Vulnerabilities > Cisco > NX OS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-18 | CVE-2018-0372 | Resource Exhaustion vulnerability in Cisco Nx-Os 13.0(1K) A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause the device to run low on system memory, which could result in a Denial of Service (DoS) condition on an affected system. | 7.5 |
| 2018-06-21 | CVE-2018-0337 | Incorrect Authorization vulnerability in Cisco Nx-Os A vulnerability in the role-based access-checking mechanisms of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected device. | 7.8 |
| 2018-06-21 | CVE-2018-0313 | Injection vulnerability in Cisco Nx-Os A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to send a malicious packet to the management interface on an affected system and execute a command-injection exploit. | 8.8 |
| 2018-06-21 | CVE-2018-0311 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2018-06-21 | CVE-2018-0309 | Resource Exhaustion vulnerability in Cisco Nx-Os 7.0(3)I5(2)/7.0(3)I6(1) A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition. | 7.7 |
| 2018-06-21 | CVE-2018-0306 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. | 7.8 |
| 2018-06-21 | CVE-2018-0303 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. | 8.8 |
| 2018-06-21 | CVE-2018-0302 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. | 7.8 |
| 2018-06-21 | CVE-2018-0298 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. | 7.5 |
| 2018-06-20 | CVE-2018-0330 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. | 8.8 |