Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Filtered by product Nx-os
Total 250 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-4237 1 Cisco 38 Mds 9100, Mds 9140, Mds 9500 and 35 more 2016-12-28 4.6 MEDIUM N/A
The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436.
CVE-2015-4234 1 Cisco 1 Nx-os 2016-12-28 7.2 HIGH N/A
Cisco NX-OS 6.0(2) and 6.2(2) on Nexus devices has an improper OS configuration, which allows local users to obtain root access via unspecified input to the Python interpreter, aka Bug IDs CSCun02887, CSCur00115, and CSCur00127.
CVE-2015-4301 1 Cisco 7 Nexus 93120tx, Nexus 93128tx, Nexus 9332pq and 4 more 2016-12-28 6.8 MEDIUM N/A
Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225.
CVE-2016-1341 1 Cisco 1 Nx-os 2016-12-06 6.9 MEDIUM 9.8 CRITICAL
Cisco NX-OS 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1) on Nexus 2000 Fabric Extender devices has a blank root password, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCur22079.
CVE-2016-1302 1 Cisco 19 Application Policy Infrastructure Controller, Nexus 92160yc-x, Nexus 92304qc and 16 more 2016-12-06 9.0 HIGH 8.8 HIGH
Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.
CVE-2015-6398 1 Cisco 1 Nx-os 2016-12-06 7.8 HIGH 7.5 HIGH
Cisco Nexus 9000 Application Centric Infrastructure (ACI) Mode switches with software before 11.0(1c) allow remote attackers to cause a denial of service (device reload) via an IPv4 ICMP packet with the IP Record Route option, aka Bug ID CSCuq57512.
CVE-2016-1329 1 Cisco 8 Nexus 3048, Nexus 3064, Nexus 3064t and 5 more 2016-12-03 10.0 HIGH 9.8 CRITICAL
Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800.
CVE-2016-1351 1 Cisco 2 Ios, Nx-os 2016-12-03 7.8 HIGH 7.5 HIGH
The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1 through 6.2 allows remote attackers to cause a denial of service (device reload) via a crafted header in a packet, aka Bug ID CSCuu64279.
CVE-2015-6260 1 Cisco 10 Nexus 5548p, Nexus 5548up, Nexus 5596t and 7 more 2016-12-03 7.8 HIGH 7.5 HIGH
Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNMP packets, which allows remote attackers to cause a denial of service (SNMP application restart) via a crafted packet, aka Bug ID CSCut84645.
CVE-2015-0718 1 Cisco 3 Nx-os, Nx-os 1000v Switch, Unified Computing System 2016-12-03 7.8 HIGH 7.5 HIGH
Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session, aka Bug ID CSCub70579.
CVE-2012-4077 1 Cisco 1 Nx-os 2016-09-23 6.8 MEDIUM N/A
Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via the sed e option, aka Bug IDs CSCtf25457 and CSCtf27651.
CVE-2012-4141 1 Cisco 1 Nx-os 2016-09-22 6.2 MEDIUM N/A
Directory traversal vulnerability in the CLI parser in Cisco NX-OS allows local users to create arbitrary script files via a relative pathname in the "file name" parameter, aka Bug IDs CSCua71557 and CSCua71551.
CVE-2012-4099 1 Cisco 1 Nx-os 2016-09-22 4.3 MEDIUM N/A
The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service (BGP service reset and resync) via a malformed UPDATE message, aka Bug ID CSCtn13065.
CVE-2012-4097 1 Cisco 1 Nx-os 2016-09-22 4.3 MEDIUM N/A
The BGP implementation in Cisco NX-OS does not properly filter segment types in AS paths, which allows remote attackers to cause a denial of service (BGP service reset) via a malformed UPDATE message, aka Bug ID CSCtn13043.
CVE-2014-3295 1 Cisco 1 Nx-os 2016-09-08 4.8 MEDIUM N/A
The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authentication and cause a denial of service (group-member state modification and traffic blackholing) via malformed HSRP packets, aka Bug ID CSCup11309.
CVE-2014-8013 1 Cisco 1 Nx-os 2015-11-04 4.9 MEDIUM N/A
The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a denial of service (device reload) via a long CLI command, aka Bug ID CSCur54182.
CVE-2015-0658 1 Cisco 35 Nexus 3016, Nexus 3048, Nexus 3064 and 32 more 2015-10-22 7.9 HIGH N/A
The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589.
CVE-2013-6975 1 Cisco 1 Nx-os 2015-10-13 4.6 MEDIUM N/A
Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and earlier allows local users to read arbitrary files via unspecified input, aka Bug ID CSCul05217.
CVE-2015-0686 1 Cisco 8 Nexus 9000, Nexus 93120tx, Nexus 93128tx and 5 more 2015-09-29 6.3 MEDIUM N/A
The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service (device reload) via unspecified vectors, aka Bug ID CSCuq92240.
CVE-2014-2201 1 Cisco 7 Mds 9000, Mds 9100, Nexus 7000 and 4 more 2014-05-27 7.8 HIGH N/A
The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bug ID CSCtw98915.