CVSS: 7.8EPSS: 1%CPEs: 105EXPL: 0CVE-2018-0311
https://notcve.org/view.php?id=CVE-2018-0311
21 Jun 2018 — A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful... • http://www.securitytracker.com/id/1041169 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 101EXPL: 0CVE-2018-0331
https://notcve.org/view.php?id=CVE-2018-0331
21 Jun 2018 — A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could ... • http://www.securitytracker.com/id/1041169 • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 80EXPL: 0CVE-2018-0291
https://notcve.org/view.php?id=CVE-2018-0291
20 Jun 2018 — A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application ... • http://www.securitytracker.com/id/1041169 • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 2%CPEs: 67EXPL: 0CVE-2017-3883
https://notcve.org/view.php?id=CVE-2017-3883
19 Oct 2017 — A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability occurs because AAA processes prevent the NX-OS System Manager from receiving keepalive messages when an affected device receives a high rate of login attempts, such as in a brute-force login attack. System memory can run low on the FXOS ... • http://www.securityfocus.com/bid/101493 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.2EPSS: 0%CPEs: 3788EXPL: 0CVE-2017-6770
https://notcve.org/view.php?id=CVE-2017-6770
07 Aug 2017 — Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit... • http://www.securityfocus.com/bid/100005 • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 0%CPEs: 250EXPL: 0CVE-2015-0721
https://notcve.org/view.php?id=CVE-2015-0721
06 Oct 2016 — Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492. Cisco NX-OS 4.0 hasta la versión 7.3 en Multilayer Director y dispositivos Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 1%CPEs: 65EXPL: 0CVE-2016-1454
https://notcve.org/view.php?id=CVE-2016-1454
06 Oct 2016 — Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417. Cisco NX-OS 4.0 hasta la versión 7.3 y 11.0 hasta la versión 11.2 en dispositivos 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700 y 9000 permite a atacantes remotos provocar una denegación ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 22EXPL: 0CVE-2016-1465
https://notcve.org/view.php?id=CVE-2016-1465
28 Jul 2016 — Cisco Nexus 1000v Application Virtual Switch (AVS) devices before 5.2(1)SV3(1.5i) allow remote attackers to cause a denial of service (ESXi hypervisor crash and purple screen) via a crafted Cisco Discovery Protocol packet that triggers an out-of-bounds memory access, aka Bug ID CSCuw57985. Dispositivos Cisco Nexus 1000v Application Virtual Switch (AVS) en versiones anteriores a 5.2(1)SV3(1.5i) permiten a atacantes remotos provocar una denegación de servicio (caída de hipervisor ESXi y pantalla morada) a tra... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-avs • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 2%CPEs: 4891EXPL: 0CVE-2016-1409
https://notcve.org/view.php?id=CVE-2016-1409
29 May 2016 — The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016. El protocolo de implementación Neighbor Discovery (ND) en la pila IPv6 en Cisco IOS XE 2.1 hasta la versión 3.17S, IOS XR 2.0.0 hasta la versión 5.3.2 y NX-OS permite a atacantes remotos provocar una den... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 24%CPEs: 64EXPL: 1CVE-2014-3341
https://notcve.org/view.php?id=CVE-2014-3341
19 Aug 2014 — The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows remote attackers to enumerate VLANs via a series of requests, aka Bug ID CSCup85616. El módulo SNMP en Cisco NX-OS 7.0(3)N1(1) y anteriores en los dispositivos Nexus 5000 y 6000 proporciona mensajes de error diferentes para solicitudes inválidas dependiendo de si existe el ID VLAN, lo que permite a atacantes remotos... • https://github.com/ehabhussein/snmpvlan • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •