Nexus 93180yc Fx3 Firmware

nexus_93180yc-fx3_firmware

Vendor: Cisco • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-20012 1Cisco 6Nexus 93180yc Fx3 Firmware Nexus 93180yc Fx3s FirmwareUcs 64108 Firmware+3 more Nov 21, 2024 Feb 23, 2023 N/A· v4 4.6 MEDIUM· v3 N/A· v2 A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender (FEX) when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker with physical access t...Show more A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender (FEX) when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability is due to the improper implementation of the password validation function. An attacker could exploit this vulnerability by logging in to the console port on an affected device. A successful exploit could allow the attacker to bypass authentication and execute a limited set of commands local to the FEX, which could cause a device reboot and denial of service (DoS) condition.Show less
CVE-2021-27853 3Cisco IeeeIetf 96Catalyst 6503 E Firmware Catalyst 6504 E FirmwareCatalyst 6506 E Firmware+93 more Nov 4, 2025 Sep 27, 2022 N/A· v4 4.7 MEDIUM· v3 N/A· v2 Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.
CVE-2022-20824 1Cisco 141Mds 9506 Firmware Mds 9513 FirmwareMds 9706 Firmware+138 more Nov 21, 2024 Aug 25, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial o...Show more A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation of specific values that are within a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, which would cause the affected device to reload, resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).Show less
CVE-2022-20823 1Cisco 146Nexus 3016 Firmware Nexus 3016q FirmwareNexus 3048 Firmware+143 more Nov 21, 2024 Aug 25, 2022 N/A· v4 8.6 HIGH· v3 N/A· v2 A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due...Show more A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory.Show less