Vulnerabilities > Cisco > NX OS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-10-14 | CVE-2012-4097 | Improper Input Validation vulnerability in Cisco Nx-Os The BGP implementation in Cisco NX-OS does not properly filter segment types in AS paths, which allows remote attackers to cause a denial of service (BGP service reset) via a malformed UPDATE message, aka Bug ID CSCtn13043. | 4.3 |
| 2013-10-14 | CVE-2012-4077 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via the sed e option, aka Bug IDs CSCtf25457 and CSCtf27651. | 6.8 |
| 2013-10-14 | CVE-2012-4076 | Improper Input Validation vulnerability in Cisco Nx-Os Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in a command that calls the system library function, aka Bug IDs CSCtf23559 and CSCtf27780. | 6.8 |
| 2013-10-05 | CVE-2012-4141 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os Directory traversal vulnerability in the CLI parser in Cisco NX-OS allows local users to create arbitrary script files via a relative pathname in the "file name" parameter, aka Bug IDs CSCua71557 and CSCua71551. | 6.2 |
| 2013-10-05 | CVE-2012-4122 | Improper Input Validation vulnerability in Cisco Nx-Os The CLI parser in Cisco NX-OS allows local users to bypass intended access restrictions, and overwrite or create arbitrary files, via shell output redirection, aka Bug IDs CSCts56672 and CSCts56669. | 6.2 |
| 2013-10-05 | CVE-2012-4098 | Improper Input Validation vulnerability in Cisco Nx-Os The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service (BGP service reset and resync) via a malformed UPDATE message, aka Bug ID CSCtn13055. | 5.0 |
| 2013-10-05 | CVE-2012-4091 | Improper Input Validation vulnerability in Cisco Nx-Os The RIP service engine in Cisco NX-OS allows remote attackers to cause a denial of service (engine restart) via a malformed (1) RIPv4 or (2) RIPv6 message, aka Bug ID CSCtj73415. | 5.0 |
| 2013-10-05 | CVE-2012-4090 | Permissions, Privileges, and Access Controls vulnerability in Cisco products The management interface in Cisco NX-OS on Nexus 7000 devices allows remote authenticated users to obtain sensitive configuration-file information by leveraging the network-operator role, aka Bug ID CSCti09089. | 4.0 |
| 2013-09-19 | CVE-2013-1121 | Resource Management Errors vulnerability in Cisco Nx-Os The regex engine in the BGP implementation in Cisco NX-OS, when a complex regular expression is configured for inbound routes, allows remote attackers to cause a denial of service (device reload) via a crafted AS path set, aka Bug ID CSCuf49554. | 5.4 |
| 2013-09-16 | CVE-2013-5496 | Improper Input Validation vulnerability in Cisco Nx-Os Open Network Environment Platform (ONEP) in Cisco NX-OS allows remote authenticated users to cause a denial of service (network-element reload) via a crafted packet, aka Bug ID CSCui51551. | 6.3 |