CVE-2023-44487 (GCVE-0-2023-44487)
Vulnerability from – Published: 2023-10-10 00:00 – Updated: 2025-11-04 21:08
VLAI?
Summary
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "http",
"vendor": "ietf",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-44487",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-23T20:34:21.334116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:35.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "CVE-2023-44487 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:08:27.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"tags": [
"x_transferred"
],
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"tags": [
"x_transferred"
],
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"tags": [
"x_transferred"
],
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/golang/go/issues/63417"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"tags": [
"x_transferred"
],
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"tags": [
"x_transferred"
],
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"tags": [
"x_transferred"
],
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/line/armeria/pull/5232"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/13/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-07T20:05:34.376Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"name": "[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/7"
},
{
"name": "[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"url": "https://github.com/golang/go/issues/63417"
},
{
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"url": "https://github.com/line/armeria/pull/5232"
},
{
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://github.com/grpc/grpc/releases/tag/v1.59.2"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-44487",
"datePublished": "2023-10-10T00:00:00.000Z",
"dateReserved": "2023-09-29T00:00:00.000Z",
"dateUpdated": "2025-11-04T21:08:27.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-10136 (GCVE-0-2020-10136)
Vulnerability from – Published: 2020-06-02 08:35 – Updated: 2025-11-03 20:33
VLAI?
Title
IP-in-IP protocol allows a remote, unauthenticated attacker to route arbitrary network traffic
Summary
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
Severity ?
No CVSS data available.
CWE
- CWE-290 - Authentication Bypass by Spoofing
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IETF | RFC2003 - IP Encapsulation within IP |
Affected:
STD 1
|
Credits
Thanks to Yannay Livneh for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:33:32.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#636397",
"tags": [
"x_transferred"
],
"url": "https://kb.cert.org/vuls/id/636397/"
},
{
"tags": [
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.digi.com/resources/security"
},
{
"name": "VU#636397",
"tags": [
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/636397"
},
{
"name": "Security Concerns with IP Tunneling",
"tags": [
"x_transferred"
],
"url": "https://datatracker.ietf.org/doc/html/rfc6169"
},
{
"url": "https://www.kb.cert.org/vuls/id/199397"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RFC2003 - IP Encapsulation within IP",
"vendor": "IETF",
"versions": [
{
"status": "affected",
"version": "STD 1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Yannay Livneh for reporting this issue."
}
],
"datePublic": "2020-06-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T21:10:04.191Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#636397",
"url": "https://kb.cert.org/vuls/id/636397/"
},
{
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4"
},
{
"url": "https://www.digi.com/resources/security"
},
{
"name": "VU#636397",
"url": "https://www.kb.cert.org/vuls/id/636397"
},
{
"name": "Security Concerns with IP Tunneling",
"url": "https://datatracker.ietf.org/doc/html/rfc6169"
}
],
"solutions": [
{
"lang": "en",
"value": "Customers should apply the latest patch provided by the affected vendor that addresses this issue and prevents unspecified IP-in-IP packets from being processed. Devices manufacturers are urged to disable IP-in-IP in their default configuration and require their customers to explicitly configure IP-in-IP as and when needed."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "IP-in-IP protocol allows a remote, unauthenticated attacker to route arbitrary network traffic",
"workarounds": [
{
"lang": "en",
"value": "Users can block IP-in-IP packets by filtering IP protocol number 4. Note this filtering is for the IPv4 Protocol (or IPv6 Next Header) field value of 4 and not IP protocol version 4 (IPv4)."
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2020-10136",
"datePublished": "2020-06-02T08:35:12.921Z",
"dateReserved": "2020-03-05T00:00:00.000Z",
"dateUpdated": "2025-11-03T20:33:32.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-20399 (GCVE-0-2024-20399)
Vulnerability from – Published: 2024-07-01 16:11 – Updated: 2025-10-21 18:43
VLAI?
Title
Cisco NX-OS Software CLI Command Injection Vulnerability
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device.
This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root.
Note: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. The following Cisco devices already allow administrative users to access the underlying operating system through the bash-shell feature, so, for these devices, this vulnerability does not grant any additional privileges:
Nexus 3000 Series Switches
Nexus 7000 Series Switches that are running Cisco NX-OS Software releases 8.1(1) and later
Nexus 9000 Series Switches in standalone NX-OS mode
Severity ?
6 (Medium)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Affected:
8.2(5)
Affected: 7.3(6)N1(1a) Affected: 7.3(5)D1(1) Affected: 8.4(2) Affected: 7.3(6)N1(1) Affected: 6.2(2) Affected: 8.4(3) Affected: 9.2(3) Affected: 7.0(3)I5(2) Affected: 8.2(1) Affected: 6.0(2)A8(7a) Affected: 7.0(3)I4(5) Affected: 6.0(2)A6(1) Affected: 7.3(1)D1(1) Affected: 6.2(14a) Affected: 7.0(3)I4(6) Affected: 7.3(4)N1(1) Affected: 7.0(3)I4(3) Affected: 9.2(2v) Affected: 6.0(2)A6(5b) Affected: 7.3(0)D1(1) Affected: 6.2(17a) Affected: 7.0(3)I4(7) Affected: 6.0(2)U6(1a) Affected: 7.1(5)N1(1b) Affected: 7.0(3)I4(1) Affected: 7.0(3)I4(8) Affected: 7.0(3)I4(2) Affected: 7.1(4)N1(1c) Affected: 7.0(3)IM3(1) Affected: 6.0(2)U6(5a) Affected: 6.0(2)A8(11) Affected: 6.0(2)A6(4a) Affected: 6.2(9) Affected: 6.2(5) Affected: 7.3(4)D1(1) Affected: 6.2(20) Affected: 9.2(1) Affected: 9.2(2t) Affected: 9.2(3y) Affected: 7.0(3)I4(1t) Affected: 6.0(2)U6(5c) Affected: 6.0(2)A6(4) Affected: 7.0(3)I7(6z) Affected: 9.3(2) Affected: 7.3(1)DY(1) Affected: 7.0(3)F3(3) Affected: 6.0(2)U6(6) Affected: 6.2(29) Affected: 7.0(3)I7(3z) Affected: 7.0(3)IM7(2) Affected: 6.0(2)A8(11b) Affected: 6.2(9a) Affected: 7.3(0)N1(1) Affected: 7.0(3)I7(5a) Affected: 6.2(11d) Affected: 8.1(1) Affected: 7.0(3)I6(1) Affected: 6.0(2)U6(10) Affected: 7.2(2)D1(2) Affected: 7.0(3)IM3(2) Affected: 6.0(2)A6(8) Affected: 8.2(2) Affected: 6.0(2)U6(1) Affected: 7.3(2)N1(1c) Affected: 7.0(3)I5(3b) Affected: 8.3(2) Affected: 7.3(5)N1(1) Affected: 6.0(2)A6(2a) Affected: 7.3(2)N1(1b) Affected: 6.2(27) Affected: 7.3(2)D1(3a) Affected: 7.3(1)N1(1) Affected: 6.0(2)U6(7) Affected: 9.2(4) Affected: 7.1(4)N1(1a) Affected: 7.1(3)N1(4) Affected: 7.0(3)IM3(2a) Affected: 6.2(8b) Affected: 6.0(2)A8(10) Affected: 7.1(3)N1(2) Affected: 6.2(13) Affected: 6.0(2)A8(2) Affected: 7.0(3)IC4(4) Affected: 6.2(1) Affected: 7.3(4)N1(1a) Affected: 8.1(2) Affected: 6.0(2)A6(3) Affected: 6.0(2)U6(5b) Affected: 7.0(3)F3(3c) Affected: 7.3(3)D1(1) Affected: 7.0(3)F3(1) Affected: 6.0(2)U6(5) Affected: 7.0(3)F3(5) Affected: 7.1(2)N1(1) Affected: 7.1(3)N1(3) Affected: 8.2(3) Affected: 6.0(2)A6(7) Affected: 7.0(3)I7(2) Affected: 6.2(5a) Affected: 6.2(18) Affected: 6.0(2)A6(5) Affected: 7.0(3)IM3(2b) Affected: 7.1(3)N1(1) Affected: 6.0(2)U6(4a) Affected: 7.0(3)I5(3) Affected: 7.0(3)I7(3) Affected: 6.0(2)A8(6) Affected: 7.0(3)I6(2) Affected: 8.3(1) Affected: 6.2(3) Affected: 6.2(22) Affected: 7.1(1)N1(1) Affected: 8.4(1) Affected: 8.1(1b) Affected: 7.3(0)N1(1b) Affected: 7.2(2)D1(4) Affected: 6.0(2)A8(5) Affected: 7.3(0)DX(1) Affected: 