Vulnerabilities > Cisco > NX OS > 7.0.0.hsk.0.357

DATE CVE VULNERABILITY TITLE RISK
2018-06-21 CVE-2018-0313 Injection vulnerability in Cisco Nx-Os
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to send a malicious packet to the management interface on an affected system and execute a command-injection exploit.
network
low complexity
cisco CWE-74
8.8
2018-06-21 CVE-2018-0311 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-119
7.5
2018-06-21 CVE-2018-0310 Out-of-bounds Read vulnerability in Cisco Firepower Extensible Operating System and Nx-Os
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product.
network
low complexity
cisco CWE-125
critical
9.8
2018-06-21 CVE-2018-0306 OS Command Injection vulnerability in Cisco Nx-Os
A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device.
local
low complexity
cisco CWE-78
7.8
2018-06-21 CVE-2018-0303 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Extensible Operating System and Nx-Os
A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device.
low complexity
cisco CWE-119
8.8
2018-06-20 CVE-2018-0330 OS Command Injection vulnerability in Cisco Nx-Os
A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges.
network
low complexity
cisco CWE-78
8.8
2018-06-20 CVE-2018-0307 OS Command Injection vulnerability in Cisco Nx-Os
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device.
local
low complexity
cisco CWE-78
7.8
2018-06-20 CVE-2018-0301 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow.
network
low complexity
cisco CWE-119
critical
9.8
2018-06-20 CVE-2018-0295 Improper Input Validation vulnerability in Cisco Nx-Os
A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading.
network
low complexity
cisco CWE-20
7.5
2018-06-20 CVE-2018-0293 OS Command Injection vulnerability in Cisco Nx-Os
A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user.
network
low complexity
cisco CWE-78
8.8