Vulnerabilities > Cisco > Nexus 9000
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-15 | CVE-2019-1731 | Information Exposure vulnerability in Cisco Nx-Os A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. | 2.1 |
| 2019-05-15 | CVE-2019-1730 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. | 7.2 |
| 2019-05-15 | CVE-2019-1729 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. | 6.6 |
| 2019-05-15 | CVE-2019-1728 | Improper Verification of Cryptographic Signature vulnerability in Cisco Nx-Os A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. | 7.2 |
| 2019-05-15 | CVE-2019-1727 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and issue arbitrary commands to elevate the attacker's privilege level. | 7.2 |
| 2019-05-15 | CVE-2019-1726 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. | 4.6 |
| 2019-05-03 | CVE-2019-1592 | Improper Input Validation vulnerability in Cisco Nx-Os 14.1(0.90) A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. | 7.2 |
| 2019-05-03 | CVE-2019-1589 | Information Exposure vulnerability in Cisco Nx-Os 8.3(0)Sk(0.39) A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. | 2.1 |
| 2019-05-03 | CVE-2019-1587 | Resource Management Errors vulnerability in Cisco Nx-Os 8.3(0)Sk(0.39) A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information. | 4.0 |
| 2019-03-11 | CVE-2019-1618 | Permission Issues vulnerability in Cisco Nx-Os 7.0(3)I4(9)/7.0(3)I7/7.0(3)I7(2) A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to execute arbitrary code as root. | 7.2 |