Summary
Detail | |||
---|---|---|---|
Vendor | Cisco | First view | 2012-02-16 |
Product | Nexus 7000 18-Slot | Last view | 2014-05-25 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:* | 12 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.8 | 2014-05-25 | CVE-2014-2201 | The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bug ID CSCtw98915. |
7.1 | 2014-05-25 | CVE-2013-1191 | Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted SSH key data in an SSH session to a management interface, aka Bug ID CSCud88400. |
4.6 | 2014-05-07 | CVE-2014-0684 | Cisco NX-OS 6.2(2) on Nexus 7000 switches allows local users to cause a denial of service via crafted sed input, aka Bug ID CSCui56136. |
4 | 2013-10-05 | CVE-2012-4090 | The management interface in Cisco NX-OS on Nexus 7000 devices allows remote authenticated users to obtain sensitive configuration-file information by leveraging the network-operator role, aka Bug ID CSCti09089. |
6.1 | 2013-04-29 | CVE-2013-1226 | The Ethernet frame-forwarding implementation in Cisco NX-OS on Nexus 7000 devices allows remote attackers to cause a denial of service (forwarding loop and service outage) via a crafted frame, aka Bug ID CSCug47098. |
9 | 2013-04-25 | CVE-2013-1180 | Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allows remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54822. |
9 | 2013-04-25 | CVE-2013-1179 | Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allow remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54830. |
8.3 | 2013-04-25 | CVE-2013-1178 | Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before 5.0(3)U3(1), Nexus 1000V devices 4.x before 4.2(1)SV1(5.1), MDS 9000 devices 4.x and 5.x before 5.2(4), Unified Computing System (UCS) 6100 and 6200 devices before 2.0(2m), and Connected Grid Router (CGR) 1000 devices before CG4(1) allow remote attackers to execute arbitrary code via malformed CDP packets, aka Bug IDs CSCtu10630, CSCtu10551, CSCtu10550, CSCtw56581, CSCtu10548, CSCtu10544, and CSCuf61275. |
4.9 | 2013-01-19 | CVE-2012-6396 | Cisco NX-OS on Nexus 7000 series switches does not properly handle certain line-card replacements, which might allow remote authenticated users to cause a denial of service (memory consumption) via a crafted configuration that references interfaces that do not exist on the new card, aka Bug ID CSCud44300. |
6.1 | 2012-09-16 | CVE-2012-3051 | Cisco NX-OS 5.2 and 6.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (process crash or packet loss) via a large number of ARP packets, aka Bug ID CSCtr44822. |
7.8 | 2012-08-06 | CVE-2012-2469 | Cisco NX-OS 4.2, 5.0, 5.1, and 5.2 on Nexus 7000 series switches, when the High Availability (HA) policy is configured for Reset, allows remote attackers to cause a denial of service (device reset) via a malformed Cisco Discovery Protocol (CDP) packet, aka Bug IDs CSCtk34535 and CSCtk19132. |
7.8 | 2012-02-16 | CVE-2012-0352 | Cisco NX-OS 4.2.x before 4.2(1)SV1(5.1) on Nexus 1000v series switches; 4.x and 5.0.x before 5.0(2)N1(1) on Nexus 5000 series switches; and 4.2.x before 4.2.8, 5.0.x before 5.0.5, and 5.1.x before 5.1.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (netstack process crash and device reload) via a malformed IP packet, aka Bug IDs CSCti23447, CSCti49507, and CSCtj01991. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
44% (4) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
22% (2) | CWE-399 | Resource Management Errors |
22% (2) | CWE-264 | Permissions, Privileges, and Access Controls |
11% (1) | CWE-20 | Improper Input Validation |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2014-A-0077 | Multiple Vulnerabilities in Cisco NX-OS Products Severity: Category I - VMSKEY: V0051611 |
2013-A-0100 | Multiple Vulnerabilities in Cisco NX-OS-Based Products Severity: Category I - VMSKEY: V0037772 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2014-05-30 | Name: The remote device is running a vulnerable version of NX-OS. File: cisco-sa-20140521-nxos.nasl - Type: ACT_GATHER_INFO |
2013-05-31 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sa-20130424-nxosmulti-nxos.nasl - Type: ACT_GATHER_INFO |