Vulnerabilities > Cisco > NX OS > 3.1.3a.a

DATE CVE VULNERABILITY TITLE RISK
2023-10-10 CVE-2023-44487 Resource Exhaustion vulnerability in multiple products
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
7.5
2023-02-23 CVE-2023-20050 OS Command Injection vulnerability in Cisco Nx-Os
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device.
local
low complexity
cisco CWE-78
7.8
2021-09-23 CVE-2021-34714 Improper Input Validation vulnerability in Cisco products
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload.
low complexity
cisco CWE-20
7.4
2020-08-27 CVE-2020-3517 NULL Pointer Dereference vulnerability in Cisco Firepower Extensible Operating System and Nx-Os
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-476
8.6
2020-02-26 CVE-2020-3170 Improper Input Validation vulnerability in Cisco Nx-Os
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart.
network
cisco CWE-20
4.3
2020-02-05 CVE-2020-3120 Integer Overflow or Wraparound vulnerability in Cisco products
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.
low complexity
cisco CWE-190
6.5
2020-02-05 CVE-2020-3119 Out-of-bounds Write vulnerability in Cisco Nx-Os
A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device.
low complexity
cisco CWE-787
8.3
2019-11-05 CVE-2019-1734 Unspecified vulnerability in Cisco Firepower Extensible Operating System and Nx-Os
A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted.
local
low complexity
cisco
5.5
2019-08-30 CVE-2019-1966 Unspecified vulnerability in Cisco Nx-Os and Unified Computing System
A vulnerability in a specific CLI command within the local management (local-mgmt) context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device.
local
low complexity
cisco
7.2
2019-08-28 CVE-2019-1965 Missing Release of Resource after Effective Lifetime vulnerability in Cisco Nx-Os
A vulnerability in the Virtual Shell (VSH) session management for Cisco NX-OS Software could allow an authenticated, remote attacker to cause a VSH process to fail to delete upon termination.
network
low complexity
cisco CWE-772
4.0