Cisco NX-OS vulnerabilities
239 known vulnerabilities affecting cisco/nx-os.
Total CVEs
239
CISA KEV
2
actively exploited
Public exploits
1
Exploited in wild
3
Severity breakdown
CRITICAL8HIGH104MEDIUM125LOW2
Vulnerabilities
Page 4 of 12
CVE-2019-1964HIGHCVSS 7.5≥ 8.1, < 8.2\(3\)≥ 8.3, < 8.42019-08-28
CVE-2019-1964 [HIGH] CWE-20 CVE-2019-1964: A vulnerability in the IPv6 traffic processing of Cisco NX-OS Software could allow an unauthenticate
A vulnerability in the IPv6 traffic processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an unexpected restart of the netstack process on an affected device. The vulnerability is due to improper validation of IPv6 traffic sent through an affected device. An attacker could exploit this vulnerability by sending a malf
nvd
CVE-2019-1963MEDIUMCVSS 6.5≥ 5.2, < 6.2\(29\)≥ 7.3, < 8.4+17 more2019-08-28
CVE-2019-1963 [MEDIUM] CWE-20 CVE-2019-1963: A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXO
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded
nvd
CVE-2019-1901HIGHCVSS 8.8fixed in 13.2\(7f\)≥ 14.0\(1h\), ≤ 14.1\(2g\)2019-07-31
CVE-2019-1901 [HIGH] CWE-119 CVE-2019-1901: A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series App
A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges. The vulnerability is due to improper input validation
nvd
CVE-2019-1858HIGHCVSS 8.6fixed in 8.1\(1\)fixed in 7.0\(3\)i4\(8\)+11 more2019-05-16
CVE-2019-1858 [HIGH] CWE-20 CVE-2019-1858: A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXO
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when
nvd
CVE-2019-1780MEDIUMCVSS 6.7≥ 5.2, < 6.2\(25\)≥ 7.3, < 8.1\(1b\)+11 more2019-05-16
CVE-2019-1780 [MEDIUM] CWE-77 CVE-2019-1780: A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authentica
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI com
nvd
CVE-2019-1768MEDIUMCVSS 6.7fixed in 8.3\(1\)2019-05-16
CVE-2019-1768 [MEDIUM] CWE-119 CVE-2019-1768: A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system o
nvd
CVE-2019-1726HIGHCVSS 7.8≥ 5.2, < 6.2\(25\)≥ 7.3, < 8.3\(2\)+8 more2019-05-15
CVE-2019-1726 [HIGH] CWE-20 CVE-2019-1726: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to a
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicio
nvd
CVE-2019-1735HIGHCVSS 7.8fixed in 8.3\(1\)fixed in 7.0\(3\)i7\(6\)+11 more2019-05-15
CVE-2019-1735 [HIGH] CWE-77 CVE-2019-1735: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to e
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by in
nvd
CVE-2019-1784MEDIUMCVSS 6.7fixed in 7.3\(5\)n1\(1\)≥ 7.2, < 7.3\(3\)d1\(1\)+3 more2019-05-15
CVE-2019-1784 [MEDIUM] CWE-77 CVE-2019-1784: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to e
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this
nvd
CVE-2019-1767MEDIUMCVSS 6.7fixed in 8.3\(1\)2019-05-15
CVE-2019-1767 [MEDIUM] CWE-119 CVE-2019-1767: A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system o
nvd
CVE-2019-1778MEDIUMCVSS 6.7fixed in 7.0\(3\)i4\(9\)≥ 7.0\(3\)i7, < 7.0\(3\)i7\(4\)+1 more2019-05-15
CVE-2019-1778 [MEDIUM] CWE-78 CVE-2019-1778: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to e
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this
nvd
CVE-2019-1776MEDIUMCVSS 6.7fixed in 8.2\(2\)≥ 8.3, < 8.3\(1\)+9 more2019-05-15
CVE-2019-1776 [MEDIUM] CWE-78 CVE-2019-1776: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to e
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vu
nvd
CVE-2019-1728MEDIUMCVSS 6.7≥ 8.1, < 8.1\(1b\)≥ 8.2, < 8.3\(1\)+9 more2019-05-15
CVE-2019-1728 [MEDIUM] CWE-347 CVE-2019-1728: A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisc
A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of system files when the persistent configuration informatio
nvd
CVE-2019-1810MEDIUMCVSS 6.7≥ 6.1\(2\)i3\(4\), < 7.0\(3\)i7\(5\)≥ 7.0\(3\)i7\(5a\), < 9.2\(2\)+4 more2019-05-15
CVE-2019-1810 [MEDIUM] CWE-347 CVE-2019-1810: A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco Ne
A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco Nexus 3000 Series and 9000 Series Switches could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not
nvd
CVE-2019-1812MEDIUMCVSS 6.7≥ 6.0\(2\), < 7.0\(3\)i7\(5\)≥ 9.2, < 9.2\(2\)+2 more2019-05-15
CVE-2019-1812 [MEDIUM] CWE-347 CVE-2019-1812: A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an a
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attack
nvd
CVE-2019-1795MEDIUMCVSS 6.7fixed in 8.2\(3\)≥ 8.3, < 8.3\(1\)+13 more2019-05-15
CVE-2019-1795 [MEDIUM] CWE-77 CVE-2019-1795: A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authentica
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An atta
nvd
CVE-2019-1731MEDIUMCVSS 4.4fixed in 7.0\(3\)i4\(9\)≥ 7.0\(3\)i7, < 7.0\(3\)i7\(4\)+4 more2019-05-15
CVE-2019-1731 [MEDIUM] CWE-200 CVE-2019-1731: A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an a
A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a spe
nvd
CVE-2019-1813MEDIUMCVSS 6.7≥ 7.0\(3\)i1\(x\), < 7.0\(3\)i7\(5\)≥ 9.2, < 9.2\(2\)+2 more2019-05-15
CVE-2019-1813 [MEDIUM] CWE-347 CVE-2019-1813: A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an a
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attack
nvd
CVE-2019-1808MEDIUMCVSS 4.4≥ 7.3, < 8.1\(1a\)≥ 8.2, < 8.3\(1\)+2 more2019-05-15
CVE-2019-1808 [MEDIUM] CWE-347 CVE-2019-1808: A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an a
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulne
nvd
CVE-2019-1730MEDIUMCVSS 6.7≥ 7.0\(3\)i4, < 7.0\(3\)i4\(9\)≥ 7.0\(3\)i7, < 7.0\(3\)i7\(4\)+2 more2019-05-15
CVE-2019-1730 [MEDIUM] CWE-264 CVE-2019-1730: A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticat
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials
nvd