Vulnerabilities > Cisco > MDS 9100
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-30 | CVE-2019-1968 | Improper Encoding or Escaping of Output vulnerability in Cisco Nx-Os A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. | 5.0 |
| 2019-08-30 | CVE-2019-1967 | Resource Exhaustion vulnerability in Cisco Nx-Os A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.8 |
| 2019-05-15 | CVE-2019-1735 | Argument Injection or Modification vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. | 7.2 |
| 2019-05-15 | CVE-2019-1728 | Improper Verification of Cryptographic Signature vulnerability in Cisco Nx-Os A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. | 7.2 |
| 2019-05-15 | CVE-2019-1727 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and issue arbitrary commands to elevate the attacker's privilege level. | 7.2 |
| 2019-05-15 | CVE-2019-1726 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. | 4.6 |
| 2019-03-11 | CVE-2019-1690 | Unspecified vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. low complexity cisco | 3.3 |
| 2018-06-20 | CVE-2018-0293 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. | 9.0 |
| 2015-07-03 | CVE-2015-4237 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436. | 4.6 |
| 2015-07-03 | CVE-2015-4232 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os 6.2(10) Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856. | 4.6 |