Cisco NX-OS vulnerabilities

CVE-2017-12330 [MEDIUM] CWE-77 CVE-2017-12330: A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attack A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI comman

CVE-2017-12335 [MEDIUM] CWE-77 CVE-2017-12335: A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attack A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command and gain unautho

CVE-2017-12341 [MEDIUM] CWE-77 CVE-2017-12341: A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attack A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation during the installation of a software patch. An attacker could exploit t

CVE-2017-12342 [MEDIUM] CWE-264 CVE-2017-12342: A vulnerability in the Open Agent Container (OAC) feature of Cisco Nexus Series Switches could allow A vulnerability in the Open Agent Container (OAC) feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and send packets outside the scope of the OAC. The vulnerability is due to insufficient internal security measures in the OAC feature. An attacker could exploit this vulnerability by crafting specific packet

CVE-2017-12332 [MEDIUM] CWE-434 CVE-2017-12332: A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, loca A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installing a crafted patch image on an affected device. The vul

CVE-2017-12339 [MEDIUM] CWE-77 CVE-2017-12339: A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attack A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI comman

CVE-2017-12351 [MEDIUM] CWE-264 CVE-2017-12351: A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticat A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container. An attacker would need valid administrator credentials to perform this attack. The vulnerability is due to insufficient internal security measures in the guest

CVE-2017-12334 [MEDIUM] CWE-20 CVE-2017-12334: A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attack A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by in

CVE-2017-12333 [MEDIUM] CWE-347 CVE-2017-12333: A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypas A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. The vulnerability is due to insufficient NX-OS signature verification for software images. An authenticated, local attacker could exploit this vulnerability to bypass signature verification and l

CVE-2017-12340 [MEDIUM] CWE-284 CVE-2017-12340: A vulnerability in Cisco NX-OS System Software running on Cisco MDS Multilayer Director Switches, Ci A vulnerability in Cisco NX-OS System Software running on Cisco MDS Multilayer Director Switches, Cisco Nexus 7000 Series Switches, and Cisco Nexus 7700 Series Switches could allow an authenticated, local attacker to access the Bash shell of an affected device's operating system, even if the Bash shell is disabled on the system. The vulnerability is

CVE-2017-3883 [HIGH] CWE-770 CVE-2017-3883: A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco F A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability occurs because AAA processes prevent the NX-OS System Manager from receiving kee

CVE-2017-12301 [MEDIUM] CWE-20 CVE-2017-12301: A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticat A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and gain unauthorized access to the underlying operating system of the device. The vulnerability exists due to insufficient sanitization of user-supplied parameters that are passed to certain Python functi

CVE-2011-4667 [MEDIUM] CWE-310 CVE-2011-4667: The encryption library in Cisco IOS Software 15.2(1)T, 15.2(1)T1, and 15.2(2)T, Cisco NX-OS in Cisco The encryption library in Cisco IOS Software 15.2(1)T, 15.2(1)T1, and 15.2(2)T, Cisco NX-OS in Cisco MDS 9222i Multiservice Modular Switch, Cisco MDS 9000 18/4-Port Multiservice Module, and Cisco MDS 9000 Storage Services Node module before 5.2(6), and Cisco IOS in Cisco VPN Services Port Adaptor for Catalyst 6500 12.2(33)SXI, and 12.2(33)SXJ when IP

CVE-2017-6770 [MEDIUM] CWE-20 CVE-2017-6770: Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to t

CVE-2017-6655 [MEDIUM] CWE-119 CVE-2017-6655: A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Sof A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when an FCoE-related process unexpectedly reloads. This vulnerability affects Cisco NX-OS Software on the following Cisco devices when they are configur

CVE-2017-6650 [HIGH] CWE-20 CVE-2017-6650: A vulnerability in the Telnet CLI command of Cisco NX-OS System Software 7.1 through 7.3 running on A vulnerability in the Telnet CLI command of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted

CVE-2017-6649 [HIGH] CWE-20 CVE-2017-6649: A vulnerability in the CLI of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Ser A vulnerability in the CLI of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command argum

CVE-2017-3879 [MEDIUM] CWE-119 CVE-2017-3879: A Denial of Service vulnerability in the remote login functionality for Cisco NX-OS Software running A Denial of Service vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device. The attacker c

CVE-2017-3878 [MEDIUM] CWE-119 CVE-2017-3878: A Denial of Service vulnerability in the Telnet remote login functionality of Cisco NX-OS Software r A Denial of Service vulnerability in the Telnet remote login functionality of Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device. A

CVE-2017-3875 [MEDIUM] CWE-20 CVE-2017-3875: An Access-Control Filtering Mechanisms Bypass vulnerability in certain access-control filtering mech An Access-Control Filtering Mechanisms Bypass vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could allow an unauthenticated, remote attacker to bypass defined traffic configured within an access control list (ACL) on the affected system. More Information: CSCtz59354. Known Affected Releases: 5.2(4) 6.1(