CVSS: 8.6EPSS: 0%CPEs: 33EXPL: 0CVE-2022-20623 – Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20623
A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device. This vulnerability is due to a logic error in the BFD rate limiter functionality. An attacker could exploit this vulnerability by sending a crafted stream of traffic through the device. A successful exploit could allow the attacker to cause BFD traffic to be dropped, resulting in BFD session flaps. BFD session flaps can cause route instability and dropped traffic, resulting in a denial of service (DoS) condition. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-bfd-dos-wGQXrzxn • CWE-399: Resource Management Errors •
CVSS: 9.0EPSS: 0%CPEs: 67EXPL: 0CVE-2022-20650 – Cisco NX-OS Software NX-API Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2022-20650
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation of user supplied data that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP POST request to the NX-API of an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. Note: The NX-API feature is disabled by default. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-nxapi-cmdinject-ULukNMZ2 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.6EPSS: 0%CPEs: 42EXPL: 0CVE-2021-1586 – Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1586
A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition. Una vulnerabilidad en las configuraciones de red Multi-Pod o Multi-Site para Cisco Nexus 9000 Series Fabric Switches en el modo Application Centric Infrastructure (ACI) podría permitir a un atacante remoto no autenticado reiniciar inesperadamente el dispositivo, resultando en una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.2EPSS: 0%CPEs: 42EXPL: 0CVE-2021-1584 – Cisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-1584
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient restrictions during the execution of a specific CLI command. An attacker with administrative privileges could exploit this vulnerability by performing a command injection attack on the vulnerable command. A successful exploit could allow the attacker to access the underlying operating system as root. Una vulnerabilidad en Cisco Nexus 9000 Series Fabric Switches en el modo Application Centric Infrastructure (ACI) podría permitir a un atacante local autenticado elevar los privilegios en un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-mdvul-vrKVgNU • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.4EPSS: 0%CPEs: 42EXPL: 0CVE-2021-1583 – Cisco Nexus 9000 Series Fabric Switches ACI Mode Arbitrary File Read Vulnerability
https://notcve.org/view.php?id=CVE-2021-1583
A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system. This vulnerability is due to improper access control. An attacker with Administrator privileges could exploit this vulnerability by executing a specific vulnerable command on an affected device. A successful exploit could allow the attacker to read arbitrary files on the file system of the affected device. Una vulnerabilidad en el control de acceso al sistema de archivos de la infraestructura de fábrica de Cisco Nexus 9000 Series Fabric Switches en el modo Application Centric Infrastructure (ACI) podría permitir a un atacante local autenticado leer archivos arbitrarios en un sistema afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-afr-UtjfO2D7 • CWE-284: Improper Access Control •