Vulnerabilities > Cisco > NX OS > 9.3.13

DATE CVE VULNERABILITY TITLE RISK
2024-08-28 CVE-2024-20284 Unspecified vulnerability in Cisco Nx-Os 9.3(13)
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of user-supplied input.
local
low complexity
cisco
8.8
2024-08-28 CVE-2024-20285 Unspecified vulnerability in Cisco Nx-Os 9.3(13)
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of user-supplied input.
local
low complexity
cisco
8.8
2024-08-28 CVE-2024-20286 Unspecified vulnerability in Cisco Nx-Os 9.3(13)
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of user-supplied input.
local
low complexity
cisco
8.8
2024-07-01 CVE-2024-20399 OS Command Injection vulnerability in Cisco Nx-Os
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands.
local
low complexity
cisco CWE-78
6.7
2023-10-10 CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. 7.5
2023-02-23 CVE-2023-20050 OS Command Injection vulnerability in Cisco Nx-Os
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device.
local
low complexity
cisco CWE-78
7.8
2020-02-05 CVE-2020-3120 Integer Overflow or Wraparound vulnerability in Cisco products
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.
low complexity
cisco CWE-190
6.5
2019-08-28 CVE-2019-1963 Improper Input Validation vulnerability in Cisco Nx-Os
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly.
network
low complexity
cisco CWE-20
6.5
2019-07-31 CVE-2019-1901 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os
A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges.
low complexity
cisco CWE-119
8.8
2019-05-16 CVE-2019-1858 Improper Handling of Exceptional Conditions vulnerability in Cisco Nx-Os
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly.
network
low complexity
cisco CWE-755
8.6