Vulnerabilities > Cisco > NX OS > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-27 | CVE-2020-3504 | Resource Exhaustion vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. | 3.3 |
| 2020-02-26 | CVE-2020-3174 | Insufficient Verification of Data Authenticity vulnerability in Cisco Nx-Os 8.1(1)/8.4(1)/9.3(1) A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. | 3.3 |
| 2019-05-15 | CVE-2019-1731 | Information Exposure vulnerability in Cisco Nx-Os A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. | 2.1 |
| 2019-05-15 | CVE-2019-1733 | Cross-site Scripting vulnerability in Cisco Nx-Os A vulnerability in the NX API (NX-API) Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the NX-API Sandbox interface of an affected device. | 3.5 |
| 2019-05-03 | CVE-2019-1589 | Information Exposure vulnerability in Cisco Nx-Os 8.3(0)Sk(0.39) A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. | 2.1 |
| 2019-03-06 | CVE-2019-1588 | Improper Privilege Management vulnerability in Cisco Nx-Os A vulnerability in the Cisco Nexus 9000 Series Fabric Switches running in Application-Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected device. | 2.1 |
| 2018-01-18 | CVE-2018-0092 | Missing Authorization vulnerability in Cisco Nx-Os 7.0(3)I5(2)/7.0(3)I6(1)/7.0(3)I7(1) A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software could allow an authenticated, local attacker to improperly delete valid user accounts. | 3.6 |
| 2017-11-30 | CVE-2017-12338 | Improper Input Validation vulnerability in Cisco products A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. | 2.1 |
| 2017-06-13 | CVE-2017-6655 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when an FCoE-related process unexpectedly reloads. | 3.3 |
| 2015-07-03 | CVE-2015-4231 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os 6.2(8A) The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC's files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416. | 3.6 |