Vulnerabilities > Cisco > NX OS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-05-07 | CVE-2014-0684 | Improper Input Validation vulnerability in Cisco products Cisco NX-OS 6.2(2) on Nexus 7000 switches allows local users to cause a denial of service via crafted sed input, aka Bug ID CSCui56136. | 4.6 |
| 2014-01-22 | CVE-2014-0677 | Improper Input Validation vulnerability in Cisco Nx-Os The Label Distribution Protocol (LDP) functionality in Cisco NX-OS allows remote attackers to cause a denial of service (temporary LDP session outage) via LDP discovery traffic containing malformed Hello messages, aka Bug ID CSCul88851. | 5.0 |
| 2014-01-22 | CVE-2014-0676 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os Cisco NX-OS allows local users to bypass intended TACACS+ command restrictions via a series of multiple commands, aka Bug ID CSCum47367. | 6.8 |
| 2014-01-08 | CVE-2013-6982 | Improper Input Validation vulnerability in Cisco Nx-Os The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not properly handle the interaction of UPDATE messages with IPv6, VPNv4, and VPNv6 labeled unicast-address families, which allows remote attackers to cause a denial of service (peer reset) via a crafted message, aka Bug ID CSCuj03174. | 4.3 |
| 2013-12-21 | CVE-2012-4135 | Path Traversal vulnerability in Cisco Nx-Os Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and earlier allows local users to access arbitrary files via crafted command-line arguments during a delete action, aka Bug IDs CSCty07270, CSCty07271, CSCty07273, and CSCty07275. | 4.6 |
| 2013-12-21 | CVE-2012-4131 | Path Traversal vulnerability in Cisco Nx-Os Directory traversal vulnerability in tar in Cisco NX-OS allows local users to access arbitrary files via crafted command-line arguments, aka Bug IDs CSCty07157, CSCty07159, CSCty07162, and CSCty07164. | 4.6 |
| 2013-11-13 | CVE-2013-6683 | Improper Input Validation vulnerability in Cisco Nx-Os The IPv6 implementation in Cisco NX-OS does not properly handle neighbor-table adjacencies, which allows remote attackers to cause a denial of service (NS processing outage) via a series of malformed packets, aka Bug ID CSCtd15904. | 6.1 |
| 2013-11-08 | CVE-2013-5566 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Nx-Os Cisco NX-OS 5.0 and earlier on MDS 9000 devices allows remote attackers to cause a denial of service (supervisor CPU consumption) via Authentication Header (AH) authentication in a Virtual Router Redundancy Protocol (VRRP) frame, aka Bug ID CSCte27874. | 5.0 |
| 2013-10-14 | CVE-2012-4121 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os Cisco NX-OS allows local users to gain privileges, and read or modify arbitrary files, via the sed (1) r and (2) w commands, aka Bug IDs CSCts56559, CSCts56565, CSCts56570, and CSCts56574. | 6.8 |
| 2013-10-14 | CVE-2012-4099 | Improper Input Validation vulnerability in Cisco Nx-Os The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service (BGP service reset and resync) via a malformed UPDATE message, aka Bug ID CSCtn13065. | 4.3 |