Cisco NX-OS vulnerabilities
239 known vulnerabilities affecting cisco/nx-os.
Total CVEs
239
CISA KEV
2
actively exploited
Public exploits
1
Exploited in wild
3
Severity breakdown
CRITICAL8HIGH104MEDIUM125LOW2
Vulnerabilities
Page 5 of 12
CVE-2019-1783MEDIUMCVSS 6.7fixed in 7.3\(4\)n1\(1\)≥ 7.2, < 7.3\(3\)d1\(1\)+1 more2019-05-15
CVE-2019-1783 [MEDIUM] CWE-77 CVE-2019-1783: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device.
nvd
CVE-2019-1790MEDIUMCVSS 6.7≥ 5.2, < 6.2\(25\)≥ 7.3, < 8.1\(1b\)+10 more2019-05-15
CVE-2019-1790 [MEDIUM] CWE-77 CVE-2019-1790: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulne
nvd
CVE-2019-1733MEDIUMCVSS 5.4≥ 7.0\(3\)i7, < 7.0\(3\)i7\(4\)2019-05-15
CVE-2019-1733 [MEDIUM] CWE-79 CVE-2019-1733: A vulnerability in the NX API (NX-API) Sandbox interface for Cisco NX-OS Software could allow an aut
A vulnerability in the NX API (NX-API) Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the NX-API Sandbox interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the NX-API Sandbox interface. A
nvd
CVE-2019-1782MEDIUMCVSS 6.7fixed in 4.0\(1a\)≥ 5.2, < 6.2\(25\)+11 more2019-05-15
CVE-2019-1782 [MEDIUM] CWE-77 CVE-2019-1782: A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authentica
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by
nvd
CVE-2019-1775MEDIUMCVSS 6.7≥ 5.2, < 6.2\(25\)≥ 7.3, < 8.1\(1b\)+10 more2019-05-15
CVE-2019-1775 [MEDIUM] CWE-78 CVE-2019-1775: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to e
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious inpu
nvd
CVE-2019-1781MEDIUMCVSS 6.7≥ 5.2, < 6.2\(25\)≥ 7.3, < 8.3\(2\)+11 more2019-05-15
CVE-2019-1781 [MEDIUM] CWE-77 CVE-2019-1781: A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authentica
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by
nvd
CVE-2019-1732MEDIUMCVSS 6.4≥ 7.0\(3\)i4, < 7.0\(3\)i7\(4\)2019-05-15
CVE-2019-1732 [MEDIUM] CWE-78 CVE-2019-1732: A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco NX-OS Software could allow an
A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use (TOCTOU) race condition to corrupt local variables, which could lead to arbitrary command injection. The vulnerability is due to the lack of a proper l
nvd
CVE-2019-1791MEDIUMCVSS 6.7≥ 5.2, < 6.2\(25\)≥ 7.3, < 8.2\(3\)+10 more2019-05-15
CVE-2019-1791 [MEDIUM] CWE-77 CVE-2019-1791: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could
nvd
CVE-2019-1729MEDIUMCVSS 6.0fixed in 7.0\(3\)i4\(9\)≥ 7.0\(3\)i7, < 7.0\(3\)i7\(4\)+1 more2019-05-15
CVE-2019-1729 [MEDIUM] CWE-20 CVE-2019-1729: A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco
A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. These file overwrites by the attacker are accomplished at the root privilege level. The vulnerability occurs because there is no
nvd
CVE-2019-1774MEDIUMCVSS 6.7≥ 5.2, < 6.2\(25\)≥ 7.3, < 8.1\(1b\)+10 more2019-05-15
CVE-2019-1774 [MEDIUM] CWE-78 CVE-2019-1774: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to e
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious inpu
nvd
CVE-2019-1809MEDIUMCVSS 6.7≥ 7.3, < 8.1\(1a\)≥ 8.2, < 8.3\(1\)+3 more2019-05-15
CVE-2019-1809 [MEDIUM] CWE-347 CVE-2019-1809: A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an a
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulne
nvd
CVE-2019-1727MEDIUMCVSS 6.7≥ 5.2, < 8.1\(1b\)≥ 8.2, < 8.3\(1\)+5 more2019-05-15
CVE-2019-1727 [MEDIUM] CWE-264 CVE-2019-1727: A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticat
A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and issue arbitrary commands to elevate the attacker's privilege level. The vulnerability is due to insufficient sanitization of user-supplied parameters that are passed to certain Python functions in the s
nvd
CVE-2019-1811MEDIUMCVSS 6.7≥ 6.0\(2\), < 7.0\(3\)i7\(5\)≥ 9.2, < 9.2\(2\)+2 more2019-05-15
CVE-2019-1811 [MEDIUM] CWE-347 CVE-2019-1811: A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an a
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attack
nvd
CVE-2019-1769MEDIUMCVSS 6.7fixed in 7.0\(3\)i7\(6\)≥ 7.0\(3\), < 7.0\(3\)f3\(5\)2019-05-15
CVE-2019-1769 [MEDIUM] CWE-78 CVE-2019-1769: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system of an attached line card with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command
nvd
CVE-2019-1779MEDIUMCVSS 6.7≥ 5.2, < 6.2\(25\)≥ 7.3, < 8.1\(1b\)+8 more2019-05-15
CVE-2019-1779 [MEDIUM] CWE-77 CVE-2019-1779: A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authentica
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploi
nvd
CVE-2019-1649MEDIUMCVSS 6.7fixed in 8.4.1fixed in 9.3\(2\)2019-05-13
CVE-2019-1649 [MEDIUM] CWE-284 CVE-2019-1649: A vulnerability in the logic that handles access control to one of the hardware components in Cisco'
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vuln
nvd
CVE-2019-1836HIGHCVSS 7.1v14.0\(3d\)2019-05-03
CVE-2019-1836 [HIGH] CWE-22 CVE-2019-1836: A vulnerability in the system shell for Cisco Nexus 9000 Series Fabric Switches in Application Centr
A vulnerability in the system shell for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to use symbolic links to overwrite system files. These system files may be sensitive and should not be overwritable by non-root users. The attacker would need valid device credential
nvd
CVE-2019-1590HIGHCVSS 8.1v8.3\(0\)sk\(0.39\)v14.1\(0.90\)2019-05-03
CVE-2019-1590 [HIGH] CWE-295 CVE-2019-1590: A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco
A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an affected device. The vulnerability is due to insufficient TLS client certifi
nvd
CVE-2019-1592HIGHCVSS 7.8v14.1\(0.90\)2019-05-03
CVE-2019-1592 [HIGH] CWE-264 CVE-2019-1592: A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Ce
A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. The vulnerability is due to insufficient validation of user-supplied files on an affected device. An at
nvd
CVE-2019-1589MEDIUMCVSS 4.6v8.3\(0\)sk\(0.39\)2019-05-03
CVE-2019-1589 [MEDIUM] CWE-200 CVE-2019-1589: A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000
A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. The vulnerability is due to a lack of proper data-protection
nvd