Vulnerabilities > Cisco > NX OS > High

DATE CVE VULNERABILITY TITLE RISK
2022-02-23 CVE-2022-20624 Improper Input Validation vulnerability in Cisco Nx-Os
A vulnerability in the Cisco Fabric Services over IP (CFSoIP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-20
7.5
2022-02-23 CVE-2022-20650 OS Command Injection vulnerability in Cisco Nx-Os 10.2(1.72)/7.3(8)N1(0.4)
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges.
network
low complexity
cisco CWE-78
8.8
2021-09-23 CVE-2021-34714 Improper Input Validation vulnerability in Cisco products
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload.
low complexity
cisco CWE-20
7.4
2021-08-25 CVE-2021-1586 Insufficient Verification of Data Authenticity vulnerability in Cisco Nx-Os 15.0(2E)/15.1(1H)
A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-345
8.6
2021-08-25 CVE-2021-1587 Interpretation Conflict vulnerability in Cisco Nx-Os
A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-436
8.6
2021-08-25 CVE-2021-1588 Out-of-bounds Read vulnerability in Cisco Nx-Os 7.0(3)I7(9)/8.4(1)/9.3(7)
A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-125
8.6
2021-08-25 CVE-2021-1523 Missing Release of Resource after Effective Lifetime vulnerability in Cisco Nx-Os 13.2(3N)/14.2(4I)
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped.
network
low complexity
cisco CWE-772
8.6
2021-02-24 CVE-2021-1387 Unspecified vulnerability in Cisco Nx-Os and Unified Computing System
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco
8.6
2021-02-24 CVE-2021-1368 Unspecified vulnerability in Cisco Nx-Os and Unified Computing System
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device.
low complexity
cisco
8.8
2021-02-24 CVE-2021-1230 Unspecified vulnerability in Cisco Nx-Os
A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition.
network
low complexity
cisco
7.5