Vulnerabilities > Cisco > NX OS > 2.4.1.122
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-21 | CVE-2018-0306 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. | 7.2 |
| 2018-06-20 | CVE-2018-0330 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. | 6.5 |
| 2018-06-20 | CVE-2018-0307 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. | 7.2 |
| 2018-06-20 | CVE-2018-0301 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow. | 10.0 |
| 2018-06-20 | CVE-2018-0295 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. | 7.8 |
| 2018-06-20 | CVE-2018-0292 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. | 8.3 |
| 2018-06-20 | CVE-2018-0291 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. | 6.8 |
| 2017-10-19 | CVE-2017-3883 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Extensible Operating System, Fxos and Nx-Os A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 8.6 |
| 2016-10-06 | CVE-2016-1454 | Improper Input Validation vulnerability in Cisco Nx-Os Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417. | 7.1 |
| 2014-08-19 | CVE-2014-3341 | Information Exposure vulnerability in Cisco products The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows remote attackers to enumerate VLANs via a series of requests, aka Bug ID CSCup85616. | 5.0 |