Vulnerabilities > Cisco > Nexus 9396Px
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-08-19 | CVE-2015-4277 | Resource Management Errors vulnerability in Cisco Nx-Os 5.1.3/5.3.0 The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842. | 4.9 |
| 2015-08-19 | CVE-2015-4324 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os 4.1(2)E1(1C)/7.2(0)N1(0.1)/7.3(0)Zn(0.81) Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908. | 6.1 |
| 2015-07-03 | CVE-2015-4237 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436. | 4.6 |
| 2015-07-03 | CVE-2015-4232 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os 6.2(10) Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856. | 4.6 |
| 2015-06-27 | CVE-2015-4225 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os 1.0(1.110A)/1.0(1E) Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485. | 4.0 |
| 2015-06-24 | CVE-2015-4213 | Information Exposure vulnerability in Cisco Nx-Os 1.1(1G) Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391. | 4.0 |
| 2015-06-12 | CVE-2015-0775 | Resource Management Errors vulnerability in Cisco MDS 9000 Nx-Os, Nexus 1000V and Nx-Os The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182. | 5.0 |
| 2015-03-28 | CVE-2015-0658 | Improper Input Validation vulnerability in Cisco Nx-Os The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589. | 7.9 |