Total
274 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4090 | 1 Cisco | 5 Nexus 7000, Nexus 7000 10-slot, Nexus 7000 18-slot and 2 more | 2025-04-11 | 4.0 MEDIUM | N/A |
| The management interface in Cisco NX-OS on Nexus 7000 devices allows remote authenticated users to obtain sensitive configuration-file information by leveraging the network-operator role, aka Bug ID CSCti09089. | |||||
| CVE-2013-5566 | 1 Cisco | 2 Mds 9000, Nx-os | 2025-04-11 | 5.0 MEDIUM | N/A |
| Cisco NX-OS 5.0 and earlier on MDS 9000 devices allows remote attackers to cause a denial of service (supervisor CPU consumption) via Authentication Header (AH) authentication in a Virtual Router Redundancy Protocol (VRRP) frame, aka Bug ID CSCte27874. | |||||
| CVE-2013-0149 | 1 Cisco | 7 Asa 5500, Fwsm, Ios and 4 more | 2025-04-11 | 5.8 MEDIUM | N/A |
| The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795. | |||||
| CVE-2013-1209 | 1 Cisco | 2 Nexus 1000v, Nx-os | 2025-04-11 | 5.0 MEDIUM | N/A |
| The encryption functionality in the Virtual Supervisor Module (VSM) to Virtual Ethernet Module (VEM) communication component in Cisco NX-OS on the Nexus 1000V does not properly authenticate VSM/VEM packets, which allows remote attackers to disable packet-level encryption and integrity protection via crafted packets, aka Bug ID CSCud14710. | |||||
| CVE-2012-6396 | 1 Cisco | 5 Nexus 7000, Nexus 7000 10-slot, Nexus 7000 18-slot and 2 more | 2025-04-11 | 4.9 MEDIUM | N/A |
| Cisco NX-OS on Nexus 7000 series switches does not properly handle certain line-card replacements, which might allow remote authenticated users to cause a denial of service (memory consumption) via a crafted configuration that references interfaces that do not exist on the new card, aka Bug ID CSCud44300. | |||||
| CVE-2012-3051 | 1 Cisco | 5 Nexus 7000, Nexus 7000 10-slot, Nexus 7000 18-slot and 2 more | 2025-04-11 | 6.1 MEDIUM | N/A |
| Cisco NX-OS 5.2 and 6.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (process crash or packet loss) via a large number of ARP packets, aka Bug ID CSCtr44822. | |||||
| CVE-2011-2581 | 1 Cisco | 3 Nexus 3000, Nexus 5000, Nx-os | 2025-04-11 | 5.0 MEDIUM | N/A |
| The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490. | |||||
| CVE-2012-4122 | 1 Cisco | 1 Nx-os | 2025-04-11 | 6.2 MEDIUM | N/A |
| The CLI parser in Cisco NX-OS allows local users to bypass intended access restrictions, and overwrite or create arbitrary files, via shell output redirection, aka Bug IDs CSCts56672 and CSCts56669. | |||||
| CVE-2013-1210 | 1 Cisco | 2 Nexus 1000v, Nx-os | 2025-04-11 | 5.4 MEDIUM | N/A |
| Array index error in the Virtual Ethernet Module (VEM) kernel driver for VMware ESXi in Cisco NX-OS on the Nexus 1000V, when STUN debugging is enabled, allows remote attackers to cause a denial of service (ESXi crash and purple screen of death) by sending crafted STUN packets to a VEM, aka Bug ID CSCud14825. | |||||
| CVE-2013-1122 | 1 Cisco | 2 Nexus 7000, Nx-os | 2025-04-11 | 5.0 MEDIUM | N/A |
| Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport Virtualization (OTV) configuration is used, allows remote attackers to cause a denial of service (M1-Series module reload) via crafted packets, aka Bug ID CSCud15673. | |||||
| CVE-2012-4075 | 1 Cisco | 1 Nx-os | 2025-04-11 | 7.2 HIGH | N/A |
| Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in unspecified command parameters, aka Bug IDs CSCtf19827 and CSCtf27788. | |||||
