Vulnerabilities > Cisco > Nexus 3548 X

DATE CVE VULNERABILITY TITLE RISK
2019-08-30 CVE-2019-1969 Improper Input Validation vulnerability in Cisco Nx-Os
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.
network
low complexity
cisco CWE-20
5.0
2019-08-30 CVE-2019-1968 Improper Encoding or Escaping of Output vulnerability in Cisco Nx-Os
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart.
network
low complexity
cisco CWE-116
5.0
2019-08-30 CVE-2019-1967 Resource Exhaustion vulnerability in Cisco Nx-Os
A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-400
7.8
2019-05-16 CVE-2019-1768 OS Command Injection vulnerability in Cisco Nx-Os
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection.
local
low complexity
cisco CWE-78
7.2
2019-05-15 CVE-2019-1782 Argument Injection or Modification vulnerability in Cisco Fx-Os and Nx-Os
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device.
local
low complexity
cisco CWE-88
7.2
2019-05-15 CVE-2019-1781 Argument Injection or Modification vulnerability in Cisco Fx-Os and Nx-Os
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device.
local
low complexity
cisco CWE-88
7.2
2019-05-15 CVE-2019-1767 OS Command Injection vulnerability in Cisco Nx-Os
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection.
local
low complexity
cisco CWE-78
7.2
2019-05-15 CVE-2019-1735 Argument Injection or Modification vulnerability in Cisco Nx-Os
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device.
local
low complexity
cisco CWE-88
7.2
2019-05-15 CVE-2019-1731 Information Exposure vulnerability in Cisco Nx-Os
A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device.
local
low complexity
cisco CWE-200
2.1
2019-05-15 CVE-2019-1730 Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell.
local
low complexity
cisco CWE-264
7.2