Vulnerabilities > Cisco > Nexus 9272Q

DATE CVE VULNERABILITY TITLE RISK
2019-08-30 CVE-2019-1969 Improper Input Validation vulnerability in Cisco Nx-Os
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.
network
low complexity
cisco CWE-20
5.0
2019-08-30 CVE-2019-1968 Improper Encoding or Escaping of Output vulnerability in Cisco Nx-Os
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart.
network
low complexity
cisco CWE-116
5.0
2019-08-30 CVE-2019-1967 Resource Exhaustion vulnerability in Cisco Nx-Os
A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-400
7.8
2019-05-16 CVE-2019-1768 OS Command Injection vulnerability in Cisco Nx-Os
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection.
local
low complexity
cisco CWE-78
7.2
2019-05-15 CVE-2019-1782 Argument Injection or Modification vulnerability in Cisco Fx-Os and Nx-Os
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device.
local
low complexity
cisco CWE-88
7.2
2019-05-15 CVE-2019-1781 Argument Injection or Modification vulnerability in Cisco Fx-Os and Nx-Os
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device.
local
low complexity
cisco CWE-88
7.2
2019-05-15 CVE-2019-1767 OS Command Injection vulnerability in Cisco Nx-Os
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection.
local
low complexity
cisco CWE-78
7.2
2019-05-15 CVE-2019-1735 Argument Injection or Modification vulnerability in Cisco Nx-Os
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device.
local
low complexity
cisco CWE-88
7.2
2019-05-03 CVE-2019-1592 Improper Input Validation vulnerability in Cisco Nx-Os 14.1(0.90)
A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device.
local
low complexity
cisco CWE-20
7.2
2019-05-03 CVE-2019-1589 Information Exposure vulnerability in Cisco Nx-Os 8.3(0)Sk(0.39)
A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device.
local
low complexity
cisco CWE-200
2.1