7.1(4)N1(1d) Affected: 7.3(2)D1(1) Affected: 7.3(2)N1(1) Affected: 6.0(2)U6(8) Affected: 7.1(1)N1(1a) Affected: 7.0(3)IM3(3) Affected: 9.3(1) Affected: 6.0(2)U6(2) Affected: 6.2(9b) Affected: 7.1(3)N1(2a) Affected: 7.3(0)N1(1a) Affected: 6.0(2)A8(7) Affected: 7.0(3)I7(6) Affected: 7.3(2)D1(2) Affected: 6.2(25) Affected: 6.0(2)U6(3a) Affected: 8.0(1) Affected: 6.0(2)A8(11a) Affected: 6.2(11e) Affected: 7.1(3)N1(5) Affected: 7.0(3)I4(8z) Affected: 6.2(11) Affected: 7.0(3)I4(9) Affected: 6.2(16) Affected: 6.2(19) Affected: 8.2(4) Affected: 6.2(2a) Affected: 7.2(2)D1(3) Affected: 7.1(0)N1(1b) Affected: 7.0(3)I7(4) Affected: 7.0(3)I7(7) Affected: 6.2(5b) Affected: 7.3(0)DY(1) Affected: 6.0(2)A8(9) Affected: 6.0(2)A8(1) Affected: 7.1(5)N1(1) Affected: 7.2(1)D1(1) Affected: 6.2(15) Affected: 6.0(2)A6(6) Affected: 6.0(2)A8(10a) Affected: 7.0(3)I5(1) Affected: 9.3(1z) Affected: 9.2(2) Affected: 6.2(7) Affected: 6.2(9c) Affected: 7.0(3)F3(4) Affected: 7.3(3)N1(1) Affected: 6.2(6b) Affected: 7.0(3)I4(8b) Affected: 8.1(2a) Affected: 7.3(2)D1(3) Affected: 6.2(8) Affected: 6.0(2)A8(3) Affected: 6.2(11b) Affected: 7.0(3)I4(6t) Affected: 7.0(3)I5(3a) Affected: 8.1(1a) Affected: 6.2(13a) Affected: 6.0(2)A8(8) Affected: 7.0(3)I7(5) Affected: 7.0(3)F3(3a) Affected: 7.1(0)N1(1a) Affected: 6.0(2)A8(4) Affected: 6.0(2)A6(3a) Affected: 6.0(2)A6(5a) Affected: 7.0(3)F2(1) Affected: 7.0(3)I4(8a) Affected: 6.0(2)U6(9) Affected: 7.0(3)F3(2) Affected: 6.0(2)U6(2a) Affected: 6.2(12) Affected: 6.2(17) Affected: 7.0(3)I4(4) Affected: 6.2(23) Affected: 6.2(13b) Affected: 6.0(2)U6(3) Affected: 6.2(10) Affected: 6.2(6a) Affected: 6.2(6) Affected: 7.1(2)N1(1a) Affected: 6.2(14) Affected: 7.0(3)I7(1) Affected: 6.2(14b) Affected: 6.2(21) Affected: 7.2(2)D1(1) Affected: 7.0(3)F2(2) Affected: 7.0(3)IA7(2) Affected: 7.0(3)IA7(1) Affected: 6.0(2)A8(7b) Affected: 6.2(8a) Affected: 6.2(11c) Affected: 7.0(3)F1(1) Affected: 6.0(2)A6(1a) Affected: 7.1(0)N1(1) Affected: 7.2(0)D1(1) Affected: 6.0(2)A6(2) Affected: 7.1(4)N1(1) Affected: 6.0(2)A8(4a) Affected: 6.2(20a) Affected: 6.0(2)U6(4) Affected: 8.4(1a) Affected: 9.3(3) Affected: 7.3(2)D1(1d) Affected: 7.3(7)N1(1) Affected: 6.2(24) Affected: 6.2(31) Affected: 7.0(3)I7(8) Affected: 6.0(2)U6(10a) Affected: 7.3(7)N1(1a) Affected: 9.3(4) Affected: 7.3(6)D1(1) Affected: 6.2(26) Affected: 8.2(6) Affected: 6.2(33) Affected: 9.3(5) Affected: 8.4(2a) Affected: 8.4(2b) Affected: 7.3(8)N1(1) Affected: 7.0(3)I7(9) Affected: 7.3(7)N1(1b) Affected: 6.2(24a) Affected: 8.5(1) Affected: 9.3(6) Affected: 10.1(2) Affected: 10.1(1) Affected: 8.4(4) Affected: 7.3(7)D1(1) Affected: 8.4(2c) Affected: 9.3(5w) Affected: 8.2(7) Affected: 7.3(9)N1(1) Affected: 9.3(7) Affected: 9.3(7k) Affected: 7.0(3)I7(9w) Affected: 10.2(1) Affected: 7.3(8)N1(1a) Affected: 7.3(8)D1(1) Affected: 9.3(7a) Affected: 8.2(7a) Affected: 9.3(8) Affected: 8.4(4a) Affected: 8.4(2d) Affected: 7.3(10)N1(1) Affected: 8.4(5) Affected: 7.0(3)I7(10) Affected: 7.3(8)N1(1b) Affected: 8.2(8) Affected: 10.2(1q) Affected: 10.2(2) Affected: 9.3(9) Affected: 7.3(9)D1(1) Affected: 7.3(11)N1(1) Affected: 10.2(3) Affected: 8.4(6) Affected: 8.4(2e) Affected: 9.3(10) Affected: 7.3(11)N1(1a) Affected: 10.2(2a) Affected: 7.3(12)N1(1) Affected: 9.2(1a) Affected: 8.2(9) Affected: 10.3(1) Affected: 10.2(4) Affected: 7.3(13)N1(1) Affected: 8.4(7) Affected: 10.3(2) Affected: 8.4(6a) Affected: 9.3(11) Affected: 10.3(3) Affected: 10.2(5) Affected: 9.4(1) Affected: 9.3(2a) Affected: 8.4(2f) Affected: 8.2(10) Affected: 9.3(12) Affected: 10.4(1) Affected: 8.4(8) Affected: 10.3(99w) Affected: 7.3(14)N1(1) Affected: 10.2(6) Affected: 10.3(3w) Affected: 10.3(99x) Affected: 10.3(3o) Affected: 8.4(9) Affected: 10.3(4) Affected: 10.3(3p) Affected: 10.3(4a) Affected: 9.4(1a) Affected: 10.4(2) Affected: 10.3(3q) Affected: 9.3(13) Affected: 8.2(11) Affected: 9.4(2) Affected: 10.3(5) Affected: 10.2(7) Affected: 10.3(3x) Affected: 10.3(4g) Affected: 10.2(8) Affected: 10.3(3r) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(1a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(5a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(5b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(7a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(7b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(10a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(11\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(11a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(11b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(1a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(5a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(5b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(5c\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(18\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(16\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(14\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(6a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(20\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(5b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(9a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(9b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(11\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(13a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(13b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(17\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(20a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(22\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(27\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(29\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(24\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(24a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(33\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(3c\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(8a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(8b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(8z\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I5\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I5\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I6\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I6\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(5a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(0\\)N1\\(1a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(0\\)N1\\(1b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(0\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(1\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(2\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(3\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(3\\)N1\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(4\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(5\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(5\\)N1\\(1b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.2\\(0\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.2\\(1\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.2\\(2\\)D1\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.2\\(2\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(0\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(0\\)DX\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(0\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(1\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(1\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(2\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(2\\)D1\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(2\\)D1\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(2\\)D1\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(2\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(3\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.1\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.1\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.1\\(1b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(7a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(11\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.3\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(2t\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(2v\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(4\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(3\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(4\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(5\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(2b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(2c\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(6a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(7a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(11\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(12\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(13\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(6\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(5\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(7\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(7\\)N1\\(1a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(7\\)N1\\(1b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(6\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(8\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(7\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(9\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.5\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(10\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(8\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(1q\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(3t\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(9\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(11\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(12\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(99w\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(99x\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(13\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(14\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.4\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.4\\(2\\):*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nx-os",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(1a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(2a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(3\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(3a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(4\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(4a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(5a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(5b\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(6\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(7\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(8\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(3\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(4\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(4a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(5\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(6\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(7\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(7a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(7b\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(8\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(9\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(10a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(10\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(11\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(11a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(11b\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(3\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(4\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(5\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(6\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(7\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(8\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(1a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(2a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(3a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(4a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(5a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(5b\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(5c\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(9\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(10\\)"
},
{
"status": "affected",
"version": "6.2\\(2\\)"
},
{
"status": "affected",
"version": "6.2\\(2a\\)"
},
{
"status": "affected",
"version": "6.2\\(6\\)"
},
{
"status": "affected",
"version": "6.2\\(6b\\)"
},
{
"status": "affected",
"version": "6.2\\(8\\)"
},
{
"status": "affected",
"version": "6.2\\(8a\\)"
},
{
"status": "affected",
"version": "6.2\\(8b\\)"
},
{
"status": "affected",
"version": "6.2\\(10\\)"
},
{
"status": "affected",
"version": "6.2\\(12\\)"
},
{
"status": "affected",
"version": "6.2\\(18\\)"
},
{
"status": "affected",
"version": "6.2\\(16\\)"
},
{
"status": "affected",
"version": "6.2\\(14\\)"
},
{
"status": "affected",
"version": "6.2\\(6a\\)"
},
{
"status": "affected",
"version": "6.2\\(20\\)"
},
{
"status": "affected",
"version": "6.2\\(1\\)"
},
{
"status": "affected",
"version": "6.2\\(5b\\)"
},
{
"status": "affected",
"version": "6.2\\(9\\)"
},
{
"status": "affected",
"version": "6.2\\(9a\\)"
},
{
"status": "affected",
"version": "6.2\\(9b\\)"
},
{
"status": "affected",
"version": "6.2\\(11\\)"
},
{
"status": "affected",
"version": "6.2\\(13a\\)"
},
{
"status": "affected",
"version": "6.2\\(13b\\)"
},
{
"status": "affected",
"version": "6.2\\(17\\)"
},
{
"status": "affected",
"version": "6.2\\(20a\\)"
},
{
"status": "affected",
"version": "6.2\\(22\\)"
},
{
"status": "affected",
"version": "6.2\\(27\\)"
},
{
"status": "affected",
"version": "6.2\\(29\\)"
},
{
"status": "affected",
"version": "6.2\\(24\\)"
},
{
"status": "affected",
"version": "6.2\\(24a\\)"
},
{
"status": "affected",
"version": "6.2\\(33\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F1\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F2\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F2\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F3\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F3\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F3\\(3a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F3\\(4\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F3\\(3c\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F3\\(5\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(4\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(5\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(6\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(7\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(8\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(8a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(8b\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(8z\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(9\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I5\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I5\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I6\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I6\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(4\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(5\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(5a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(6\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(7\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(8\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(9\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(10\\)"
},
{
"status": "affected",
"version": "7.1\\(0\\)N1\\(1a\\)"
},
{
"status": "affected",
"version": "7.1\\(0\\)N1\\(1b\\)"
},
{
"status": "affected",
"version": "7.1\\(0\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.1\\(1\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.1\\(2\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.1\\(3\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.1\\(3\\)N1\\(2\\)"
},
{
"status": "affected",
