CVSS: 7.4EPSS: 0%CPEs: 34EXPL: 0CVE-2019-1890 – Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability
https://notcve.org/view.php?id=CVE-2019-1890
A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. The vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a malicious LLDP packet on the adjacent subnet to the Cisco Nexus 9000 Series Switch in ACI mode. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints. • http://www.securityfocus.com/bid/109052 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass • CWE-284: Improper Access Control •
CVSS: 8.6EPSS: 0%CPEs: 205EXPL: 0CVE-2019-1858 – Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1858
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. • http://www.securityfocus.com/bid/108358 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos • CWE-20: Improper Input Validation CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.2EPSS: 0%CPEs: 73EXPL: 0CVE-2019-1811 – Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities
https://notcve.org/view.php?id=CVE-2019-1811
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device. Una vulnerabilidad en la función Image Signature Verification del programa Cisco NX-OS podría permitir que un atacante local autenticado con credenciales de administrador para instalar una imagen de programa malintencionado en un dispositivo afectado. La vulnerabilidad se debe a que las firmas digitales del programa no se verifican correctamente durante la ejecución del comando CLI. • http://www.securityfocus.com/bid/108425 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.2EPSS: 0%CPEs: 73EXPL: 0CVE-2019-1812 – Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities
https://notcve.org/view.php?id=CVE-2019-1812
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device. Una vulnerabilidad en la función Image Signature Verification del software Cisco NX-OS podría permitir que un atacante local autenticado con credenciales de administrador para instalar una imagen de software malintencionado en un dispositivo afectado. La vulnerabilidad se debe a que las firmas digitales del software no se verifican correctamente durante la ejecución del comando CLI. • http://www.securityfocus.com/bid/108425 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.2EPSS: 0%CPEs: 73EXPL: 0CVE-2019-1813 – Cisco NX-OS CLI Command Software Image Signature Verification Vulnerability
https://notcve.org/view.php?id=CVE-2019-1813
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device. Una vulnerabilidad en la función Image Signature Verification del programa NX-OS de Cisco podría permitir que un atacante local autenticado con credenciales de administrador para instalar una imagen de programa malintencionado en un dispositivo afectado. La vulnerabilidad se debe a que las firmas digitales del programa no se verifican correctamente durante la ejecución del comando CLI. • http://www.securityfocus.com/bid/108425 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2 • CWE-347: Improper Verification of Cryptographic Signature •