Page 26 of 136 results (0.010 seconds)

CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0

A vulnerability in Intermediate System-to-Intermediate System (IS-IS) protocol packet processing of Cisco Nexus 5000, 6000, and 7000 Series Switches software could allow an unauthenticated, adjacent attacker to cause a reload of the affected device. Switches in the FabricPath domain crash because of an __inst_001__isis_fabricpath hap reset when processing a crafted link-state packet. More Information: CSCvc45002. Known Affected Releases: 7.1(3)N1(2.1) 7.1(3)N1(3.12) 7.3(2)N1(0.296) 8.0(1)S2. Known Fixed Releases: 6.2(18)S11 7.0(3)I5(1.170) 7.0(3)I5(2) 7.1(4)N1(0.4) 7.1(4)N1(1b) 7.1(5)N1(0.986) 7.1(5)N1(1) 7.2(3)D1(0.8) 7.3(2)N1(0.304) 7.3(2)N1(1) 8.0(0.96)S0 8.0(1) 8.0(1)E1 8.0(1)S4 8.3(0)CV(0.788). • http://www.securityfocus.com/bid/95638 http://www.securitytracker.com/id/1037658 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-nexus •

CVSS: 10.0EPSS: 2%CPEs: 46EXPL: 0

Buffer overflow in the Overlay Transport Virtualization (OTV) GRE feature in Cisco NX-OS 5.0 through 7.3 on Nexus 7000 and 7700 devices allows remote attackers to execute arbitrary code via long parameters in a packet header, aka Bug ID CSCuy95701. Desbordamiento de búfer en la funcionalidad Overlay Transport Virtualization (OTV) GRE en Cisco NX-OS 5.0 hasta la versión 7.3 en dispositivos Nexus 7000 y 7700 permite a atacantes remotos ejecutar código arbitrario a través de parámetros largos en una cabecera de paquete, vulnerabilidad también conocida como Bug ID CSCuy95701. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv http://www.securityfocus.com/bid/93409 http://www.securitytracker.com/id/1036946 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.1EPSS: 0%CPEs: 65EXPL: 0

Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417. Cisco NX-OS 4.0 hasta la versión 7.3 y 11.0 hasta la versión 11.2 en dispositivos 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700 y 9000 permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) aprovechando una relación entre iguales para enviar un mensaje BGP UPDATE manipulado, vulnerabilidad también conocida como Bug IDs CSCuq77105 y CSCux11417. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp http://www.securityfocus.com/bid/93417 http://www.securitytracker.com/id/1036950 • CWE-20: Improper Input Validation •

CVSS: 9.0EPSS: 0%CPEs: 250EXPL: 0

Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492. Cisco NX-OS 4.0 hasta la versión 7.3 en Multilayer Director y dispositivos Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700 y 9000 permite a usuarios remotos autenticados eludir restricciones AAA destinadas y obtener un acceso CLI privilegiado a través de parámetros manipulados en una negociación de conexión SSH, vulnerabilidad también conocida como Bug IDs CSCum35502, CSCuw78669, CSCuw79754 y CSCux88492. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa http://www.securityfocus.com/bid/93410 http://www.securitytracker.com/id/1036947 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.8EPSS: 0%CPEs: 145EXPL: 0

Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) smart relay agent, aka Bug IDs CSCuq24603, CSCur93159, CSCus21693, and CSCut76171. Cisco NX-OS 4.1 hasta la versión 7.3 y 11.0 hasta la versión 11.2 en dispositivos Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700 y 9000 permite a atacantes remotos provocar una denegación de servicio (caída de dispositivo) a través de paquetes DHCP IPv4 manipulados a los agentes de retransmisión (1) DHCPv4 o (2) smart, vulnerabilidad también conocida como Bug IDs CSCuq24603, CSCur93159, CSCus21693 y CSCut76171. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1 http://www.securityfocus.com/bid/93406 http://www.securitytracker.com/id/1036948 • CWE-399: Resource Management Errors •