"version": "7.1\\(4\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.1\\(5\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.1\\(5\\)N1\\(1b\\)"
},
{
"status": "affected",
"version": "7.2\\(0\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.2\\(1\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.2\\(2\\)D1\\(2\\)"
},
{
"status": "affected",
"version": "7.2\\(2\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(0\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(0\\)DX\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(0\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(1\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(1\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(2\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(2\\)D1\\(2\\)"
},
{
"status": "affected",
"version": "7.3\\(2\\)D1\\(3\\)"
},
{
"status": "affected",
"version": "7.3\\(2\\)D1\\(3a\\)"
},
{
"status": "affected",
"version": "7.3\\(2\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(3\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "8.0\\(1\\)"
},
{
"status": "affected",
"version": "8.1\\(1\\)"
},
{
"status": "affected",
"version": "8.1\\(2\\)"
},
{
"status": "affected",
"version": "8.1\\(2a\\)"
},
{
"status": "affected",
"version": "8.1\\(1b\\)"
},
{
"status": "affected",
"version": "8.2\\(1\\)"
},
{
"status": "affected",
"version": "8.2\\(2\\)"
},
{
"status": "affected",
"version": "8.2\\(3\\)"
},
{
"status": "affected",
"version": "8.2\\(4\\)"
},
{
"status": "affected",
"version": "8.2\\(5\\)"
},
{
"status": "affected",
"version": "8.2\\(6\\)"
},
{
"status": "affected",
"version": "8.2\\(7\\)"
},
{
"status": "affected",
"version": "8.2\\(7a\\)"
},
{
"status": "affected",
"version": "8.2\\(8\\)"
},
{
"status": "affected",
"version": "8.2\\(9\\)"
},
{
"status": "affected",
"version": "8.2\\(10\\)"
},
{
"status": "affected",
"version": "8.2\\(11\\)"
},
{
"status": "affected",
"version": "8.3\\(1\\)"
},
{
"status": "affected",
"version": "8.3\\(2\\)"
},
{
"status": "affected",
"version": "9.2\\(1\\)"
},
{
"status": "affected",
"version": "9.2\\(2\\)"
},
{
"status": "affected",
"version": "9.2\\(2t\\)"
},
{
"status": "affected",
"version": "9.2\\(3\\)"
},
{
"status": "affected",
"version": "9.2\\(4\\)"
},
{
"status": "affected",
"version": "9.2\\(2v\\)"
},
{
"status": "affected",
"version": "7.3\\(4\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(3\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(4\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(5\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "8.4\\(1\\)"
},
{
"status": "affected",
"version": "8.4\\(2\\)"
},
{
"status": "affected",
"version": "8.4\\(3\\)"
},
{
"status": "affected",
"version": "8.4\\(2b\\)"
},
{
"status": "affected",
"version": "8.4\\(4\\)"
},
{
"status": "affected",
"version": "8.4\\(2c\\)"
},
{
"status": "affected",
"version": "8.4\\(4a\\)"
},
{
"status": "affected",
"version": "8.4\\(5\\)"
},
{
"status": "affected",
"version": "8.4\\(6\\)"
},
{
"status": "affected",
"version": "8.4\\(6a\\)"
},
{
"status": "affected",
"version": "8.4\\(7\\)"
},
{
"status": "affected",
"version": "8.4\\(2f\\)"
},
{
"status": "affected",
"version": "8.4\\(8\\)"
},
{
"status": "affected",
"version": "8.4\\(9\\)"
},
{
"status": "affected",
"version": "9.3\\(1\\)"
},
{
"status": "affected",
"version": "9.3\\(2\\)"
},
{
"status": "affected",
"version": "9.3\\(3\\)"
},
{
"status": "affected",
"version": "9.3\\(4\\)"
},
{
"status": "affected",
"version": "9.3\\(5\\)"
},
{
"status": "affected",
"version": "9.3\\(6\\)"
},
{
"status": "affected",
"version": "9.3\\(7\\)"
},
{
"status": "affected",
"version": "9.3\\(7a\\)"
},
{
"status": "affected",
"version": "9.3\\(8\\)"
},
{
"status": "affected",
"version": "9.3\\(9\\)"
},
{
"status": "affected",
"version": "9.3\\(10\\)"
},
{
"status": "affected",
"version": "9.3\\(11\\)"
},
{
"status": "affected",
"version": "9.3\\(2a\\)"
},
{
"status": "affected",
"version": "9.3\\(12\\)"
},
{
"status": "affected",
"version": "9.3\\(13\\)"
},
{
"status": "affected",
"version": "7.3\\(6\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(5\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(7\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(7\\)N1\\(1a\\)"
},
{
"status": "affected",
"version": "7.3\\(7\\)N1\\(1b\\)"
},
{
"status": "affected",
"version": "7.3\\(6\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(8\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(7\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(9\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "10.1\\(1\\)"
},
{
"status": "affected",
"version": "8.5\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(10\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(8\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "10.2\\(1\\)"
},
{
"status": "affected",
"version": "10.2\\(1q\\)"
},
{
"status": "affected",
"version": "10.2\\(2\\)"
},
{
"status": "affected",
"version": "10.2\\(3\\)"
},
{
"status": "affected",
"version": "10.2\\(3t\\)"
},
{
"status": "affected",
"version": "7.3\\(9\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(11\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(12\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "10.3\\(1\\)"
},
{
"status": "affected",
"version": "10.3\\(3\\)"
},
{
"status": "affected",
"version": "10.3\\(99w\\)"
},
{
"status": "affected",
"version": "10.3\\(99x\\)"
},
{
"status": "affected",
"version": "10.3\\(4a\\)"
},
{
"status": "affected",
"version": "10.3\\(5\\)"
},
{
"status": "affected",
"version": "7.3\\(13\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(14\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "10.4\\(1\\)"
},
{
"status": "affected",
"version": "10.4\\(2\\)"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20399",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T15:08:04.278010Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-07-02",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-20399"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T18:43:58.429Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"name": "CISA KEV",
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-20399"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-02T00:00:00+00:00",
"value": "CVE-2024-20399 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.407Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-nxos-cmd-injection-xD9OhyOP",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sygnia.co/threat-reports-and-advisories/china-nexus-threat-group-velvet-ant-exploits-cisco-0-day/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.2(5)"
},
{
"status": "affected",
"version": "7.3(6)N1(1a)"
},
{
"status": "affected",
"version": "7.3(5)D1(1)"
},
{
"status": "affected",
"version": "8.4(2)"
},
{
"status": "affected",
"version": "7.3(6)N1(1)"
},
{
"status": "affected",
"version": "6.2(2)"
},
{
"status": "affected",
"version": "8.4(3)"
},
{
"status": "affected",
"version": "9.2(3)"
},
{
"status": "affected",
"version": "7.0(3)I5(2)"
},
{
"status": "affected",
"version": "8.2(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7a)"
},
{
"status": "affected",
"version": "7.0(3)I4(5)"
},
{
"status": "affected",
"version": "6.0(2)A6(1)"
},
{
"status": "affected",
"version": "7.3(1)D1(1)"
},
{
"status": "affected",
"version": "6.2(14a)"
},
{
"status": "affected",
"version": "7.0(3)I4(6)"
},
{
"status": "affected",
"version": "7.3(4)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(3)"
},
{
"status": "affected",
"version": "9.2(2v)"
},
{
"status": "affected",
"version": "6.0(2)A6(5b)"
},
{
"status": "affected",
"version": "7.3(0)D1(1)"
},
{
"status": "affected",
"version": "6.2(17a)"
},
{
"status": "affected",
"version": "7.0(3)I4(7)"
},
{
"status": "affected",
"version": "6.0(2)U6(1a)"
},
{
"status": "affected",
"version": "7.1(5)N1(1b)"
},
{
"status": "affected",
"version": "7.0(3)I4(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8)"
},
{
"status": "affected",
"version": "7.0(3)I4(2)"
},
{
"status": "affected",
"version": "7.1(4)N1(1c)"
},
{
"status": "affected",
"version": "7.0(3)IM3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5a)"
},
{
"status": "affected",
"version": "6.0(2)A8(11)"
},
{
"status": "affected",
"version": "6.0(2)A6(4a)"
},
{
"status": "affected",
"version": "6.2(9)"
},
{
"status": "affected",
"version": "6.2(5)"
},
{
"status": "affected",
"version": "7.3(4)D1(1)"
},
{
"status": "affected",
"version": "6.2(20)"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.2(2t)"
},
{
"status": "affected",
"version": "9.2(3y)"
},
{
"status": "affected",
"version": "7.0(3)I4(1t)"
},
{
"status": "affected",
"version": "6.0(2)U6(5c)"
},
{
"status": "affected",
"version": "6.0(2)A6(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(6z)"
},
{
"status": "affected",
"version": "9.3(2)"
},
{
"status": "affected",
"version": "7.3(1)DY(1)"
},
{
"status": "affected",
"version": "7.0(3)F3(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(6)"
},
{
"status": "affected",
"version": "6.2(29)"
},
{
"status": "affected",
"version": "7.0(3)I7(3z)"
},
{
"status": "affected",
"version": "7.0(3)IM7(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(11b)"
},
{
"status": "affected",
"version": "6.2(9a)"
},
{
"status": "affected",
"version": "7.3(0)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I7(5a)"
},
{
"status": "affected",
"version": "6.2(11d)"
},
{
"status": "affected",
"version": "8.1(1)"
},
{
"status": "affected",
"version": "7.0(3)I6(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(10)"
},
{
"status": "affected",
"version": "7.2(2)D1(2)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(8)"
},
{
"status": "affected",
"version": "8.2(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(1)"
},
{
"status": "affected",
"version": "7.3(2)N1(1c)"
},
{
"status": "affected",
"version": "7.0(3)I5(3b)"
},
{
"status": "affected",
"version": "8.3(2)"
},
{
"status": "affected",
"version": "7.3(5)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(2a)"
},
{
"status": "affected",
"version": "7.3(2)N1(1b)"
},
{
"status": "affected",
"version": "6.2(27)"
},
{
"status": "affected",
"version": "7.3(2)D1(3a)"
},
{
"status": "affected",
"version": "7.3(1)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(7)"
},
{
"status": "affected",
"version": "9.2(4)"
},
{
"status": "affected",
"version": "7.1(4)N1(1a)"
},
{
"status": "affected",
"version": "7.1(3)N1(4)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2a)"
},
{
"status": "affected",
"version": "6.2(8b)"
},
{
"status": "affected",
"version": "6.0(2)A8(10)"
},
{
"status": "affected",
"version": "7.1(3)N1(2)"
},
{
"status": "affected",
"version": "6.2(13)"
},
{
"status": "affected",
"version": "6.0(2)A8(2)"
},
{
"status": "affected",
"version": "7.0(3)IC4(4)"
},
{
"status": "affected",
"version": "6.2(1)"
},
{
"status": "affected",
"version": "7.3(4)N1(1a)"
},
{
"status": "affected",
"version": "8.1(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(5b)"
},
{
"status": "affected",
"version": "7.0(3)F3(3c)"
},
{
"status": "affected",
"version": "7.3(3)D1(1)"
},
{
"status": "affected",
"version": "7.0(3)F3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(5)"
},
{
"status": "affected",
"version": "7.1(2)N1(1)"
},
{
"status": "affected",
"version": "7.1(3)N1(3)"
},
{
"status": "affected",
"version": "8.2(3)"
},
{
"status": "affected",
"version": "6.0(2)A6(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(2)"
},
{
"status": "affected",
"version": "6.2(5a)"
},
{
"status": "affected",
"version": "6.2(18)"
},
{
"status": "affected",
"version": "6.0(2)A6(5)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2b)"
},
{
"status": "affected",
"version": "7.1(3)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(4a)"
},
{
"status": "affected",
"version": "7.0(3)I5(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(3)"
},
{
"status": "affected",
"version": "6.0(2)A8(6)"
},
{
"status": "affected",
"version": "7.0(3)I6(2)"
},
{
"status": "affected",
"version": "8.3(1)"
},
{
"status": "affected",
"version": "6.2(3)"
},
{
"status": "affected",
"version": "6.2(22)"
},
{
"status": "affected",
"version": "7.1(1)N1(1)"
},
{
"status": "affected",
"version": "8.4(1)"
},
{
"status": "affected",
"version": "8.1(1b)"
},
{
"status": "affected",
"version": "7.3(0)N1(1b)"
},
{
"status": "affected",
"version": "7.2(2)D1(4)"
},
{
"status": "affected",
"version": "6.0(2)A8(5)"
},
{
"status": "affected",
"version": "7.3(0)DX(1)"
},
{
"status": "affected",
"version": "7.1(4)N1(1d)"
},
{
"status": "affected",
"version": "7.3(2)D1(1)"
},
{
"status": "affected",
"version": "7.3(2)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(8)"
},
{
"status": "affected",
"version": "7.1(1)N1(1a)"
},
{
"status": "affected",
"version": "7.0(3)IM3(3)"
},
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(2)"
},
{
"status": "affected",
"version": "6.2(9b)"
},
{
"status": "affected",
"version": "7.1(3)N1(2a)"
},
{
"status": "affected",
"version": "7.3(0)N1(1a)"
},
{
"status": "affected",
"version": "6.0(2)A8(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(6)"
},
{
"status": "affected",
"version": "7.3(2)D1(2)"
},
{
"status": "affected",
"version": "6.2(25)"
},
{
"status": "affected",
"version": "6.0(2)U6(3a)"
},
{
"status": "affected",
"version": "8.0(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(11a)"
},
{
"status": "affected",
"version": "6.2(11e)"
},
{
"status": "affected",
"version": "7.1(3)N1(5)"
},
{
"status": "affected",
"version": "7.0(3)I4(8z)"
},
{
"status": "affected",
"version": "6.2(11)"
},
{
"status": "affected",
"version": "7.0(3)I4(9)"
},
{
"status": "affected",
"version": "6.2(16)"
},
{
"status": "affected",
"version": "6.2(19)"
},
{
"status": "affected",
"version": "8.2(4)"
},
{
"status": "affected",
"version": "6.2(2a)"
},
{
"status": "affected",
"version": "7.2(2)D1(3)"
},
{
"status": "affected",
"version": "7.1(0)N1(1b)"
},
{
"status": "affected",
"version": "7.0(3)I7(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(7)"
},
{
"status": "affected",
"version": "6.2(5b)"
},
{
"status": "affected",
"version": "7.3(0)DY(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(9)"
},
{
"status": "affected",
"version": "6.0(2)A8(1)"
},
{
"status": "affected",
"version": "7.1(5)N1(1)"
},
{
"status": "affected",
"version": "7.2(1)D1(1)"
},
{
"status": "affected",
"version": "6.2(15)"
},
{
"status": "affected",
"version": "6.0(2)A6(6)"
},
{
"status": "affected",
"version": "6.0(2)A8(10a)"
},
{
"status": "affected",
"version": "7.0(3)I5(1)"
},
{
"status": "affected",
"version": "9.3(1z)"
},
{
"status": "affected",
"version": "9.2(2)"
},
{
"status": "affected",
"version": "6.2(7)"
},
{
"status": "affected",
"version": "6.2(9c)"
},
{
"status": "affected",
"version": "7.0(3)F3(4)"
},
{
"status": "affected",
"version": "7.3(3)N1(1)"
},
{
"status": "affected",
"version": "6.2(6b)"
},
{
"status": "affected",
"version": "7.0(3)I4(8b)"
},
{
"status": "affected",
"version": "8.1(2a)"
},
{
"status": "affected",
"version": "7.3(2)D1(3)"
},
{
"status": "affected",
"version": "6.2(8)"
},
{
"status": "affected",
"version": "6.0(2)A8(3)"
},
{
"status": "affected",
"version": "6.2(11b)"
},
{
"status": "affected",
"version": "7.0(3)I4(6t)"
},
{
"status": "affected",
"version": "7.0(3)I5(3a)"
},
{
"status": "affected",
"version": "8.1(1a)"
},
{
"status": "affected",
"version": "6.2(13a)"
},
{
"status": "affected",
"version": "6.0(2)A8(8)"
},
{
"status": "affected",
"version": "7.0(3)I7(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(3a)"
},
{
"status": "affected",
"version": "7.1(0)N1(1a)"
},
{
"status": "affected",
"version": "6.0(2)A8(4)"
},
{
"status": "affected",
"version": "6.0(2)A6(3a)"
},
{
"status": "affected",
"version": "6.0(2)A6(5a)"
},
{
"status": "affected",
"version": "7.0(3)F2(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8a)"
},
{
"status": "affected",
"version": "6.0(2)U6(9)"
},
{
"status": "affected",
"version": "7.0(3)F3(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(2a)"
},
{
"status": "affected",
"version": "6.2(12)"
},
{
"status": "affected",
"version": "6.2(17)"
},
{
"status": "affected",
"version": "7.0(3)I4(4)"
},
{
"status": "affected",
"version": "6.2(23)"
},
{
"status": "affected",
"version": "6.2(13b)"
},
{
"status": "affected",
"version": "6.0(2)U6(3)"
},
{
"status": "affected",
"version": "6.2(10)"
