Vulnerabilities > Cisco > NX OS > 4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-20 | CVE-2018-0291 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. | 6.8 |
| 2017-10-19 | CVE-2017-3883 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Extensible Operating System, Fxos and Nx-Os A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 8.6 |
| 2016-10-06 | CVE-2016-1454 | Improper Input Validation vulnerability in Cisco Nx-Os Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417. | 7.1 |
| 2014-08-19 | CVE-2014-3341 | Information Exposure vulnerability in Cisco products The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows remote attackers to enumerate VLANs via a series of requests, aka Bug ID CSCup85616. | 5.0 |
| 2014-06-14 | CVE-2014-3295 | Improper Authentication vulnerability in Cisco Nx-Os The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authentication and cause a denial of service (group-member state modification and traffic blackholing) via malformed HSRP packets, aka Bug ID CSCup11309. | 4.8 |
| 2014-05-26 | CVE-2014-2201 | Unspecified vulnerability in Cisco products The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bug ID CSCtw98915. | 7.8 |
| 2014-05-20 | CVE-2013-6975 | Path Traversal vulnerability in Cisco Nx-Os Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and earlier allows local users to read arbitrary files via unspecified input, aka Bug ID CSCul05217. | 4.6 |
| 2014-01-08 | CVE-2013-6982 | Improper Input Validation vulnerability in Cisco Nx-Os The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not properly handle the interaction of UPDATE messages with IPv6, VPNv4, and VPNv6 labeled unicast-address families, which allows remote attackers to cause a denial of service (peer reset) via a crafted message, aka Bug ID CSCuj03174. | 4.3 |
| 2013-12-21 | CVE-2012-4135 | Path Traversal vulnerability in Cisco Nx-Os Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and earlier allows local users to access arbitrary files via crafted command-line arguments during a delete action, aka Bug IDs CSCty07270, CSCty07271, CSCty07273, and CSCty07275. | 4.6 |
| 2013-11-08 | CVE-2013-5566 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Nx-Os Cisco NX-OS 5.0 and earlier on MDS 9000 devices allows remote attackers to cause a denial of service (supervisor CPU consumption) via Authentication Header (AH) authentication in a Virtual Router Redundancy Protocol (VRRP) frame, aka Bug ID CSCte27874. | 5.0 |