Vulnerabilities > Cisco > NX OS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-28 | CVE-2019-1965 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco Nx-Os A vulnerability in the Virtual Shell (VSH) session management for Cisco NX-OS Software could allow an authenticated, remote attacker to cause a VSH process to fail to delete upon termination. | 7.7 |
| 2019-08-28 | CVE-2019-1964 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the IPv6 traffic processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an unexpected restart of the netstack process on an affected device. | 7.5 |
| 2019-08-28 | CVE-2019-1962 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system. | 7.5 |
| 2019-07-31 | CVE-2019-1901 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges. | 8.8 |
| 2019-05-16 | CVE-2019-1858 | Improper Handling of Exceptional Conditions vulnerability in Cisco Nx-Os A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. | 8.6 |
| 2019-05-15 | CVE-2019-1735 | Argument Injection or Modification vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. | 7.8 |
| 2019-05-15 | CVE-2019-1726 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. | 7.8 |
| 2019-05-03 | CVE-2019-1836 | Link Following vulnerability in Cisco Nx-Os 14.0(3D) A vulnerability in the system shell for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to use symbolic links to overwrite system files. | 7.1 |
| 2019-05-03 | CVE-2019-1592 | Improper Input Validation vulnerability in Cisco Nx-Os 14.1(0.90) A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. | 7.8 |
| 2019-05-03 | CVE-2019-1590 | Improper Certificate Validation vulnerability in Cisco Nx-Os 14.1(0.90)/8.3(0)Sk(0.39) A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an affected device. | 8.1 |