Cisco NX-OS vulnerabilities

239 known vulnerabilities affecting cisco/nx-os.

Total CVEs

239

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL8HIGH104MEDIUM125LOW2

Vulnerabilities

Page 11 of 12

CVE-2015-4324MEDIUMCVSS 6.1v7.3\(0\)zn\(0.81\)v4.1\(2\)e1\(1c\)+1 more2015-08-19

CVE-2015-4324 [MEDIUM] CWE-119 CVE-2015-4324: Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled

nvd

CVE-2015-4301MEDIUMCVSS 6.8v11.1\(1c\)2015-08-19

CVE-2015-4301 [MEDIUM] CWE-399 CVE-2015-4301: Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of se Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225.

nvd

CVE-2015-4277MEDIUMCVSS 4.9v5.1.3v5.3.02015-08-19

CVE-2015-4277 [MEDIUM] CWE-399 CVE-2015-4277: The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 impr The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842.

nvd

CVE-2015-4235CRITICALCVSS 9.0v11.0\(1b\)v11.0\(1c\)+9 more2015-07-24

CVE-2015-4235 [CRITICAL] CWE-264 CVE-2015-4235: Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3o) and 1 Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3o) and 1.1 before 1.1(1j) and Nexus 9000 ACI devices with software before 11.0(4o) and 11.1 before 11.1(1j) do not properly restrict access to the APIC filesystem, which allows remote authenticated users to obtain root privileges via unspecified use of the AP

nvd

CVE-2015-4234HIGHCVSS 7.2v6.0\(2\)v6.2\(2\)2015-07-03

CVE-2015-4234 [HIGH] CWE-264 CVE-2015-4234: Cisco NX-OS 6.0(2) and 6.2(2) on Nexus devices has an improper OS configuration, which allows local Cisco NX-OS 6.0(2) and 6.2(2) on Nexus devices has an improper OS configuration, which allows local users to obtain root access via unspecified input to the Python interpreter, aka Bug IDs CSCun02887, CSCur00115, and CSCur00127.

nvd

CVE-2015-4237MEDIUMCVSS 4.6v7.2\(0\)zz\(99.3\)v7.2\(0\)zz\(99.1\)+4 more2015-07-03

CVE-2015-4237 [MEDIUM] CWE-78 CVE-2015-4237: The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9. The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436.

nvd

CVE-2015-4232MEDIUMCVSS 4.6v6.2\(10\)2015-07-03

CVE-2015-4232 [MEDIUM] CWE-264 CVE-2015-4232: Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS command Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.

nvd

CVE-2015-4231LOWCVSS 3.6v6.2\(8a\)2015-07-03

CVE-2015-4231 [LOW] CWE-264 CVE-2015-4231: The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass int The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC's files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416.

nvd

CVE-2015-4225MEDIUMCVSS 4.0v1.0\(1.110a\)v1.0\(1e\)2015-06-27

CVE-2015-4225 [MEDIUM] CWE-264 CVE-2015-4225: Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devi Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.

nvd

CVE-2015-4213MEDIUMCVSS 4.0v1.1\(1g\)2015-06-24

CVE-2015-4213 [MEDIUM] CWE-200 CVE-2015-4213: Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext pa Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391.

nvd

CVE-2015-4197MEDIUMCVSS 6.1v5.2\(5\)2015-06-20

CVE-2015-4197 [MEDIUM] CWE-20 CVE-2015-4197: Cisco NX-OS 5.2(5) on Nexus 7000 devices allows remote attackers to cause a denial of service (devic Cisco NX-OS 5.2(5) on Nexus 7000 devices allows remote attackers to cause a denial of service (device crash) by sending a malformed LLDP packet on the local network, aka Bug ID CSCud89415.

nvd

CVE-2015-0775MEDIUMCVSS 5.0v4.1\(2\)e1\(1f\)v7.2\(0\)zn\(99.67\)+2 more2015-06-12

CVE-2015-0775 [MEDIUM] CWE-399 CVE-2015-0775: The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2. The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login

nvd

CVE-2015-0686MEDIUMCVSS 6.3v6.1\(2\)i2\(3\)2015-04-03

CVE-2015-0686 [MEDIUM] CWE-399 CVE-2015-0686: The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availabi The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service (device reload) via unspecified vectors, aka Bug ID CSCuq92240.

nvd

CVE-2015-0658HIGHCVSS 7.9v6.1\(2\)v6.1\(3\)+66 more2015-03-28

CVE-2015-0658 [HIGH] CWE-20 CVE-2015-0658: The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not prop The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589.

nvd

CVE-2014-3341MEDIUMCVSS 5.0≤ 7.0\(3\)n1\(1\)v5.0\(2\)n1\(1\)+36 more2014-08-19

CVE-2014-3341 [MEDIUM] CWE-200 CVE-2014-3341: The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides diffe The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows remote attackers to enumerate VLANs via a series of requests, aka Bug ID CSCup85616.

nvd

CVE-2014-3330MEDIUMCVSS 5.0v6.1\(2\)i2\(1\)2014-08-11

CVE-2014-3330 [MEDIUM] CWE-264 CVE-2014-3330: Cisco NX-OS 6.1(2)I2(1) on Nexus 9000 switches does not properly process packet-drop policy checks f Cisco NX-OS 6.1(2)I2(1) on Nexus 9000 switches does not properly process packet-drop policy checks for logged packets, which allows remote attackers to bypass intended access restrictions via a flood of packets matching a policy that contains the log keyword, aka Bug ID CSCuo02489.

nvd

CVE-2014-3295MEDIUMCVSS 4.8≤ 6.2\(2a\)v4.1.\(2\)+32 more2014-06-14

CVE-2014-3295 [MEDIUM] CWE-287 CVE-2014-3295: The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authent The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authentication and cause a denial of service (group-member state modification and traffic blackholing) via malformed HSRP packets, aka Bug ID CSCup11309.

nvd

CVE-2014-3261HIGHCVSS 7.6v5.2v5.2\(1\)+45 more2014-05-26

CVE-2014-3261 [HIGH] CWE-119 CVE-2014-3261: Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisc Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices, NX-OS 4.1 before 4.1(2)E1(1l) on Nexus 4000 devices, NX-OS 5.x before 5.1(3)N1(1) on Nexus 5000 devices, NX-OS 5.2 before 5.2(3a) on Nexus 7000 devices, and

nvd

CVE-2014-2201HIGHCVSS 7.8v6.0\(1\)≤ 6.2\(5a\)+5 more2014-05-26

CVE-2014-2201 [HIGH] CVE-2014-2201: The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6 The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bug ID CSCtw98915.

nvd

CVE-2013-1191HIGHCVSS 7.1v6.1v6.1\(1\)+4 more2014-05-26

CVE-2013-1191 [HIGH] CWE-264 CVE-2013-1191: Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted SSH key data in an SSH session to a management interface, aka Bug ID CSCud88400.

nvd

← Previous11 / 12Next →