Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:cisco:nx-os:9.3\(6\):*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-20399 |
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root. Note: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. The following Cisco devices already allow administrative users to access the underlying operating system through the bash-shell feature, so, for these devices, this vulnerability does not grant any additional privileges: Nexus 3000 Series Switches Nexus 7000 Series Switches that are running Cisco NX-OS Software releases 8.1(1) and later Nexus 9000 Series Switches in standalone NX-OS mode Published: July 01, 2024; 1:15:04 PM -0400 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2024-20321 |
A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue. An attacker could exploit this vulnerability by sending large amounts of network traffic with certain characteristics through an affected device. A successful exploit could allow the attacker to cause eBGP neighbor sessions to be dropped, leading to a DoS condition in the network. Published: February 28, 2024; 8:43:59 PM -0500 |
V4.0:(not available) V3.1: 8.6 HIGH V2.0:(not available) |
CVE-2024-20267 |
A vulnerability with the handling of MPLS traffic for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the netstack process to unexpectedly restart, which could cause the device to stop processing network traffic or to reload. This vulnerability is due to lack of proper error checking when processing an ingress MPLS frame. An attacker could exploit this vulnerability by sending a crafted IPv6 packet that is encapsulated within an MPLS frame to an MPLS-enabled interface of the targeted device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition. Note: The IPv6 packet can be generated multiple hops away from the targeted device and then encapsulated within MPLS. The DoS condition may occur when the NX-OS device processes the packet. Published: February 28, 2024; 8:43:58 PM -0500 |
V4.0:(not available) V3.1: 8.6 HIGH V2.0:(not available) |
CVE-2023-44487 |
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. Published: October 10, 2023; 10:15:10 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-20115 |
A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device. This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user. There are workarounds that address this vulnerability. Published: August 23, 2023; 3:15:07 PM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-20050 |
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the currently logged-in user. Published: February 23, 2023; 3:15:13 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-20623 |
A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device. This vulnerability is due to a logic error in the BFD rate limiter functionality. An attacker could exploit this vulnerability by sending a crafted stream of traffic through the device. A successful exploit could allow the attacker to cause BFD traffic to be dropped, resulting in BFD session flaps. BFD session flaps can cause route instability and dropped traffic, resulting in a denial of service (DoS) condition. This vulnerability applies to both IPv4 and IPv6 traffic. Published: February 23, 2022; 1:15:18 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 7.1 HIGH |
CVE-2021-1361 |
A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing. Published: February 24, 2021; 3:15:13 PM -0500 |
V4.0:(not available) V3.1: 9.1 CRITICAL V2.0: 9.4 HIGH |
CVE-2020-3120 |
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Published: February 05, 2020; 1:15:11 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 6.1 MEDIUM |
CVE-2019-1963 |
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. Published: August 28, 2019; 3:15:10 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 6.8 MEDIUM |
CVE-2019-1901 |
A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to the targeted device. A successful exploit may lead to a buffer overflow condition that could either cause a DoS condition or allow the attacker to execute arbitrary code with root privileges. Note: This vulnerability cannot be exploited by transit traffic through the device; the crafted packet must be targeted to a directly connected interface. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI mode if they are running a Cisco Nexus 9000 Series ACI Mode Switch Software release prior to 13.2(7f) or any 14.x release. Published: July 31, 2019; 2:15:11 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 8.3 HIGH |
CVE-2019-1858 |
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. Published: May 15, 2019; 10:29:00 PM -0400 |
V4.0:(not available) V3.1: 8.6 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-1594 |
A vulnerability in the 802.1X implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation of Extensible Authentication Protocol over LAN (EAPOL) frames. An attacker could exploit this vulnerability by sending a crafted EAPOL frame to an interface on the targeted device. A successful exploit could allow the attacker to cause the Layer 2 (L2) forwarding process to restart multiple times, leading to a system-level restart of the device and a DoS condition. Note: This vulnerability affects only NX-OS devices configured with 802.1X functionality. Cisco Nexus 1000V Switch for VMware vSphere devices are affected in versions prior to 5.2(1)SV3(1.4b). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(4). Nexus 2000, 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.3(5)N1(1) and 7.1(5)N1(1b). Nexus 7000 and 7700 Series Switches are affected in versions prior to 8.2(3). Nexus 9000 Series Fabric Switches in ACI Mode are affected in versions prior to 13.2(1l). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(4). Published: March 06, 2019; 5:29:00 PM -0500 |
V4.0:(not available) V3.0: 7.4 HIGH V2.0: 6.1 MEDIUM |
CVE-2019-1593 |
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The vulnerability is due to the incorrect implementation of a Bash shell command that allows role-based access control (RBAC) to be bypassed. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Bash prompt. A successful exploit could allow the attacker to escalate their privilege level by executing commands that should be restricted to other roles. For example, a dev-ops user could escalate their privilege level to admin with a successful exploit of this vulnerability. Published: March 06, 2019; 5:29:00 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2019-1591 |
A vulnerability in a specific CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escape a restricted shell on an affected device. The vulnerability is due to insufficient sanitization of user-supplied input when issuing a specific CLI command with parameters on an affected device. An attacker could exploit this vulnerability by authenticating to the device CLI and issuing certain commands. A successful exploit could allow the attacker to escape the restricted shell and execute arbitrary commands with root-level privileges on the affected device. This vulnerability only affects Cisco Nexus 9000 Series ACI Mode Switches that are running a release prior to 14.0(3d). Published: March 06, 2019; 5:29:00 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2019-1588 |
A vulnerability in the Cisco Nexus 9000 Series Fabric Switches running in Application-Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms of user-supplied input sent to an affected device. A successful exploit could allow the attacker unauthorized access to read arbitrary files on an affected device. This vulnerability has been fixed in version 14.0(1h). Published: March 06, 2019; 4:29:00 PM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |