CVSS: 8.6EPSS: 1%CPEs: 386EXPL: 0CVE-2020-3517 – Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3517
27 Aug 2020 — A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 679EXPL: 0CVE-2020-3217 – Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-3217
03 Jun 2020 — A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient length restrictions when the onePK Topology Discovery Service parses Cisco Discovery Protocol messages. An attacker could exploit this vulnerability ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 17EXPL: 0CVE-2020-3170 – Cisco NX-OS Software NX-API Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3170
26 Feb 2020 — A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; howe... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-api-dos • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 119EXPL: 0CVE-2020-3172 – Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3172
26 Feb 2020 — A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful expl... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp • CWE-20: Improper Input Validation •
CVSS: 4.7EPSS: 0%CPEs: 82EXPL: 0CVE-2020-3174 – Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability
https://notcve.org/view.php?id=CVE-2020-3174
26 Feb 2020 — A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-arp • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 8.8EPSS: 7%CPEs: 120EXPL: 0CVE-2020-3119 – Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-3119
05 Feb 2020 — A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit co... • http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html • CWE-787: Out-of-bounds Write •
CVSS: 7.4EPSS: 0%CPEs: 208EXPL: 0CVE-2020-3120 – Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3120
05 Feb 2020 — A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected devi... • http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 92EXPL: 0CVE-2019-12717 – Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2019-12717
25 Sep 2019 — A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-nxos-vman-cmd-inj • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: 0%CPEs: 138EXPL: 0CVE-2019-12662 – Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-12662
25 Sep 2019 — A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected devic... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.5EPSS: 0%CPEs: 114EXPL: 0CVE-2019-1968 – Cisco NX-OS Software NX-API Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1968
29 Aug 2019 — A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; howe... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos • CWE-20: Improper Input Validation CWE-116: Improper Encoding or Escaping of Output •