Total
47 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-3394 | 1 Cisco | 65 Nexus 3016, Nexus 3048, Nexus 3064 and 62 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. To exploit this vulnerability, the attacker would need to have valid credentials for the affected device. The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command. A successful exploit could allow the attacker to gain full administrative privileges without using the enable password. Note: The Enable Secret feature is disabled by default. | |||||
| CVE-2020-3454 | 1 Cisco | 83 Mds 9000, Mds 9100, Mds 9134 and 80 more | 2023-12-10 | 9.0 HIGH | 7.2 HIGH |
| A vulnerability in the Call Home feature of Cisco NX-OS Software could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of specific Call Home configuration parameters when the software is configured for transport method HTTP. An attacker could exploit this vulnerability by modifying parameters within the Call Home configuration on an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying OS. | |||||
| CVE-2020-3338 | 1 Cisco | 67 Nexus 3016, Nexus 3048, Nexus 3064 and 64 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper error handling when processing inbound PIM6 packets. An attacker could exploit this vulnerability by sending multiple crafted PIM6 packets to an affected device. A successful exploit could allow the attacker to cause the PIM6 application to leak system memory. Over time, this memory leak could cause the PIM6 application to stop processing legitimate PIM6 traffic, leading to a DoS condition on the affected device. | |||||
| CVE-2020-3504 | 1 Cisco | 108 Firepower 1010, Firepower 1120, Firepower 1140 and 105 more | 2023-12-10 | 2.1 LOW | 3.3 LOW |
| A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI. | |||||
| CVE-2020-3517 | 1 Cisco | 98 Firepower 4110, Firepower 4112, Firepower 4115 and 95 more | 2023-12-10 | 7.8 HIGH | 8.6 HIGH |
| A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition. | |||||
| CVE-2020-3398 | 1 Cisco | 67 Nexus 3016, Nexus 3048, Nexus 3064 and 64 more | 2023-12-10 | 4.3 MEDIUM | 8.6 HIGH |
| A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) condition due to the BGP session being down. The vulnerability is due to incorrect parsing of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause the BGP peer connections to reset, which could lead to BGP route instability and impact traffic. The incoming BGP MVPN update message is valid but is parsed incorrectly by the NX-OS device, which could send a corrupted BGP update to the configured BGP peer. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system. | |||||
| CVE-2019-12662 | 1 Cisco | 135 Ios Xe, Mds 9000, Nexus 3016 and 132 more | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image. | |||||
| CVE-2019-1734 | 1 Cisco | 94 Firepower 4110, Firepower 4112, Firepower 4115 and 91 more | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability. | |||||
| CVE-2020-3165 | 1 Cisco | 65 Nexus 3016, Nexus 3048, Nexus 3064 and 62 more | 2023-12-10 | 4.3 MEDIUM | 8.2 HIGH |
| A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. The vulnerability occurs because the BGP MD5 authentication is bypassed if the peer does not have MD5 authentication configured, the NX-OS device does have BGP MD5 authentication configured, and the NX-OS BGP virtual routing and forwarding (VRF) name is configured to be greater than 19 characters. An attacker could exploit this vulnerability by attempting to establish a BGP session with the NX-OS peer. A successful exploit could allow the attacker to establish a BGP session with the NX-OS device without MD5 authentication. The Cisco implementation of the BGP protocol accepts incoming BGP traffic only from explicitly configured peers. To exploit this vulnerability, an attacker must send the malicious packets over a TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the affected system’s trusted network. | |||||
| CVE-2020-3119 | 1 Cisco | 83 Nexus 3016, Nexus 3048, Nexus 3064 and 80 more | 2023-12-10 | 8.3 HIGH | 8.8 HIGH |
| A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). | |||||
| CVE-2020-3174 | 1 Cisco | 80 Mds 9132t, Mds 9148s, Mds 9148t and 77 more | 2023-12-10 | 3.3 LOW | 4.7 MEDIUM |
| A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. A successful exploit could allow the attacker to populate the ARP table with incorrect entries, which could lead to traffic disruptions. | |||||
| CVE-2019-12717 | 1 Cisco | 88 Nexus 3016, Nexus 3048, Nexus 3064 and 85 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges, which may lead to complete system compromise. An attacker would need valid administrator credentials to exploit this vulnerability. | |||||
| CVE-2020-3120 | 1 Cisco | 144 Asr 9000v, Asr 9001, Asr 9006 and 141 more | 2023-12-10 | 6.1 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). | |||||
| CVE-2019-1690 | 1 Cisco | 100 Application Policy Infrastructure Controller, Firepower 2110, Firepower 2120 and 97 more | 2023-12-10 | 3.3 LOW | 6.5 MEDIUM |
| A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected. | |||||
| CVE-2019-1780 | 1 Cisco | 92 Firepower 4110, Firepower 4115, Firepower 4120 and 89 more | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected. | |||||
| CVE-2019-1967 | 1 Cisco | 92 Mds 9000, Mds 9100, Mds 9140 and 89 more | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload. Note: The NTP feature is enabled by default. | |||||
| CVE-2019-1731 | 1 Cisco | 76 Nexus 3016, Nexus 3048, Nexus 3064 and 73 more | 2023-12-10 | 2.1 LOW | 4.4 MEDIUM |
| A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally. | |||||
| CVE-2019-1968 | 1 Cisco | 92 Mds 9000, Mds 9100, Mds 9140 and 89 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default. | |||||
| CVE-2019-1969 | 1 Cisco | 65 Nexus 3016, Nexus 3048, Nexus 3064 and 62 more | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name. | |||||
| CVE-2019-1735 | 1 Cisco | 82 Mds 9000, Mds 9100, Mds 9200 and 79 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability. | |||||