Page 23 of 123 results (0.022 seconds)

CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0

A vulnerability in Intermediate System-to-Intermediate System (IS-IS) protocol packet processing of Cisco Nexus 5000, 6000, and 7000 Series Switches software could allow an unauthenticated, adjacent attacker to cause a reload of the affected device. Switches in the FabricPath domain crash because of an __inst_001__isis_fabricpath hap reset when processing a crafted link-state packet. More Information: CSCvc45002. Known Affected Releases: 7.1(3)N1(2.1) 7.1(3)N1(3.12) 7.3(2)N1(0.296) 8.0(1)S2. Known Fixed Releases: 6.2(18)S11 7.0(3)I5(1.170) 7.0(3)I5(2) 7.1(4)N1(0.4) 7.1(4)N1(1b) 7.1(5)N1(0.986) 7.1(5)N1(1) 7.2(3)D1(0.8) 7.3(2)N1(0.304) 7.3(2)N1(1) 8.0(0.96)S0 8.0(1) 8.0(1)E1 8.0(1)S4 8.3(0)CV(0.788). • http://www.securityfocus.com/bid/95638 http://www.securitytracker.com/id/1037658 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-nexus •

CVSS: 10.0EPSS: 2%CPEs: 46EXPL: 0

Buffer overflow in the Overlay Transport Virtualization (OTV) GRE feature in Cisco NX-OS 5.0 through 7.3 on Nexus 7000 and 7700 devices allows remote attackers to execute arbitrary code via long parameters in a packet header, aka Bug ID CSCuy95701. Desbordamiento de búfer en la funcionalidad Overlay Transport Virtualization (OTV) GRE en Cisco NX-OS 5.0 hasta la versión 7.3 en dispositivos Nexus 7000 y 7700 permite a atacantes remotos ejecutar código arbitrario a través de parámetros largos en una cabecera de paquete, vulnerabilidad también conocida como Bug ID CSCuy95701. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv http://www.securityfocus.com/bid/93409 http://www.securitytracker.com/id/1036946 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 134EXPL: 0

Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via malformed IPv4 DHCP packets to the DHCPv4 relay agent, aka Bug IDs CSCuq39250, CSCus21733, CSCus21739, CSCut76171, and CSCux67182. Cisco NX-OS 4.1 hasta la versión 7.3 y 11.0 hasta la versión 11.2 en dispositivos Nexus 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700 y 9000 permite a atacantes remotos provocar una denegación de servicio (caída de dispositivo) a través de paquetes IPv4 DHCP malformados al agente de retransmisión DHCPv4, vulnerabilidad también conocida como Bug IDs CSCuq39250, CSCus21733, CSCus21739, CSCut76171 y CSCux67182. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp2 http://www.securityfocus.com/bid/93419 http://www.securitytracker.com/id/1036949 • CWE-399: Resource Management Errors •

CVSS: 7.1EPSS: 0%CPEs: 65EXPL: 0

Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417. Cisco NX-OS 4.0 hasta la versión 7.3 y 11.0 hasta la versión 11.2 en dispositivos 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700 y 9000 permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) aprovechando una relación entre iguales para enviar un mensaje BGP UPDATE manipulado, vulnerabilidad también conocida como Bug IDs CSCuq77105 y CSCux11417. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp http://www.securityfocus.com/bid/93417 http://www.securitytracker.com/id/1036950 • CWE-20: Improper Input Validation •

CVSS: 9.0EPSS: 0%CPEs: 250EXPL: 0

Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492. Cisco NX-OS 4.0 hasta la versión 7.3 en Multilayer Director y dispositivos Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700 y 9000 permite a usuarios remotos autenticados eludir restricciones AAA destinadas y obtener un acceso CLI privilegiado a través de parámetros manipulados en una negociación de conexión SSH, vulnerabilidad también conocida como Bug IDs CSCum35502, CSCuw78669, CSCuw79754 y CSCux88492. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa http://www.securityfocus.com/bid/93410 http://www.securitytracker.com/id/1036947 • CWE-264: Permissions, Privileges, and Access Controls •