CVSS: 8.6EPSS: 0%CPEs: 69EXPL: 0CVE-2021-1588 – Cisco NX-OS Software MPLS OAM Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1588
25 Aug 2021 — A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation when an affected device is processing an MPLS echo-request or echo-reply packet. An attacker could exploit this vulnerability by sending malicious MPLS echo-request or echo-reply packets to an interface that is enabled for MPLS forw... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-mpls-oam-dos-sGO9x5GM • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 8.6EPSS: 0%CPEs: 63EXPL: 0CVE-2021-1587 – Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1587
25 Aug 2021 — A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific packets with a Transparent Interconnection of Lots of Links (TRILL) OAM EtherType. An attacker could exploit this vulnerability by sending crafted packets, including the TRILL OAM EtherType of 0x8902, to a devi... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ngoam-dos-LTDb9Hv • CWE-115: Misinterpretation of Input CWE-436: Interpretation Conflict •
CVSS: 8.6EPSS: 0%CPEs: 42EXPL: 0CVE-2021-1586 – Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1586
25 Aug 2021 — A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.2EPSS: 0%CPEs: 42EXPL: 0CVE-2021-1584 – Cisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-1584
25 Aug 2021 — A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient restrictions during the execution of a specific CLI command. An attacker with administrative privileges could exploit this vulnerability by performing a command injection attack on the vulnerable command. A successful exploit could allow the attacker to access the underly... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-mdvul-vrKVgNU • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.4EPSS: 0%CPEs: 42EXPL: 0CVE-2021-1583 – Cisco Nexus 9000 Series Fabric Switches ACI Mode Arbitrary File Read Vulnerability
https://notcve.org/view.php?id=CVE-2021-1583
25 Aug 2021 — A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system. This vulnerability is due to improper access control. An attacker with Administrator privileges could exploit this vulnerability by executing a specific vulnerable command on an affected device. A successful exploit could allow the attacker to read arbitra... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-afr-UtjfO2D7 • CWE-284: Improper Access Control •
CVSS: 8.6EPSS: 1%CPEs: 470EXPL: 0CVE-2021-1387 – Cisco NX-OS Software IPv6 Netstack Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1387
24 Feb 2021 — A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because the software improperly releases resources when it processes certain IPv6 packets that are destined to an affected device. An attacker could exploit this vulnerability by sending multiple crafted IPv6 packets to an affected device. A successful exploit could cause the network stack to run out of avai... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipv6-netstack-edXPGV7K • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 108EXPL: 0CVE-2021-1368 – Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-1368
24 Feb 2021 — A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 43EXPL: 0CVE-2021-1367 – Cisco NX-OS Software Protocol Independent Multicast Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1367
24 Feb 2021 — A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted PIM packet to an affected device. A successful exploit could allow the attacker to cause a traffic loop, resulting in a DoS condition. Una vulnerabilidad en la funcionalidad Pr... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-dos-Y8SjMz4 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 50EXPL: 0CVE-2021-1361 – Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability
https://notcve.org/view.php?id=CVE-2021-1361
24 Feb 2021 — A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulner... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 4.7EPSS: 0%CPEs: 204EXPL: 0CVE-2021-1231 – Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1231
24 Feb 2021 — A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allo... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj • CWE-284: Improper Access Control CWE-346: Origin Validation Error •