},
{
"status": "affected",
"version": "6.2(6a)"
},
{
"status": "affected",
"version": "6.2(6)"
},
{
"status": "affected",
"version": "7.1(2)N1(1a)"
},
{
"status": "affected",
"version": "6.2(14)"
},
{
"status": "affected",
"version": "7.0(3)I7(1)"
},
{
"status": "affected",
"version": "6.2(14b)"
},
{
"status": "affected",
"version": "6.2(21)"
},
{
"status": "affected",
"version": "7.2(2)D1(1)"
},
{
"status": "affected",
"version": "7.0(3)F2(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7b)"
},
{
"status": "affected",
"version": "6.2(8a)"
},
{
"status": "affected",
"version": "6.2(11c)"
},
{
"status": "affected",
"version": "7.0(3)F1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(1a)"
},
{
"status": "affected",
"version": "7.1(0)N1(1)"
},
{
"status": "affected",
"version": "7.2(0)D1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(2)"
},
{
"status": "affected",
"version": "7.1(4)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(4a)"
},
{
"status": "affected",
"version": "6.2(20a)"
},
{
"status": "affected",
"version": "6.0(2)U6(4)"
},
{
"status": "affected",
"version": "8.4(1a)"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "7.3(2)D1(1d)"
},
{
"status": "affected",
"version": "7.3(7)N1(1)"
},
{
"status": "affected",
"version": "6.2(24)"
},
{
"status": "affected",
"version": "6.2(31)"
},
{
"status": "affected",
"version": "7.0(3)I7(8)"
},
{
"status": "affected",
"version": "6.0(2)U6(10a)"
},
{
"status": "affected",
"version": "7.3(7)N1(1a)"
},
{
"status": "affected",
"version": "9.3(4)"
},
{
"status": "affected",
"version": "7.3(6)D1(1)"
},
{
"status": "affected",
"version": "6.2(26)"
},
{
"status": "affected",
"version": "8.2(6)"
},
{
"status": "affected",
"version": "6.2(33)"
},
{
"status": "affected",
"version": "9.3(5)"
},
{
"status": "affected",
"version": "8.4(2a)"
},
{
"status": "affected",
"version": "8.4(2b)"
},
{
"status": "affected",
"version": "7.3(8)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I7(9)"
},
{
"status": "affected",
"version": "7.3(7)N1(1b)"
},
{
"status": "affected",
"version": "6.2(24a)"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "9.3(6)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "8.4(4)"
},
{
"status": "affected",
"version": "7.3(7)D1(1)"
},
{
"status": "affected",
"version": "8.4(2c)"
},
{
"status": "affected",
"version": "9.3(5w)"
},
{
"status": "affected",
"version": "8.2(7)"
},
{
"status": "affected",
"version": "7.3(9)N1(1)"
},
{
"status": "affected",
"version": "9.3(7)"
},
{
"status": "affected",
"version": "9.3(7k)"
},
{
"status": "affected",
"version": "7.0(3)I7(9w)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "7.3(8)N1(1a)"
},
{
"status": "affected",
"version": "7.3(8)D1(1)"
},
{
"status": "affected",
"version": "9.3(7a)"
},
{
"status": "affected",
"version": "8.2(7a)"
},
{
"status": "affected",
"version": "9.3(8)"
},
{
"status": "affected",
"version": "8.4(4a)"
},
{
"status": "affected",
"version": "8.4(2d)"
},
{
"status": "affected",
"version": "7.3(10)N1(1)"
},
{
"status": "affected",
"version": "8.4(5)"
},
{
"status": "affected",
"version": "7.0(3)I7(10)"
},
{
"status": "affected",
"version": "7.3(8)N1(1b)"
},
{
"status": "affected",
"version": "8.2(8)"
},
{
"status": "affected",
"version": "10.2(1q)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "9.3(9)"
},
{
"status": "affected",
"version": "7.3(9)D1(1)"
},
{
"status": "affected",
"version": "7.3(11)N1(1)"
},
{
"status": "affected",
"version": "10.2(3)"
},
{
"status": "affected",
"version": "8.4(6)"
},
{
"status": "affected",
"version": "8.4(2e)"
},
{
"status": "affected",
"version": "9.3(10)"
},
{
"status": "affected",
"version": "7.3(11)N1(1a)"
},
{
"status": "affected",
"version": "10.2(2a)"
},
{
"status": "affected",
"version": "7.3(12)N1(1)"
},
{
"status": "affected",
"version": "9.2(1a)"
},
{
"status": "affected",
"version": "8.2(9)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.2(4)"
},
{
"status": "affected",
"version": "7.3(13)N1(1)"
},
{
"status": "affected",
"version": "8.4(7)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "8.4(6a)"
},
{
"status": "affected",
"version": "9.3(11)"
},
{
"status": "affected",
"version": "10.3(3)"
},
{
"status": "affected",
"version": "10.2(5)"
},
{
"status": "affected",
"version": "9.4(1)"
},
{
"status": "affected",
"version": "9.3(2a)"
},
{
"status": "affected",
"version": "8.4(2f)"
},
{
"status": "affected",
"version": "8.2(10)"
},
{
"status": "affected",
"version": "9.3(12)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "8.4(8)"
},
{
"status": "affected",
"version": "10.3(99w)"
},
{
"status": "affected",
"version": "7.3(14)N1(1)"
},
{
"status": "affected",
"version": "10.2(6)"
},
{
"status": "affected",
"version": "10.3(3w)"
},
{
"status": "affected",
"version": "10.3(99x)"
},
{
"status": "affected",
"version": "10.3(3o)"
},
{
"status": "affected",
"version": "8.4(9)"
},
{
"status": "affected",
"version": "10.3(4)"
},
{
"status": "affected",
"version": "10.3(3p)"
},
{
"status": "affected",
"version": "10.3(4a)"
},
{
"status": "affected",
"version": "9.4(1a)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "10.3(3q)"
},
{
"status": "affected",
"version": "9.3(13)"
},
{
"status": "affected",
"version": "8.2(11)"
},
{
"status": "affected",
"version": "9.4(2)"
},
{
"status": "affected",
"version": "10.3(5)"
},
{
"status": "affected",
"version": "10.2(7)"
},
{
"status": "affected",
"version": "10.3(3x)"
},
{
"status": "affected",
"version": "10.3(4g)"
},
{
"status": "affected",
"version": "10.2(8)"
},
{
"status": "affected",
"version": "10.3(3r)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root.\r\nNote: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. The following Cisco devices already allow administrative users to access the underlying operating system through the bash-shell feature, so, for these devices, this vulnerability does not grant any additional privileges:\r\n\r\nNexus 3000 Series Switches\r\nNexus 7000 Series Switches that are running Cisco NX-OS Software releases 8.1(1) and later\r\nNexus 9000 Series Switches in standalone NX-OS mode"
}
],
"exploits": [
{
"lang": "en",
"value": "In May 2024, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of this vulnerability in the wild."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T18:07:44.853Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nxos-cmd-injection-xD9OhyOP",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP"
}
],
"source": {
"advisory": "cisco-sa-nxos-cmd-injection-xD9OhyOP",
"defects": [
"CSCwj94682"
],
"discovery": "EXTERNAL"
},
"title": "Cisco NX-OS Software CLI Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20399",
"datePublished": "2024-07-01T16:11:44.028Z",
"dateReserved": "2023-11-08T15:08:07.660Z",
"dateUpdated": "2025-10-21T18:43:58.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0090 (GCVE-0-2018-0090)
Vulnerability from – Published: 2018-01-18 06:00 – Updated: 2024-12-02 21:45
VLAI?
Summary
A vulnerability in management interface access control list (ACL) configuration of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to bypass configured ACLs on the management interface. This could allow traffic to be forwarded to the NX-OS CPU for processing, leading to high CPU utilization and a denial of service (DoS) condition. The vulnerability is due to a bad code fix in the 7.3.2 code train that could allow traffic to the management interface to be misclassified and not match the proper configured ACLs. An attacker could exploit this vulnerability by sending crafted traffic to the management interface. An exploit could allow the attacker to bypass the configured management interface ACLs and impact the CPU of the targeted device, resulting in a DoS condition. This vulnerability affects the following Cisco products running Cisco NX-OS System Software: Multilayer Director Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCvf31132.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco NX-OS |
Affected:
Cisco NX-OS
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:14:16.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102753",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102753"
},
{
"name": "1040247",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040247"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nxos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0090",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T19:11:50.929364Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T21:45:38.883Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco NX-OS"
}
]
}
],
"datePublic": "2018-01-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in management interface access control list (ACL) configuration of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to bypass configured ACLs on the management interface. This could allow traffic to be forwarded to the NX-OS CPU for processing, leading to high CPU utilization and a denial of service (DoS) condition. The vulnerability is due to a bad code fix in the 7.3.2 code train that could allow traffic to the management interface to be misclassified and not match the proper configured ACLs. An attacker could exploit this vulnerability by sending crafted traffic to the management interface. An exploit could allow the attacker to bypass the configured management interface ACLs and impact the CPU of the targeted device, resulting in a DoS condition. This vulnerability affects the following Cisco products running Cisco NX-OS System Software: Multilayer Director Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCvf31132."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-23T10:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "102753",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102753"
},
{
"name": "1040247",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040247"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nxos"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0090",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS",
"version": {
"version_data": [
{
"version_value": "Cisco NX-OS"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in management interface access control list (ACL) configuration of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to bypass configured ACLs on the management interface. This could allow traffic to be forwarded to the NX-OS CPU for processing, leading to high CPU utilization and a denial of service (DoS) condition. The vulnerability is due to a bad code fix in the 7.3.2 code train that could allow traffic to the management interface to be misclassified and not match the proper configured ACLs. An attacker could exploit this vulnerability by sending crafted traffic to the management interface. An exploit could allow the attacker to bypass the configured management interface ACLs and impact the CPU of the targeted device, resulting in a DoS condition. This vulnerability affects the following Cisco products running Cisco NX-OS System Software: Multilayer Director Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCvf31132."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102753",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102753"
},
{
"name": "1040247",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040247"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nxos",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nxos"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0090",
"datePublished": "2018-01-18T06:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-12-02T21:45:38.883Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0092 (GCVE-0-2018-0092)
Vulnerability from – Published: 2018-01-18 06:00 – Updated: 2024-12-02 21:45
VLAI?
Summary
A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software could allow an authenticated, local attacker to improperly delete valid user accounts. The network-operator role should not be able to delete other configured users on the device. The vulnerability is due to a lack of proper role-based access control (RBAC) checks for the actions that a user with the network-operator role is allowed to perform. An attacker could exploit this vulnerability by authenticating to the device with user credentials that give that user the network-operator role. Successful exploitation could allow the attacker to impact the integrity of the device by deleting configured user credentials. The attacker would need valid user credentials for the device. This vulnerability affects the following Cisco products running Cisco NX-OS System Software: Nexus 3000 Series Switches, Nexus 3600 Platform Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvg21120.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco NX-OS |
Affected:
Cisco NX-OS
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:14:16.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040248",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040248"
},
{
"name": "102750",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102750"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nxos1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T18:55:45.277155Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T21:45:07.679Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco NX-OS"
}
]
}
],
"datePublic": "2018-01-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software could allow an authenticated, local attacker to improperly delete valid user accounts. The network-operator role should not be able to delete other configured users on the device. The vulnerability is due to a lack of proper role-based access control (RBAC) checks for the actions that a user with the network-operator role is allowed to perform. An attacker could exploit this vulnerability by authenticating to the device with user credentials that give that user the network-operator role. Successful exploitation could allow the attacker to impact the integrity of the device by deleting configured user credentials. The attacker would need valid user credentials for the device. This vulnerability affects the following Cisco products running Cisco NX-OS System Software: Nexus 3000 Series Switches, Nexus 3600 Platform Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvg21120."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-23T10:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1040248",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040248"
},
{
"name": "102750",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102750"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nxos1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS",
"version": {
"version_data": [
{
"version_value": "Cisco NX-OS"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software could allow an authenticated, local attacker to improperly delete valid user accounts. The network-operator role should not be able to delete other configured users on the device. The vulnerability is due to a lack of proper role-based access control (RBAC) checks for the actions that a user with the network-operator role is allowed to perform. An attacker could exploit this vulnerability by authenticating to the device with user credentials that give that user the network-operator role. Successful exploitation could allow the attacker to impact the integrity of the device by deleting configured user credentials. The attacker would need valid user credentials for the device. This vulnerability affects the following Cisco products running Cisco NX-OS System Software: Nexus 3000 Series Switches, Nexus 3600 Platform Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvg21120."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040248",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040248"
},
{
"name": "102750",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102750"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nxos1",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nxos1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0092",
"datePublished": "2018-01-18T06:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-12-02T21:45:07.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0102 (GCVE-0-2018-0102)
Vulnerability from – Published: 2018-01-18 06:00 – Updated: 2024-12-02 21:43
VLAI?
