vulnerability in the CLI parser in Cisco NX-OS allows local users to create arbitrary script files via a relative pathname in the "file name" parameter, aka Bug IDs CSCua71557 and. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Path Traversal Cisco +1
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

The CLI parser in Cisco NX-OS allows local users to bypass intended access restrictions, and overwrite or create arbitrary files, via shell output redirection, aka Bug IDs CSCts56672 and CSCts56669. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Nx Os
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service (BGP service reset and resync) via a malformed UPDATE message, aka. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

The RIP service engine in Cisco NX-OS allows remote attackers to cause a denial of service (engine restart) via a malformed (1) RIPv4 or (2) RIPv6 message, aka Bug ID CSCtj73415. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
EPSS 1% CVSS 4.0
MEDIUM This Month

The management interface in Cisco NX-OS on Nexus 7000 devices allows remote authenticated users to obtain sensitive configuration-file information by leveraging the network-operator role, aka Bug ID. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Nx Os +4
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in unspecified command parameters, aka Bug IDs CSCtf19827 and CSCtf27788. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Cisco Nx Os
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

The regex engine in the BGP implementation in Cisco NX-OS, when a complex regular expression is configured for inbound routes, allows remote attackers to cause a denial of service (device reload) via. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

Open Network Environment Platform (ONEP) in Cisco NX-OS allows remote authenticated users to cause a denial of service (network-element reload) via a crafted packet, aka Bug ID CSCui51551. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
EPSS 1% CVSS 5.8
MEDIUM This Month

The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Cisco +7
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

The license-installation module in Cisco NX-OS on Nexus 1000V devices allows local users to execute arbitrary commands via crafted "install license" arguments, aka Bug ID CSCuh30824. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nx Os +1
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Cisco NX-OS on the Nexus 1000V does not assign the proper priority to heartbeat messages from a Virtual Ethernet Module (VEM) to a Virtual Supervisor Module (VSM), which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os +1
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

The SSL functionality in Cisco NX-OS on the Nexus 1000V does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof servers, and intercept or modify Virtual. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

VMware Information Disclosure Cisco +2
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Cisco NX-OS on the Nexus 1000V does not properly handle authentication for Virtual Ethernet Module (VEM) to Virtual Supervisor Module (VSM) communication, which allows remote attackers to obtain VEM. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Cisco Authentication Bypass +1
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Array index error in the Virtual Ethernet Module (VEM) kernel driver for VMware ESXi in Cisco NX-OS on the Nexus 1000V, when STUN debugging is enabled, allows remote attackers to cause a denial of. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow VMware Denial Of Service +2
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The encryption functionality in the Virtual Supervisor Module (VSM) to Virtual Ethernet Module (VEM) communication component in Cisco NX-OS on the Nexus 1000V does not properly authenticate VSM/VEM. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Nx Os
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

The encryption functionality in Cisco NX-OS on the Nexus 1000V does not properly handle Virtual Supervisor Module (VSM) to Virtual Ethernet Module (VEM) communication, which allows remote attackers. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Cisco Nx Os
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

The Ethernet frame-forwarding implementation in Cisco NX-OS on Nexus 7000 devices allows remote attackers to cause a denial of service (forwarding loop and service outage) via a crafted frame, aka. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Cisco NX-OS on Nexus 5500 devices 4.x and 5.x before 5.0(3)N2(2), Nexus 3000 devices 5.x before 5.0(3)U3(2), and Unified Computing System (UCS) 6200 devices before 2.0(1w) allows remote attackers to. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os +11
NVD
EPSS 4% CVSS 9.0
CRITICAL Act Now

Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allows remote. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco +6
NVD
EPSS 4% CVSS 9.0
CRITICAL Act Now

Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco +6
NVD
EPSS 2% CVSS 8.3
HIGH This Week

Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco +27
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport Virtualization (OTV) configuration is used, allows remote attackers to cause a denial of service (M1-Series module reload) via crafted. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os +1
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Cisco NX-OS on Nexus 7000 series switches does not properly handle certain line-card replacements, which might allow remote authenticated users to cause a denial of service (memory consumption) via a. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Nx Os +4
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cisco NX-OS 5.2 and 6.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (process crash or packet loss) via a large number of ARP packets, aka Bug ID CSCtr44822. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os +4
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The igmp_snoop_orib_fill_source_update function in the IGMP process in NX-OS 5.0 and 5.1 on Cisco Nexus 5000 series switches allows remote attackers to cause a denial of service (device reload) via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Cisco NX-OS 4.2, 5.0, 5.1, and 5.2 on Nexus 7000 series switches, when the High Availability (HA) policy is configured for Reset, allows remote attackers to cause a denial of service (device reset). Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Cisco NX-OS 4.2.x before 4.2(1)SV1(5.1) on Nexus 1000v series switches; 4.x and 5.0.x before 5.0(2)N1(1) on Nexus 5000 series switches; and 4.2.x before 4.2.8, 5.0.x before 5.0.5, and 5.1.x before. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os +11
NVD
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy