Vulnerabilities > Cisco > NX OS > 6.2.8a

DATE CVE VULNERABILITY TITLE RISK
2016-10-06 CVE-2015-6392 Resource Management Errors vulnerability in Cisco Nx-Os
Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) smart relay agent, aka Bug IDs CSCuq24603, CSCur93159, CSCus21693, and CSCut76171.
network
low complexity
cisco CWE-399
7.8
7.8
2016-05-29 CVE-2016-1409 Improper Input Validation vulnerability in Cisco IOS
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016.
network
low complexity
cisco CWE-20
5.0
5.0
2016-03-26 CVE-2016-1351 Resource Management Errors vulnerability in Cisco IOS and Nx-Os
The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1 through 6.2 allows remote attackers to cause a denial of service (device reload) via a crafted header in a packet, aka Bug ID CSCuu64279.
network
low complexity
cisco CWE-399
7.5
7.5
2015-07-03 CVE-2015-4231 Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os 6.2(8A)
The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC's files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416.
local
low complexity
cisco CWE-264
3.6
3.6
2015-03-28 CVE-2015-0658 Improper Input Validation vulnerability in Cisco Nx-Os
The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589. 		7.9
7.9
2014-08-19 CVE-2014-3341 Information Exposure vulnerability in Cisco products
The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows remote attackers to enumerate VLANs via a series of requests, aka Bug ID CSCup85616.
network
low complexity
cisco CWE-200
5.0
5.0