Summary
A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software attempts to free the same area of memory twice. An attacker could exploit this vulnerability by sending a pong request to an affected device from a location on the network that causes the pong reply packet to egress both a FabricPath port and a non-FabricPath port. An exploit could allow the attacker to cause a dual or quad supervisor virtual port-channel (vPC) to reload. This vulnerability affects the following products when running Cisco NX-OS Software Release 7.2(1)D(1), 7.2(2)D1(1), or 7.2(2)D1(2) with both the Pong and FabricPath features enabled and the FabricPath port is actively monitored via a SPAN session: Cisco Nexus 7000 Series Switches and Cisco Nexus 7700 Series Switches. Cisco Bug IDs: CSCuv98660.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco NX-OS |
Affected:
Cisco NX-OS
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:14:16.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040219",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040219"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nx-os"
},
{
"name": "102728",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102728"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0102",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T18:55:36.817494Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T21:43:20.440Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco NX-OS"
}
]
}
],
"datePublic": "2018-01-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software attempts to free the same area of memory twice. An attacker could exploit this vulnerability by sending a pong request to an affected device from a location on the network that causes the pong reply packet to egress both a FabricPath port and a non-FabricPath port. An exploit could allow the attacker to cause a dual or quad supervisor virtual port-channel (vPC) to reload. This vulnerability affects the following products when running Cisco NX-OS Software Release 7.2(1)D(1), 7.2(2)D1(1), or 7.2(2)D1(2) with both the Pong and FabricPath features enabled and the FabricPath port is actively monitored via a SPAN session: Cisco Nexus 7000 Series Switches and Cisco Nexus 7700 Series Switches. Cisco Bug IDs: CSCuv98660."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-19T10:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1040219",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040219"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nx-os"
},
{
"name": "102728",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102728"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0102",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS",
"version": {
"version_data": [
{
"version_value": "Cisco NX-OS"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software attempts to free the same area of memory twice. An attacker could exploit this vulnerability by sending a pong request to an affected device from a location on the network that causes the pong reply packet to egress both a FabricPath port and a non-FabricPath port. An exploit could allow the attacker to cause a dual or quad supervisor virtual port-channel (vPC) to reload. This vulnerability affects the following products when running Cisco NX-OS Software Release 7.2(1)D(1), 7.2(2)D1(1), or 7.2(2)D1(2) with both the Pong and FabricPath features enabled and the FabricPath port is actively monitored via a SPAN session: Cisco Nexus 7000 Series Switches and Cisco Nexus 7700 Series Switches. Cisco Bug IDs: CSCuv98660."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040219",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040219"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nx-os",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nx-os"
},
{
"name": "102728",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102728"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0102",
"datePublished": "2018-01-18T06:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-12-02T21:43:20.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0291 (GCVE-0-2018-0291)
Vulnerability from – Published: 2018-06-20 21:00 – Updated: 2024-11-29 15:02
VLAI?
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco NX-OS unknown |
Affected:
Cisco NX-OS unknown
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:14.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0291",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:37:39.607604Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:02:46.880Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0291",
"datePublished": "2018-06-20T21:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:02:46.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0292 (GCVE-0-2018-0292)
Vulnerability from – Published: 2018-06-20 21:00 – Updated: 2024-11-29 15:02
VLAI?
Summary
A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the IGMP Snooping subsystem. An attacker could exploit this vulnerability by sending crafted IGMP packets to an affected system. An exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCuv79620, CSCvg71263.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco NX-OS unknown |
Affected:
Cisco NX-OS unknown
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.430Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosigmp"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0292",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:42:22.336104Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:02:37.165Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the IGMP Snooping subsystem. An attacker could exploit this vulnerability by sending crafted IGMP packets to an affected system. An exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCuv79620, CSCvg71263."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosigmp"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0292",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the IGMP Snooping subsystem. An attacker could exploit this vulnerability by sending crafted IGMP packets to an affected system. An exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCuv79620, CSCvg71263."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosigmp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosigmp"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0292",
"datePublished": "2018-06-20T21:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:02:37.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0293 (GCVE-0-2018-0293)
Vulnerability from – Published: 2018-06-20 21:00 – Updated: 2024-11-29 15:02
VLAI?
Summary
A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device. The vulnerability is due to incorrect RBAC privilege assignment for certain CLI commands. An attacker could exploit this vulnerability by authenticating to a device as a nonadministrative user and executing specific commands from the CLI. An exploit could allow the attacker to run commands that should be restricted to administrative users. These commands could modify the configuration or boot image on the device. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd77904.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco NX-OS unknown |
Affected:
Cisco NX-OS unknown
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104520",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104520"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0293",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:42:16.060197Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:02:28.459Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device. The vulnerability is due to incorrect RBAC privilege assignment for certain CLI commands. An attacker could exploit this vulnerability by authenticating to a device as a nonadministrative user and executing specific commands from the CLI. An exploit could allow the attacker to run commands that should be restricted to administrative users. These commands could modify the configuration or boot image on the device. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd77904."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "104520",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104520"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0293",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device. The vulnerability is due to incorrect RBAC privilege assignment for certain CLI commands. An attacker could exploit this vulnerability by authenticating to a device as a nonadministrative user and executing specific commands from the CLI. An exploit could allow the attacker to run commands that should be restricted to administrative users. These commands could modify the configuration or boot image on the device. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd77904."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104520",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104520"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0293",
"datePublished": "2018-06-20T21:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:02:28.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0294 (GCVE-0-2018-0294)
Vulnerability from – Published: 2018-06-20 21:00 – Updated: 2024-11-29 15:02
VLAI?
Summary
A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco FXOS and NX-OS unknown |
Affected:
Cisco FXOS and NX-OS unknown
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0294",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:42:14.413008Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:02:18.535Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco FXOS and NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco FXOS and NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0294",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco FXOS and NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco FXOS and NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0294",
"datePublished": "2018-06-20T21:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:02:18.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
displaying 1 - 10 organizations in total 276