Vulnerabilities > Cisco > NX OS > 7.0.3.i7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-15 | CVE-2019-1731 | Improper Handling of Exceptional Conditions vulnerability in Cisco Nx-Os A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. | 4.4 |
| 2019-05-15 | CVE-2019-1730 | Unspecified vulnerability in Cisco Nx-Os A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. | 6.7 |
| 2019-05-15 | CVE-2019-1729 | Improper Verification of Cryptographic Signature vulnerability in Cisco Nx-Os A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. | 6.0 |
| 2019-05-15 | CVE-2019-1728 | Improper Verification of Cryptographic Signature vulnerability in Cisco Nx-Os A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. | 6.7 |
| 2019-05-15 | CVE-2019-1727 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and issue arbitrary commands to elevate the attacker's privilege level. | 6.7 |
| 2019-05-15 | CVE-2019-1726 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. | 7.8 |
| 2019-05-13 | CVE-2019-1649 | Improper Locking vulnerability in Cisco products A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. | 6.7 |
| 2019-03-11 | CVE-2019-1618 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Nx-Os A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to execute arbitrary code as root. | 7.8 |
| 2019-03-11 | CVE-2019-1617 | Improper Control of Dynamically-Managed Code Resources vulnerability in Cisco Nx-Os A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port Virtualization (NPV) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 7.4 |
| 2019-03-11 | CVE-2019-1616 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. | 7.5 |