Vulnerabilities > Cisco > NX OS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-06-24 | CVE-2015-4213 | Information Exposure vulnerability in Cisco Nx-Os 1.1(1G) Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391. | 4.0 |
| 2015-06-20 | CVE-2015-4197 | Improper Input Validation vulnerability in Cisco Nx-Os 5.2(5) Cisco NX-OS 5.2(5) on Nexus 7000 devices allows remote attackers to cause a denial of service (device crash) by sending a malformed LLDP packet on the local network, aka Bug ID CSCud89415. | 6.1 |
| 2015-06-12 | CVE-2015-0775 | Resource Management Errors vulnerability in Cisco MDS 9000 Nx-Os, Nexus 1000V and Nx-Os The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182. | 5.0 |
| 2015-04-03 | CVE-2015-0686 | Resource Management Errors vulnerability in Cisco Nx-Os 6.1(2)I2(3) The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service (device reload) via unspecified vectors, aka Bug ID CSCuq92240. | 6.3 |
| 2015-02-03 | CVE-2014-8013 | Improper Input Validation vulnerability in Cisco Nx-Os The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a denial of service (device reload) via a long CLI command, aka Bug ID CSCur54182. | 4.9 |
| 2015-01-10 | CVE-2015-0582 | Improper Input Validation vulnerability in Cisco Nx-Os The High Availability (HA) subsystem in Cisco NX-OS on MDS 9000 devices allows remote attackers to cause a denial of service via crafted traffic, aka Bug ID CSCuo09129. | 5.0 |
| 2014-08-19 | CVE-2014-3341 | Information Exposure vulnerability in Cisco products The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows remote attackers to enumerate VLANs via a series of requests, aka Bug ID CSCup85616. | 5.0 |
| 2014-08-11 | CVE-2014-3330 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nexus 9000 and Nx-Os Cisco NX-OS 6.1(2)I2(1) on Nexus 9000 switches does not properly process packet-drop policy checks for logged packets, which allows remote attackers to bypass intended access restrictions via a flood of packets matching a policy that contains the log keyword, aka Bug ID CSCuo02489. | 5.0 |
| 2014-06-14 | CVE-2014-3295 | Improper Authentication vulnerability in Cisco Nx-Os The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authentication and cause a denial of service (group-member state modification and traffic blackholing) via malformed HSRP packets, aka Bug ID CSCup11309. | 4.8 |
| 2014-05-20 | CVE-2013-6975 | Path Traversal vulnerability in Cisco Nx-Os Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and earlier allows local users to read arbitrary files via unspecified input, aka Bug ID CSCul05217. | 4.6 |