Vulnerabilities > Cisco > NX OS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-15 | CVE-2019-1727 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and issue arbitrary commands to elevate the attacker's privilege level. | 6.7 |
| 2019-05-13 | CVE-2019-1649 | Improper Locking vulnerability in Cisco products A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. | 6.7 |
| 2019-05-03 | CVE-2019-1589 | Missing Encryption of Sensitive Data vulnerability in Cisco Nx-Os 8.3(0)Sk(0.39) A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. | 4.6 |
| 2019-05-03 | CVE-2019-1587 | Improper Input Validation vulnerability in Cisco Nx-Os 8.3(0)Sk(0.39) A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information. | 4.3 |
| 2019-03-11 | CVE-2019-1615 | Improper Verification of Cryptographic Signature vulnerability in Cisco Nx-Os A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. | 6.7 |
| 2019-03-11 | CVE-2019-1613 | Argument Injection or Modification vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. | 6.7 |
| 2019-03-11 | CVE-2019-1612 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. | 6.7 |
| 2019-03-11 | CVE-2019-1611 | Argument Injection or Modification vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. | 6.7 |
| 2019-03-11 | CVE-2019-1610 | Argument Injection or Modification vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. | 6.7 |
| 2019-03-08 | CVE-2019-1609 | Argument Injection or Modification vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. | 6.7 |