Nx Os

nx_os

Vendor: Cisco • 275 CVEs

CVEs (275)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-4099 1Cisco 1Nx Os Apr 29, 2026 Oct 14, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service (BGP service reset and resync) via a malformed UPDATE message, aka Bug ID CSCtn13065.
CVE-2012-4097 1Cisco 1Nx Os Apr 29, 2026 Oct 14, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The BGP implementation in Cisco NX-OS does not properly filter segment types in AS paths, which allows remote attackers to cause a denial of service (BGP service reset) via a malformed UPDATE message, aka Bug ID CSCtn130...Show more The BGP implementation in Cisco NX-OS does not properly filter segment types in AS paths, which allows remote attackers to cause a denial of service (BGP service reset) via a malformed UPDATE message, aka Bug ID CSCtn13043.Show less
CVE-2012-4077 1Cisco 1Nx Os Apr 29, 2026 Oct 14, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via the sed e option, aka Bug IDs CSCtf25457 and CSCtf27651.
CVE-2012-4076 1Cisco 1Nx Os Apr 29, 2026 Oct 14, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in a command that calls the system library function, aka Bug IDs CSCtf23559 and CSCtf27780.
CVE-2012-4141 1Cisco 1Nx Os Apr 29, 2026 Oct 5, 2013 N/A· v4 N/A· v3 6.2 MEDIUM· v2 Directory traversal vulnerability in the CLI parser in Cisco NX-OS allows local users to create arbitrary script files via a relative pathname in the "file name" parameter, aka Bug IDs CSCua71557 and CSCua71551.
CVE-2012-4122 1Cisco 1Nx Os Apr 29, 2026 Oct 5, 2013 N/A· v4 N/A· v3 6.2 MEDIUM· v2 The CLI parser in Cisco NX-OS allows local users to bypass intended access restrictions, and overwrite or create arbitrary files, via shell output redirection, aka Bug IDs CSCts56672 and CSCts56669.
CVE-2012-4098 1Cisco 1Nx Os Apr 29, 2026 Oct 5, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service (BGP service reset and resync) via a malformed UPDATE message, aka Bug ID CSCtn13055.
CVE-2012-4091 1Cisco 1Nx Os Apr 29, 2026 Oct 5, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The RIP service engine in Cisco NX-OS allows remote attackers to cause a denial of service (engine restart) via a malformed (1) RIPv4 or (2) RIPv6 message, aka Bug ID CSCtj73415.
CVE-2012-4090 1Cisco 5Nexus 7000 Nexus 7000 10 SlotNexus 7000 18 Slot+2 more Apr 29, 2026 Oct 5, 2013 N/A· v4 N/A· v3 4.0 MEDIUM· v2 The management interface in Cisco NX-OS on Nexus 7000 devices allows remote authenticated users to obtain sensitive configuration-file information by leveraging the network-operator role, aka Bug ID CSCti09089.
CVE-2012-4075 1Cisco 1Nx Os Apr 29, 2026 Oct 5, 2013 N/A· v4 N/A· v3 7.2 HIGH· v2 Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in unspecified command parameters, aka Bug IDs CSCtf19827 and CSCtf27788.
CVE-2013-1121 1Cisco 1Nx Os Apr 29, 2026 Sep 19, 2013 N/A· v4 N/A· v3 5.4 MEDIUM· v2 The regex engine in the BGP implementation in Cisco NX-OS, when a complex regular expression is configured for inbound routes, allows remote attackers to cause a denial of service (device reload) via a crafted AS path se...Show more The regex engine in the BGP implementation in Cisco NX-OS, when a complex regular expression is configured for inbound routes, allows remote attackers to cause a denial of service (device reload) via a crafted AS path set, aka Bug ID CSCuf49554.Show less
CVE-2013-5496 1Cisco 1Nx Os Apr 29, 2026 Sep 16, 2013 N/A· v4 N/A· v3 6.3 MEDIUM· v2 Open Network Environment Platform (ONEP) in Cisco NX-OS allows remote authenticated users to cause a denial of service (network-element reload) via a crafted packet, aka Bug ID CSCui51551.
CVE-2013-0149 1Cisco 7Asa 5500 FwsmIos+4 more Apr 29, 2026 Aug 5, 2013 N/A· v4 N/A· v3 5.8 MEDIUM· v2 The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advert...Show more The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795.Show less