| CVE-2013-1180 | 1 Cisco | 6 Mds 9000, Nexus 7000, Nexus 7000 10-slot and 3 more | 2025-04-11 | 9.0 HIGH | N/A |
| Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allows remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54822. | |||||
| CVE-2013-1179 | 1 Cisco | 6 Mds 9000, Nexus 7000, Nexus 7000 10-slot and 3 more | 2025-04-11 | 9.0 HIGH | N/A |
| Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allow remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54830. | |||||
| CVE-2013-1208 | 1 Cisco | 2 Nexus 1000v, Nx-os | 2025-04-11 | 5.8 MEDIUM | N/A |
| The encryption functionality in Cisco NX-OS on the Nexus 1000V does not properly handle Virtual Supervisor Module (VSM) to Virtual Ethernet Module (VEM) communication, which allows remote attackers to intercept or modify network traffic by leveraging certain Layer 2 or Layer 3 access, aka Bug ID CSCud14691. | |||||
| CVE-2013-1212 | 1 Cisco | 2 Nexus 1000v, Nx-os | 2025-04-11 | 5.8 MEDIUM | N/A |
| The SSL functionality in Cisco NX-OS on the Nexus 1000V does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof servers, and intercept or modify Virtual Supervisor Module (VSM) to VMware vCenter communication, via a crafted certificate, aka Bug ID CSCud14837. | |||||
| CVE-2012-4141 | 1 Cisco | 1 Nx-os | 2025-04-11 | 6.2 MEDIUM | N/A |
| Directory traversal vulnerability in the CLI parser in Cisco NX-OS allows local users to create arbitrary script files via a relative pathname in the "file name" parameter, aka Bug IDs CSCua71557 and CSCua71551. | |||||
| CVE-2012-2469 | 1 Cisco | 5 Nexus 7000, Nexus 7000 10-slot, Nexus 7000 18-slot and 2 more | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco NX-OS 4.2, 5.0, 5.1, and 5.2 on Nexus 7000 series switches, when the High Availability (HA) policy is configured for Reset, allows remote attackers to cause a denial of service (device reset) via a malformed Cisco Discovery Protocol (CDP) packet, aka Bug IDs CSCtk34535 and CSCtk19132. | |||||
| CVE-2012-4091 | 1 Cisco | 1 Nx-os | 2025-04-11 | 5.0 MEDIUM | N/A |
| The RIP service engine in Cisco NX-OS allows remote attackers to cause a denial of service (engine restart) via a malformed (1) RIPv4 or (2) RIPv6 message, aka Bug ID CSCtj73415. | |||||
| CVE-2013-1178 | 1 Cisco | 27 Cg-os, Connected Grid Router 1000, Mds 9000 and 24 more | 2025-04-11 | 8.3 HIGH | N/A |
| Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before 5.0(3)U3(1), Nexus 1000V devices 4.x before 4.2(1)SV1(5.1), MDS 9000 devices 4.x and 5.x before 5.2(4), Unified Computing System (UCS) 6100 and 6200 devices before 2.0(2m), and Connected Grid Router (CGR) 1000 devices before CG4(1) allow remote attackers to execute arbitrary code via malformed CDP packets, aka Bug IDs CSCtu10630, CSCtu10551, CSCtu10550, CSCtw56581, CSCtu10548, CSCtu10544, and CSCuf61275. | |||||
| CVE-2013-1181 | 1 Cisco | 12 Nexus 3016q, Nexus 3048, Nexus 3064t and 9 more | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco NX-OS on Nexus 5500 devices 4.x and 5.x before 5.0(3)N2(2), Nexus 3000 devices 5.x before 5.0(3)U3(2), and Unified Computing System (UCS) 6200 devices before 2.0(1w) allows remote attackers to cause a denial of service (device reload) by sending a jumbo packet to the management interface, aka Bug IDs CSCtx17544, CSCts10593, and CSCtx95389. | |||||