CVSS: 6.7EPSS: 0%CPEs: 475EXPL: 1CVE-2024-20399 – Cisco NX-OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2024-20399
01 Jul 2024 — A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary c... • https://github.com/Blootus/CVE-2024-20399-Cisco-RCE • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.1EPSS: 0%CPEs: 87EXPL: 0CVE-2023-20168
https://notcve.org/view.php?id=CVE-2023-20168
23 Aug 2023 — A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication attempt if the directed request option is enabled for TACACS+ or RADIUS. An attacker could exploit this vulnerability by entering a crafted string at the login prompt of an affected device. A successful exploit could allow the attacker to... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-remoteauth-dos-XB6pv74m • CWE-20: Improper Input Validation CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 171EXPL: 0CVE-2023-20050 – Cisco NX-OS Software CLI Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2023-20050
23 Feb 2023 — A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating syst... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cli-cmdinject-euQVK9u • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 288EXPL: 0CVE-2022-20824 – Cisco FXOS and NX-OS Software Cisco Discovery Protocol Denial of Service and Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-20824
25 Aug 2022 — A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation of specific values that are within a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected de... • https://security.netapp.com/advisory/ntap-20220923-0001 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 2%CPEs: 118EXPL: 0CVE-2022-20625 – Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20625
23 Feb 2022 — A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of Cisco Discovery Protocol messages that are processed by the Cisco Discovery Protocol service. An attacker could exploit this vulnerability by sending a series of malicious Cisco Discovery Protocol messages to an affected devi... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdp-dos-G8DPLWYG • CWE-399: Resource Management Errors •
CVSS: 7.4EPSS: 0%CPEs: 251EXPL: 0CVE-2021-34714 – Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-34714
23 Sep 2021 — A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to ca... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 17EXPL: 0CVE-2020-3170 – Cisco NX-OS Software NX-API Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3170
26 Feb 2020 — A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; howe... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-api-dos • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 119EXPL: 0CVE-2020-3172 – Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3172
26 Feb 2020 — A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful expl... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp • CWE-20: Improper Input Validation •
CVSS: 4.7EPSS: 0%CPEs: 82EXPL: 0CVE-2020-3174 – Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability
https://notcve.org/view.php?id=CVE-2020-3174
26 Feb 2020 — A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-arp • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 8.6EPSS: 2%CPEs: 14EXPL: 0CVE-2020-3175 – Cisco MDS 9000 Series Multilayer Switches Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3175
26 Feb 2020 — A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource usage control. An attacker could exploit this vulnerability by sending traffic to the management interface (mgmt0) of an affected device at very high rates. An exploit could allow the attacker to cause unexpected behaviors such as h... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-mds-ovrld-dos • CWE-400: Uncontrolled Resource Consumption CWE-664: Improper Control of a Resource Through its Lifetime •