Vulnerabilities > Cisco > Nexus 9508 > Medium

DATE CVE VULNERABILITY TITLE RISK
2015-07-03 CVE-2015-4237 Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os
The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436.
local
low complexity
cisco CWE-264
4.6
2015-07-03 CVE-2015-4232 Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os 6.2(10)
Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.
local
low complexity
cisco CWE-264
4.6
2015-06-27 CVE-2015-4225 Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os 1.0(1.110A)/1.0(1E)
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.
network
low complexity
cisco CWE-264
4.0
2015-06-24 CVE-2015-4213 Information Exposure vulnerability in Cisco Nx-Os 1.1(1G)
Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391.
network
low complexity
cisco CWE-200
4.0
2015-06-12 CVE-2015-0775 Resource Management Errors vulnerability in Cisco MDS 9000 Nx-Os, Nexus 1000V and Nx-Os
The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182.
network
low complexity
cisco CWE-399
5.0