Vulnerabilities > Cisco > NX OS
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-26 | CVE-2020-3170 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. | 5.3 |
| 2020-02-26 | CVE-2020-3168 | Resource Exhaustion vulnerability in Cisco Nx-Os 5.2(1)Sv3(4.1A) A vulnerability in the Secure Login Enhancements capability of Cisco Nexus 1000V Switch for VMware vSphere could allow an unauthenticated, remote attacker to cause an affected Nexus 1000V Virtual Supervisor Module (VSM) to become inaccessible to users through the CLI. | 7.5 |
| 2020-02-26 | CVE-2020-3165 | Use of Hard-coded Credentials vulnerability in Cisco Nx-Os A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. | 8.2 |
| 2020-02-05 | CVE-2020-3120 | Integer Overflow or Wraparound vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. | 6.5 |
| 2020-02-05 | CVE-2020-3119 | Out-of-bounds Write vulnerability in Cisco Nx-Os A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. | 8.8 |
| 2019-11-05 | CVE-2019-1734 | Unspecified vulnerability in Cisco Firepower Extensible Operating System A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. | 5.5 |
| 2019-09-25 | CVE-2019-12717 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. | 7.8 |
| 2019-09-25 | CVE-2019-12662 | Improper Verification of Cryptographic Signature vulnerability in Cisco products A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. | 6.7 |
| 2019-08-30 | CVE-2019-1977 | State Issues vulnerability in Cisco Nx-Os A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an endpoint device in certain circumstances. | 7.5 |
| 2019-08-30 | CVE-2019-1969 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. | 5.3 |