CVE-2013-3400 1Cisco 2Nexus 1000v Nx Os Apr 29, 2026 Jul 10, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The license-installation module in Cisco NX-OS on Nexus 1000V devices allows local users to execute arbitrary commands via crafted "install license" arguments, aka Bug ID CSCuh30824.
CVE-2013-1213 1Cisco 2Nexus 1000v Nx Os Apr 29, 2026 May 29, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco NX-OS on the Nexus 1000V does not assign the proper priority to heartbeat messages from a Virtual Ethernet Module (VEM) to a Virtual Supervisor Module (VSM), which allows remote attackers to cause a denial of servi...Show more Cisco NX-OS on the Nexus 1000V does not assign the proper priority to heartbeat messages from a Virtual Ethernet Module (VEM) to a Virtual Supervisor Module (VSM), which allows remote attackers to cause a denial of service (false VEM unavailability report) via a flood of UDP packets, aka Bug ID CSCud14840.Show less
CVE-2013-1212 1Cisco 2Nexus 1000v Nx Os Apr 29, 2026 May 29, 2013 N/A· v4 N/A· v3 5.8 MEDIUM· v2 The SSL functionality in Cisco NX-OS on the Nexus 1000V does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof servers, and intercept or modify Virtual Supervisor Module (VSM) to V...Show more The SSL functionality in Cisco NX-OS on the Nexus 1000V does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof servers, and intercept or modify Virtual Supervisor Module (VSM) to VMware vCenter communication, via a crafted certificate, aka Bug ID CSCud14837.Show less
CVE-2013-1211 1Cisco 1Nx Os Apr 29, 2026 May 29, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco NX-OS on the Nexus 1000V does not properly handle authentication for Virtual Ethernet Module (VEM) to Virtual Supervisor Module (VSM) communication, which allows remote attackers to obtain VEM access via (1) spoofe...Show more Cisco NX-OS on the Nexus 1000V does not properly handle authentication for Virtual Ethernet Module (VEM) to Virtual Supervisor Module (VSM) communication, which allows remote attackers to obtain VEM access via (1) spoofed STUN packets or (2) a crafted VMware ESXi instance, aka Bug ID CSCud14832.Show less
CVE-2013-1210 1Cisco 1Nx Os Apr 29, 2026 May 29, 2013 N/A· v4 N/A· v3 5.4 MEDIUM· v2 Array index error in the Virtual Ethernet Module (VEM) kernel driver for VMware ESXi in Cisco NX-OS on the Nexus 1000V, when STUN debugging is enabled, allows remote attackers to cause a denial of service (ESXi crash and...Show more Array index error in the Virtual Ethernet Module (VEM) kernel driver for VMware ESXi in Cisco NX-OS on the Nexus 1000V, when STUN debugging is enabled, allows remote attackers to cause a denial of service (ESXi crash and purple screen of death) by sending crafted STUN packets to a VEM, aka Bug ID CSCud14825.Show less
CVE-2013-1209 1Cisco 1Nx Os Apr 29, 2026 May 29, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The encryption functionality in the Virtual Supervisor Module (VSM) to Virtual Ethernet Module (VEM) communication component in Cisco NX-OS on the Nexus 1000V does not properly authenticate VSM/VEM packets, which allows...Show more The encryption functionality in the Virtual Supervisor Module (VSM) to Virtual Ethernet Module (VEM) communication component in Cisco NX-OS on the Nexus 1000V does not properly authenticate VSM/VEM packets, which allows remote attackers to disable packet-level encryption and integrity protection via crafted packets, aka Bug ID CSCud14710.Show less
CVE-2013-1208 1Cisco 1Nx Os Apr 29, 2026 May 29, 2013 N/A· v4 N/A· v3 5.8 MEDIUM· v2 The encryption functionality in Cisco NX-OS on the Nexus 1000V does not properly handle Virtual Supervisor Module (VSM) to Virtual Ethernet Module (VEM) communication, which allows remote attackers to intercept or modify...Show more The encryption functionality in Cisco NX-OS on the Nexus 1000V does not properly handle Virtual Supervisor Module (VSM) to Virtual Ethernet Module (VEM) communication, which allows remote attackers to intercept or modify network traffic by leveraging certain Layer 2 or Layer 3 access, aka Bug ID CSCud14691.Show less

Previous 1...10 11 121314 Next