CVSS: 5.1EPSS: 0%CPEs: 81EXPL: 0CVE-2019-1731 – Cisco NX-OS Software SSH Key Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-1731
A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. • http://www.securityfocus.com/bid/108353 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.5EPSS: 0%CPEs: 100EXPL: 0CVE-2019-1690 – Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability
https://notcve.org/view.php?id=CVE-2019-1690
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected. • http://www.securityfocus.com/bid/107317 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 101EXPL: 0CVE-2018-0331
https://notcve.org/view.php?id=CVE-2018-0331
A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007. • http://www.securitytracker.com/id/1041169 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •
CVSS: 7.7EPSS: 0%CPEs: 41EXPL: 0CVE-2018-0309
https://notcve.org/view.php?id=CVE-2018-0309
A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect implementation of the CLI command, resulting in a failure to free all allocated memory upon completion. An attacker could exploit this vulnerability by authenticating to the affected device and repeatedly issuing a specific CLI command or sending a specific SNMP poll request for a specific Object Identifier (OID). A successful exploit could allow the attacker to cause the IP routing process to restart or to cause a device reset, resulting in a DoS condition. Cisco Bug IDs: CSCvf23136. • http://www.securitytracker.com/id/1041169 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 98EXPL: 0CVE-2018-0306
https://notcve.org/view.php?id=CVE-2018-0306
A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected device. Note: This vulnerability requires that any feature license is uploaded to the device. • http://www.securitytracker.com/id/1041169 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-execution • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •