Vulnerabilities > Cisco > Nexus 9508 > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-06-21 CVE-2018-0313 Injection vulnerability in Cisco Nx-Os
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to send a malicious packet to the management interface on an affected system and execute a command-injection exploit.
network
low complexity
cisco CWE-74
critical
9.0
2018-06-20 CVE-2018-0293 OS Command Injection vulnerability in Cisco Nx-Os
A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user.
network
low complexity
cisco CWE-78
critical
9.0
2018-06-20 CVE-2018-0301 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow.
network
low complexity
cisco CWE-119
critical
10.0
2016-10-06 CVE-2015-0721 Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os
Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492.
network
low complexity
cisco CWE-264
critical
9.0
2016-02-07 CVE-2016-1302 Improper Access Control vulnerability in Cisco products
Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.
network
low complexity
cisco CWE-284
critical
9.0