Vulnerabilities > Cisco > NX OS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-01 | CVE-2024-20399 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. | 6.7 |
| 2023-08-23 | CVE-2023-20115 | Unspecified vulnerability in Cisco Nx-Os A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device. | 5.4 |
| 2023-08-23 | CVE-2023-20168 | Improper Input Validation vulnerability in Cisco Nx-Os 10.2(5)/9.3(11) A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. | 6.5 |
| 2023-02-23 | CVE-2023-20089 | Memory Leak vulnerability in Cisco Nx-Os A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. | 6.5 |
| 2022-02-23 | CVE-2022-20625 | Unspecified vulnerability in Cisco Firepower Extensible Operating System A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition. low complexity cisco | 4.3 |
| 2021-08-25 | CVE-2021-1583 | Unspecified vulnerability in Cisco Nx-Os 14.2(7F) A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system. | 4.4 |
| 2021-08-25 | CVE-2021-1584 | OS Command Injection vulnerability in Cisco Nx-Os 14.2(7F) A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |
| 2021-08-25 | CVE-2021-1590 | Unspecified vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service (DoS) condition. | 5.3 |
| 2021-08-25 | CVE-2021-1591 | Unspecified vulnerability in Cisco Nx-Os 9.3(4) A vulnerability in the EtherChannel port subscription logic of Cisco Nexus 9500 Series Switches could allow an unauthenticated, remote attacker to bypass access control list (ACL) rules that are configured on an affected device. | 5.3 |
| 2021-02-24 | CVE-2021-1367 | Improper Input Validation vulnerability in Cisco Nx-Os 9.3(5) A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 4.3 |