Vulnerabilities > Cisco > NX OS
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-15 | CVE-2019-1767 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. | 6.7 |
| 2019-05-15 | CVE-2019-1735 | Argument Injection or Modification vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. | 7.8 |
| 2019-05-15 | CVE-2019-1733 | Cross-site Scripting vulnerability in Cisco Nx-Os A vulnerability in the NX API (NX-API) Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the NX-API Sandbox interface of an affected device. | 5.4 |
| 2019-05-15 | CVE-2019-1732 | Improper Locking vulnerability in Cisco Nx-Os A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use (TOCTOU) race condition to corrupt local variables, which could lead to arbitrary command injection. | 6.4 |
| 2019-05-15 | CVE-2019-1731 | Improper Handling of Exceptional Conditions vulnerability in Cisco Nx-Os A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. | 4.4 |
| 2019-05-15 | CVE-2019-1730 | Unspecified vulnerability in Cisco Nx-Os A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. | 6.7 |
| 2019-05-15 | CVE-2019-1729 | Improper Verification of Cryptographic Signature vulnerability in Cisco Nx-Os A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. | 6.0 |
| 2019-05-15 | CVE-2019-1728 | Improper Verification of Cryptographic Signature vulnerability in Cisco Nx-Os A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. | 6.7 |
| 2019-05-15 | CVE-2019-1727 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and issue arbitrary commands to elevate the attacker's privilege level. | 6.7 |
| 2019-05-15 | CVE-2019-1726 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. | 7.8 |