NotCVE - vendor:"Cisco" product:"Fx-os" version:" >= 2.4

5 results (0.002 seconds)

CVSS: 7.7EPSS: 0%CPEs: 184EXPL: 0

CVE-2019-1963 – Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability

https://notcve.org/view.php?id=CVE-2019-1963

28 Aug 2019 — A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A success... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos • CWE-20: Improper Input Validation •

CVSS: 8.6EPSS: 2%CPEs: 205EXPL: 0

CVE-2019-1858 – Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability

https://notcve.org/view.php?id=CVE-2019-1858

16 May 2019 — A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful e... • http://www.securityfocus.com/bid/108358 • CWE-20: Improper Input Validation CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 7.2EPSS: 0%CPEs: 112EXPL: 0

CVE-2019-1781 – Cisco FXOS and NX-OS Software Command Injection Vulnerability

https://notcve.org/view.php?id=CVE-2019-1781

15 May 2019 — A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlyin... • http://www.securityfocus.com/bid/108407 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •

CVSS: 7.2EPSS: 0%CPEs: 112EXPL: 0

CVE-2019-1782 – Cisco FXOS and NX-OS Software Command Injection Vulnerability

https://notcve.org/view.php?id=CVE-2019-1782

CVSS: 7.2EPSS: 0%CPEs: 44EXPL: 0

CVE-2019-1611 – Cisco FXOS and NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1611)

https://notcve.org/view.php?id=CVE-2019-1611

11 Mar 2019 — A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying... • http://www.securityfocus.com/bid/107381 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •