All the vulnerabilites related to cisco - nexus_9372px
cve-2019-1592
Vulnerability from cvelistv5
Published
2019-05-03 14:50
Modified
2024-11-20 17:24
Severity ?
EPSS score ?
Summary
A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. The vulnerability is due to insufficient validation of user-supplied files on an affected device. An attacker could exploit this vulnerability by logging in to the CLI of the affected device and creating a crafted file in a specific directory on the filesystem. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-hw-clock-util | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode 11.0.1b |
Version: unspecified < 14.1(1i) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.310Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-hw-clock-util"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1592",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:55:20.629823Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:24:12.273Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode 11.0.1b",
"vendor": "Cisco",
"versions": [
{
"lessThan": "14.1(1i)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. The vulnerability is due to insufficient validation of user-supplied files on an affected device. An attacker could exploit this vulnerability by logging in to the CLI of the affected device and creating a crafted file in a specific directory on the filesystem. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-03T14:50:17",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-hw-clock-util"
}
],
"source": {
"advisory": "cisco-sa-20190501-aci-hw-clock-util",
"defect": [
[
"CSCvm64104"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-01T16:00:00-0700",
"ID": "CVE-2019-1592",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode 11.0.1b",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "14.1(1i)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. The vulnerability is due to insufficient validation of user-supplied files on an affected device. An attacker could exploit this vulnerability by logging in to the CLI of the affected device and creating a crafted file in a specific directory on the filesystem. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.8",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-hw-clock-util"
}
]
},
"source": {
"advisory": "cisco-sa-20190501-aci-hw-clock-util",
"defect": [
[
"CSCvm64104"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1592",
"datePublished": "2019-05-03T14:50:17.826817Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:24:12.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1228
Vulnerability from cvelistv5
Published
2021-02-24 19:30
Modified
2024-11-08 23:39
Severity ?
EPSS score ?
Summary
A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. This vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a crafted LLDP packet on the adjacent subnet to an affected device. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-unauth-access-5PWzDx2w | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS System Software in ACI Mode 11.0(1b) |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-unauth-access-5PWzDx2w"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1228",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:48:47.081781Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:39:43.643Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS System Software in ACI Mode 11.0(1b)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. This vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a crafted LLDP packet on the adjacent subnet to an affected device. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-24T19:30:26",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-unauth-access-5PWzDx2w"
}
],
"source": {
"advisory": "cisco-sa-n9kaci-unauth-access-5PWzDx2w",
"defect": [
[
"CSCvu84576"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-02-24T16:00:00",
"ID": "CVE-2021-1228",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS System Software in ACI Mode 11.0(1b)",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. This vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a crafted LLDP packet on the adjacent subnet to an affected device. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.4",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-unauth-access-5PWzDx2w"
}
]
},
"source": {
"advisory": "cisco-sa-n9kaci-unauth-access-5PWzDx2w",
"defect": [
[
"CSCvu84576"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1228",
"datePublished": "2021-02-24T19:30:26.525098Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:39:43.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0307
Vulnerability from cvelistv5
Published
2018-06-20 21:00
Modified
2024-11-29 15:01
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker, authenticated as a privileged user, to execute arbitrary commands with root privileges. Note: On products that support multiple virtual device contexts (VDC), this vulnerability could allow an attacker to access files from any VDC. This vulnerability affects Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve51704, CSCve91749, CSCve91768.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-injection | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco NX-OS unknown |
Version: Cisco NX-OS unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-injection"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0307",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:42:13.172512Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:01:26.265Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker, authenticated as a privileged user, to execute arbitrary commands with root privileges. Note: On products that support multiple virtual device contexts (VDC), this vulnerability could allow an attacker to access files from any VDC. This vulnerability affects Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve51704, CSCve91749, CSCve91768."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-injection"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0307",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker, authenticated as a privileged user, to execute arbitrary commands with root privileges. Note: On products that support multiple virtual device contexts (VDC), this vulnerability could allow an attacker to access files from any VDC. This vulnerability affects Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve51704, CSCve91749, CSCve91768."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-injection",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-injection"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0307",
"datePublished": "2018-06-20T21:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:01:26.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-1302
Vulnerability from cvelistv5
Published
2016-02-07 11:00
Modified
2024-08-05 22:48
Severity ?
EPSS score ?
Summary
Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1034925 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:13.687Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160203 Cisco Application Policy Infrastructure Controller Access Control Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic"
},
{
"name": "1034925",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034925"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20160203 Cisco Application Policy Infrastructure Controller Access Control Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic"
},
{
"name": "1034925",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034925"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1302",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160203 Cisco Application Policy Infrastructure Controller Access Control Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic"
},
{
"name": "1034925",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034925"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-1302",
"datePublished": "2016-02-07T11:00:00",
"dateReserved": "2016-01-04T00:00:00",
"dateUpdated": "2024-08-05T22:48:13.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0372
Vulnerability from cvelistv5
Published
2018-07-18 23:00
Modified
2024-11-29 14:51
Severity ?
EPSS score ?
Summary
A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause the device to run low on system memory, which could result in a Denial of Service (DoS) condition on an affected system. The vulnerability is due to improper memory management when DHCPv6 packets are received on an interface of the targeted device. An attacker could exploit this vulnerability by sending a high number of malicious DHCPv6 packets to be processed by an affected device. A successful exploit could allow the attacker to cause the system to run low on memory, which could cause an eventual reboot of an affected device. The vulnerability only applies to IPv6 protocol packets and not for IPv4 protocol packets. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI Mode running software version 13.0(1k). The vulnerability can only be exploited when unicast routing is enabled on the Bridge Domain (BD). DHCP and DHCP relay do not have to be configured for the vulnerability to be exploited. Cisco Bug IDs: CSCvg38918.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041348 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco Nexus 9000 Series unknown |
Version: Cisco Nexus 9000 Series unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.434Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos"
},
{
"name": "1041348",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041348"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0372",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:43:28.172693Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T14:51:47.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Nexus 9000 Series unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Nexus 9000 Series unknown"
}
]
}
],
"datePublic": "2018-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause the device to run low on system memory, which could result in a Denial of Service (DoS) condition on an affected system. The vulnerability is due to improper memory management when DHCPv6 packets are received on an interface of the targeted device. An attacker could exploit this vulnerability by sending a high number of malicious DHCPv6 packets to be processed by an affected device. A successful exploit could allow the attacker to cause the system to run low on memory, which could cause an eventual reboot of an affected device. The vulnerability only applies to IPv6 protocol packets and not for IPv4 protocol packets. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI Mode running software version 13.0(1k). The vulnerability can only be exploited when unicast routing is enabled on the Bridge Domain (BD). DHCP and DHCP relay do not have to be configured for the vulnerability to be exploited. Cisco Bug IDs: CSCvg38918."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-27T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos"
},
{
"name": "1041348",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041348"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Nexus 9000 Series unknown",
"version": {
"version_data": [
{
"version_value": "Cisco Nexus 9000 Series unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause the device to run low on system memory, which could result in a Denial of Service (DoS) condition on an affected system. The vulnerability is due to improper memory management when DHCPv6 packets are received on an interface of the targeted device. An attacker could exploit this vulnerability by sending a high number of malicious DHCPv6 packets to be processed by an affected device. A successful exploit could allow the attacker to cause the system to run low on memory, which could cause an eventual reboot of an affected device. The vulnerability only applies to IPv6 protocol packets and not for IPv4 protocol packets. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI Mode running software version 13.0(1k). The vulnerability can only be exploited when unicast routing is enabled on the Bridge Domain (BD). DHCP and DHCP relay do not have to be configured for the vulnerability to be exploited. Cisco Bug IDs: CSCvg38918."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos"
},
{
"name": "1041348",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041348"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0372",
"datePublished": "2018-07-18T23:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T14:51:47.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-6392
Vulnerability from cvelistv5
Published
2016-10-06 01:00
Modified
2024-08-06 07:22
Severity ?
EPSS score ?
Summary
Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) smart relay agent, aka Bug IDs CSCuq24603, CSCur93159, CSCus21693, and CSCut76171.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/93406 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1036948 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:22:21.064Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93406",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93406"
},
{
"name": "20161005 Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1"
},
{
"name": "1036948",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036948"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) smart relay agent, aka Bug IDs CSCuq24603, CSCur93159, CSCus21693, and CSCut76171."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "93406",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93406"
},
{
"name": "20161005 Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1"
},
{
"name": "1036948",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036948"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6392",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) smart relay agent, aka Bug IDs CSCuq24603, CSCur93159, CSCus21693, and CSCut76171."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93406",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93406"
},
{
"name": "20161005 Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1"
},
{
"name": "1036948",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036948"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-6392",
"datePublished": "2016-10-06T01:00:00",
"dateReserved": "2015-08-17T00:00:00",
"dateUpdated": "2024-08-06T07:22:21.064Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20399
Vulnerability from cvelistv5
Published
2024-07-01 16:11
Modified
2024-09-17 18:07
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device.
This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root.
Note: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. The following Cisco devices already allow administrative users to access the underlying operating system through the bash-shell feature, so, for these devices, this vulnerability does not grant any additional privileges:
Nexus 3000 Series Switches
Nexus 7000 Series Switches that are running Cisco NX-OS Software releases 8.1(1) and later
Nexus 9000 Series Switches in standalone NX-OS mode
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: 8.2(5) Version: 7.3(6)N1(1a) Version: 7.3(5)D1(1) Version: 8.4(2) Version: 7.3(6)N1(1) Version: 6.2(2) Version: 8.4(3) Version: 9.2(3) Version: 7.0(3)I5(2) Version: 8.2(1) Version: 6.0(2)A8(7a) Version: 7.0(3)I4(5) Version: 6.0(2)A6(1) Version: 7.3(1)D1(1) Version: 6.2(14a) Version: 7.0(3)I4(6) Version: 7.3(4)N1(1) Version: 7.0(3)I4(3) Version: 9.2(2v) Version: 6.0(2)A6(5b) Version: 7.3(0)D1(1) Version: 6.2(17a) Version: 7.0(3)I4(7) Version: 6.0(2)U6(1a) Version: 7.1(5)N1(1b) Version: 7.0(3)I4(1) Version: 7.0(3)I4(8) Version: 7.0(3)I4(2) Version: 7.1(4)N1(1c) Version: 7.0(3)IM3(1) Version: 6.0(2)U6(5a) Version: 6.0(2)A8(11) Version: 6.0(2)A6(4a) Version: 6.2(9) Version: 6.2(5) Version: 7.3(4)D1(1) Version: 6.2(20) Version: 9.2(1) Version: 9.2(2t) Version: 9.2(3y) Version: 7.0(3)I4(1t) Version: 6.0(2)U6(5c) Version: 6.0(2)A6(4) Version: 7.0(3)I7(6z) Version: 9.3(2) Version: 7.3(1)DY(1) Version: 7.0(3)F3(3) Version: 6.0(2)U6(6) Version: 6.2(29) Version: 7.0(3)I7(3z) Version: 7.0(3)IM7(2) Version: 6.0(2)A8(11b) Version: 6.2(9a) Version: 7.3(0)N1(1) Version: 7.0(3)I7(5a) Version: 6.2(11d) Version: 8.1(1) Version: 7.0(3)I6(1) Version: 6.0(2)U6(10) Version: 7.2(2)D1(2) Version: 7.0(3)IM3(2) Version: 6.0(2)A6(8) Version: 8.2(2) Version: 6.0(2)U6(1) Version: 7.3(2)N1(1c) Version: 7.0(3)I5(3b) Version: 8.3(2) Version: 7.3(5)N1(1) Version: 6.0(2)A6(2a) Version: 7.3(2)N1(1b) Version: 6.2(27) Version: 7.3(2)D1(3a) Version: 7.3(1)N1(1) Version: 6.0(2)U6(7) Version: 9.2(4) Version: 7.1(4)N1(1a) Version: 7.1(3)N1(4) Version: 7.0(3)IM3(2a) Version: 6.2(8b) Version: 6.0(2)A8(10) Version: 7.1(3)N1(2) Version: 6.2(13) Version: 6.0(2)A8(2) Version: 7.0(3)IC4(4) Version: 6.2(1) Version: 7.3(4)N1(1a) Version: 8.1(2) Version: 6.0(2)A6(3) Version: 6.0(2)U6(5b) Version: 7.0(3)F3(3c) Version: 7.3(3)D1(1) Version: 7.0(3)F3(1) Version: 6.0(2)U6(5) Version: 7.0(3)F3(5) Version: 7.1(2)N1(1) Version: 7.1(3)N1(3) Version: 8.2(3) Version: 6.0(2)A6(7) Version: 7.0(3)I7(2) Version: 6.2(5a) Version: 6.2(18) Version: 6.0(2)A6(5) Version: 7.0(3)IM3(2b) Version: 7.1(3)N1(1) Version: 6.0(2)U6(4a) Version: 7.0(3)I5(3) Version: 7.0(3)I7(3) Version: 6.0(2)A8(6) Version: 7.0(3)I6(2) Version: 8.3(1) Version: 6.2(3) Version: 6.2(22) Version: 7.1(1)N1(1) Version: 8.4(1) Version: 8.1(1b) Version: 7.3(0)N1(1b) Version: 7.2(2)D1(4) Version: 6.0(2)A8(5) Version: 7.3(0)DX(1) Version: 7.1(4)N1(1d) Version: 7.3(2)D1(1) Version: 7.3(2)N1(1) Version: 6.0(2)U6(8) Version: 7.1(1)N1(1a) Version: 7.0(3)IM3(3) Version: 9.3(1) Version: 6.0(2)U6(2) Version: 6.2(9b) Version: 7.1(3)N1(2a) Version: 7.3(0)N1(1a) Version: 6.0(2)A8(7) Version: 7.0(3)I7(6) Version: 7.3(2)D1(2) Version: 6.2(25) Version: 6.0(2)U6(3a) Version: 8.0(1) Version: 6.0(2)A8(11a) Version: 6.2(11e) Version: 7.1(3)N1(5) Version: 7.0(3)I4(8z) Version: 6.2(11) Version: 7.0(3)I4(9) Version: 6.2(16) Version: 6.2(19) Version: 8.2(4) Version: 6.2(2a) Version: 7.2(2)D1(3) Version: 7.1(0)N1(1b) Version: 7.0(3)I7(4) Version: 7.0(3)I7(7) Version: 6.2(5b) Version: 7.3(0)DY(1) Version: 6.0(2)A8(9) Version: 6.0(2)A8(1) Version: 7.1(5)N1(1) Version: 7.2(1)D1(1) Version: 6.2(15) Version: 6.0(2)A6(6) Version: 6.0(2)A8(10a) Version: 7.0(3)I5(1) Version: 9.3(1z) Version: 9.2(2) Version: 6.2(7) Version: 6.2(9c) Version: 7.0(3)F3(4) Version: 7.3(3)N1(1) Version: 6.2(6b) Version: 7.0(3)I4(8b) Version: 8.1(2a) Version: 7.3(2)D1(3) Version: 6.2(8) Version: 6.0(2)A8(3) Version: 6.2(11b) Version: 7.0(3)I4(6t) Version: 7.0(3)I5(3a) Version: 8.1(1a) Version: 6.2(13a) Version: 6.0(2)A8(8) Version: 7.0(3)I7(5) Version: 7.0(3)F3(3a) Version: 7.1(0)N1(1a) Version: 6.0(2)A8(4) Version: 6.0(2)A6(3a) Version: 6.0(2)A6(5a) Version: 7.0(3)F2(1) Version: 7.0(3)I4(8a) Version: 6.0(2)U6(9) Version: 7.0(3)F3(2) Version: 6.0(2)U6(2a) Version: 6.2(12) Version: 6.2(17) Version: 7.0(3)I4(4) Version: 6.2(23) Version: 6.2(13b) Version: 6.0(2)U6(3) Version: 6.2(10) Version: 6.2(6a) Version: 6.2(6) Version: 7.1(2)N1(1a) Version: 6.2(14) Version: 7.0(3)I7(1) Version: 6.2(14b) Version: 6.2(21) Version: 7.2(2)D1(1) Version: 7.0(3)F2(2) Version: 7.0(3)IA7(2) Version: 7.0(3)IA7(1) Version: 6.0(2)A8(7b) Version: 6.2(8a) Version: 6.2(11c) Version: 7.0(3)F1(1) Version: 6.0(2)A6(1a) Version: 7.1(0)N1(1) Version: 7.2(0)D1(1) Version: 6.0(2)A6(2) Version: 7.1(4)N1(1) Version: 6.0(2)A8(4a) Version: 6.2(20a) Version: 6.0(2)U6(4) Version: 8.4(1a) Version: 9.3(3) Version: 7.3(2)D1(1d) Version: 7.3(7)N1(1) Version: 6.2(24) Version: 6.2(31) Version: 7.0(3)I7(8) Version: 6.0(2)U6(10a) Version: 7.3(7)N1(1a) Version: 9.3(4) Version: 7.3(6)D1(1) Version: 6.2(26) Version: 8.2(6) Version: 6.2(33) Version: 9.3(5) Version: 8.4(2a) Version: 8.4(2b) Version: 7.3(8)N1(1) Version: 7.0(3)I7(9) Version: 7.3(7)N1(1b) Version: 6.2(24a) Version: 8.5(1) Version: 9.3(6) Version: 10.1(2) Version: 10.1(1) Version: 8.4(4) Version: 7.3(7)D1(1) Version: 8.4(2c) Version: 9.3(5w) Version: 8.2(7) Version: 7.3(9)N1(1) Version: 9.3(7) Version: 9.3(7k) Version: 7.0(3)I7(9w) Version: 10.2(1) Version: 7.3(8)N1(1a) Version: 7.3(8)D1(1) Version: 9.3(7a) Version: 8.2(7a) Version: 9.3(8) Version: 8.4(4a) Version: 8.4(2d) Version: 7.3(10)N1(1) Version: 8.4(5) Version: 7.0(3)I7(10) Version: 7.3(8)N1(1b) Version: 8.2(8) Version: 10.2(1q) Version: 10.2(2) Version: 9.3(9) Version: 7.3(9)D1(1) Version: 7.3(11)N1(1) Version: 10.2(3) Version: 8.4(6) Version: 8.4(2e) Version: 9.3(10) Version: 7.3(11)N1(1a) Version: 10.2(2a) Version: 7.3(12)N1(1) Version: 9.2(1a) Version: 8.2(9) Version: 10.3(1) Version: 10.2(4) Version: 7.3(13)N1(1) Version: 8.4(7) Version: 10.3(2) Version: 8.4(6a) Version: 9.3(11) Version: 10.3(3) Version: 10.2(5) Version: 9.4(1) Version: 9.3(2a) Version: 8.4(2f) Version: 8.2(10) Version: 9.3(12) Version: 10.4(1) Version: 8.4(8) Version: 10.3(99w) Version: 7.3(14)N1(1) Version: 10.2(6) Version: 10.3(3w) Version: 10.3(99x) Version: 10.3(3o) Version: 8.4(9) Version: 10.3(4) Version: 10.3(3p) Version: 10.3(4a) Version: 9.4(1a) Version: 10.4(2) Version: 10.3(3q) Version: 9.3(13) Version: 8.2(11) Version: 9.4(2) Version: 10.3(5) Version: 10.2(7) Version: 10.3(3x) Version: 10.3(4g) Version: 10.2(8) Version: 10.3(3r) |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(1a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(5a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(5b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(7a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(7b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(10a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(11\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(11a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(11b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(1a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(5a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(5b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(5c\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(18\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(16\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(14\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(6a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(20\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(5b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(9a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(9b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(11\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(13a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(13b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(17\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(20a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(22\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(27\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(29\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(24\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(24a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.2\\(33\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(3c\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(8a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(8b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(8z\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I5\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I5\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I6\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I6\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(5a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(0\\)N1\\(1a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(0\\)N1\\(1b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(0\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(1\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(2\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(3\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(3\\)N1\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(4\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(5\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.1\\(5\\)N1\\(1b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.2\\(0\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.2\\(1\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.2\\(2\\)D1\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.2\\(2\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(0\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(0\\)DX\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(0\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(1\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(1\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(2\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(2\\)D1\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(2\\)D1\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(2\\)D1\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(2\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(3\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.1\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.1\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.1\\(1b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(7a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.2\\(11\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.3\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(2t\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(2v\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(4\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(3\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(4\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(5\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(2b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(2c\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(6a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.4\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(7a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(11\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(12\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(13\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(6\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(5\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(7\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(7\\)N1\\(1a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(7\\)N1\\(1b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(6\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(8\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(7\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(9\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:8.5\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(10\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(8\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(1q\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(3t\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(9\\)D1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(11\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(12\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(99w\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(99x\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(13\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.3\\(14\\)N1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.4\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.4\\(2\\):*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nx-os",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(1a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(2a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(3\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(3a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(4\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(4a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(5a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(5b\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(6\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(7\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A6\\(8\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(3\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(4\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(4a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(5\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(6\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(7\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(7a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(7b\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(8\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(9\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(10a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(10\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(11\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(11a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)A8\\(11b\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(3\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(4\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(5\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(6\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(7\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(8\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(1a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(2a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(3a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(4a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(5a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(5b\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(5c\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(9\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)U6\\(10\\)"
},
{
"status": "affected",
"version": "6.2\\(2\\)"
},
{
"status": "affected",
"version": "6.2\\(2a\\)"
},
{
"status": "affected",
"version": "6.2\\(6\\)"
},
{
"status": "affected",
"version": "6.2\\(6b\\)"
},
{
"status": "affected",
"version": "6.2\\(8\\)"
},
{
"status": "affected",
"version": "6.2\\(8a\\)"
},
{
"status": "affected",
"version": "6.2\\(8b\\)"
},
{
"status": "affected",
"version": "6.2\\(10\\)"
},
{
"status": "affected",
"version": "6.2\\(12\\)"
},
{
"status": "affected",
"version": "6.2\\(18\\)"
},
{
"status": "affected",
"version": "6.2\\(16\\)"
},
{
"status": "affected",
"version": "6.2\\(14\\)"
},
{
"status": "affected",
"version": "6.2\\(6a\\)"
},
{
"status": "affected",
"version": "6.2\\(20\\)"
},
{
"status": "affected",
"version": "6.2\\(1\\)"
},
{
"status": "affected",
"version": "6.2\\(5b\\)"
},
{
"status": "affected",
"version": "6.2\\(9\\)"
},
{
"status": "affected",
"version": "6.2\\(9a\\)"
},
{
"status": "affected",
"version": "6.2\\(9b\\)"
},
{
"status": "affected",
"version": "6.2\\(11\\)"
},
{
"status": "affected",
"version": "6.2\\(13a\\)"
},
{
"status": "affected",
"version": "6.2\\(13b\\)"
},
{
"status": "affected",
"version": "6.2\\(17\\)"
},
{
"status": "affected",
"version": "6.2\\(20a\\)"
},
{
"status": "affected",
"version": "6.2\\(22\\)"
},
{
"status": "affected",
"version": "6.2\\(27\\)"
},
{
"status": "affected",
"version": "6.2\\(29\\)"
},
{
"status": "affected",
"version": "6.2\\(24\\)"
},
{
"status": "affected",
"version": "6.2\\(24a\\)"
},
{
"status": "affected",
"version": "6.2\\(33\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F1\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F2\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F2\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F3\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F3\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F3\\(3a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F3\\(4\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F3\\(3c\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)F3\\(5\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(4\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(5\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(6\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(7\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(8\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(8a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(8b\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(8z\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I4\\(9\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I5\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I5\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I6\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I6\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(4\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(5\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(5a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(6\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(7\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(8\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(9\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)I7\\(10\\)"
},
{
"status": "affected",
"version": "7.1\\(0\\)N1\\(1a\\)"
},
{
"status": "affected",
"version": "7.1\\(0\\)N1\\(1b\\)"
},
{
"status": "affected",
"version": "7.1\\(0\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.1\\(1\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.1\\(2\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.1\\(3\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.1\\(3\\)N1\\(2\\)"
},
{
"status": "affected",
"version": "7.1\\(4\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.1\\(5\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.1\\(5\\)N1\\(1b\\)"
},
{
"status": "affected",
"version": "7.2\\(0\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.2\\(1\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.2\\(2\\)D1\\(2\\)"
},
{
"status": "affected",
"version": "7.2\\(2\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(0\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(0\\)DX\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(0\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(1\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(1\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(2\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(2\\)D1\\(2\\)"
},
{
"status": "affected",
"version": "7.3\\(2\\)D1\\(3\\)"
},
{
"status": "affected",
"version": "7.3\\(2\\)D1\\(3a\\)"
},
{
"status": "affected",
"version": "7.3\\(2\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(3\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "8.0\\(1\\)"
},
{
"status": "affected",
"version": "8.1\\(1\\)"
},
{
"status": "affected",
"version": "8.1\\(2\\)"
},
{
"status": "affected",
"version": "8.1\\(2a\\)"
},
{
"status": "affected",
"version": "8.1\\(1b\\)"
},
{
"status": "affected",
"version": "8.2\\(1\\)"
},
{
"status": "affected",
"version": "8.2\\(2\\)"
},
{
"status": "affected",
"version": "8.2\\(3\\)"
},
{
"status": "affected",
"version": "8.2\\(4\\)"
},
{
"status": "affected",
"version": "8.2\\(5\\)"
},
{
"status": "affected",
"version": "8.2\\(6\\)"
},
{
"status": "affected",
"version": "8.2\\(7\\)"
},
{
"status": "affected",
"version": "8.2\\(7a\\)"
},
{
"status": "affected",
"version": "8.2\\(8\\)"
},
{
"status": "affected",
"version": "8.2\\(9\\)"
},
{
"status": "affected",
"version": "8.2\\(10\\)"
},
{
"status": "affected",
"version": "8.2\\(11\\)"
},
{
"status": "affected",
"version": "8.3\\(1\\)"
},
{
"status": "affected",
"version": "8.3\\(2\\)"
},
{
"status": "affected",
"version": "9.2\\(1\\)"
},
{
"status": "affected",
"version": "9.2\\(2\\)"
},
{
"status": "affected",
"version": "9.2\\(2t\\)"
},
{
"status": "affected",
"version": "9.2\\(3\\)"
},
{
"status": "affected",
"version": "9.2\\(4\\)"
},
{
"status": "affected",
"version": "9.2\\(2v\\)"
},
{
"status": "affected",
"version": "7.3\\(4\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(3\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(4\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(5\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "8.4\\(1\\)"
},
{
"status": "affected",
"version": "8.4\\(2\\)"
},
{
"status": "affected",
"version": "8.4\\(3\\)"
},
{
"status": "affected",
"version": "8.4\\(2b\\)"
},
{
"status": "affected",
"version": "8.4\\(4\\)"
},
{
"status": "affected",
"version": "8.4\\(2c\\)"
},
{
"status": "affected",
"version": "8.4\\(4a\\)"
},
{
"status": "affected",
"version": "8.4\\(5\\)"
},
{
"status": "affected",
"version": "8.4\\(6\\)"
},
{
"status": "affected",
"version": "8.4\\(6a\\)"
},
{
"status": "affected",
"version": "8.4\\(7\\)"
},
{
"status": "affected",
"version": "8.4\\(2f\\)"
},
{
"status": "affected",
"version": "8.4\\(8\\)"
},
{
"status": "affected",
"version": "8.4\\(9\\)"
},
{
"status": "affected",
"version": "9.3\\(1\\)"
},
{
"status": "affected",
"version": "9.3\\(2\\)"
},
{
"status": "affected",
"version": "9.3\\(3\\)"
},
{
"status": "affected",
"version": "9.3\\(4\\)"
},
{
"status": "affected",
"version": "9.3\\(5\\)"
},
{
"status": "affected",
"version": "9.3\\(6\\)"
},
{
"status": "affected",
"version": "9.3\\(7\\)"
},
{
"status": "affected",
"version": "9.3\\(7a\\)"
},
{
"status": "affected",
"version": "9.3\\(8\\)"
},
{
"status": "affected",
"version": "9.3\\(9\\)"
},
{
"status": "affected",
"version": "9.3\\(10\\)"
},
{
"status": "affected",
"version": "9.3\\(11\\)"
},
{
"status": "affected",
"version": "9.3\\(2a\\)"
},
{
"status": "affected",
"version": "9.3\\(12\\)"
},
{
"status": "affected",
"version": "9.3\\(13\\)"
},
{
"status": "affected",
"version": "7.3\\(6\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(5\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(7\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(7\\)N1\\(1a\\)"
},
{
"status": "affected",
"version": "7.3\\(7\\)N1\\(1b\\)"
},
{
"status": "affected",
"version": "7.3\\(6\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(8\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(7\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(9\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "10.1\\(1\\)"
},
{
"status": "affected",
"version": "8.5\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(10\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(8\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "10.2\\(1\\)"
},
{
"status": "affected",
"version": "10.2\\(1q\\)"
},
{
"status": "affected",
"version": "10.2\\(2\\)"
},
{
"status": "affected",
"version": "10.2\\(3\\)"
},
{
"status": "affected",
"version": "10.2\\(3t\\)"
},
{
"status": "affected",
"version": "7.3\\(9\\)D1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(11\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(12\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "10.3\\(1\\)"
},
{
"status": "affected",
"version": "10.3\\(3\\)"
},
{
"status": "affected",
"version": "10.3\\(99w\\)"
},
{
"status": "affected",
"version": "10.3\\(99x\\)"
},
{
"status": "affected",
"version": "10.3\\(4a\\)"
},
{
"status": "affected",
"version": "10.3\\(5\\)"
},
{
"status": "affected",
"version": "7.3\\(13\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "7.3\\(14\\)N1\\(1\\)"
},
{
"status": "affected",
"version": "10.4\\(1\\)"
},
{
"status": "affected",
"version": "10.4\\(2\\)"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20399",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T15:08:04.278010Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-07-02",
"reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T20:40:44.265Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.407Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-nxos-cmd-injection-xD9OhyOP",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sygnia.co/threat-reports-and-advisories/china-nexus-threat-group-velvet-ant-exploits-cisco-0-day/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.2(5)"
},
{
"status": "affected",
"version": "7.3(6)N1(1a)"
},
{
"status": "affected",
"version": "7.3(5)D1(1)"
},
{
"status": "affected",
"version": "8.4(2)"
},
{
"status": "affected",
"version": "7.3(6)N1(1)"
},
{
"status": "affected",
"version": "6.2(2)"
},
{
"status": "affected",
"version": "8.4(3)"
},
{
"status": "affected",
"version": "9.2(3)"
},
{
"status": "affected",
"version": "7.0(3)I5(2)"
},
{
"status": "affected",
"version": "8.2(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7a)"
},
{
"status": "affected",
"version": "7.0(3)I4(5)"
},
{
"status": "affected",
"version": "6.0(2)A6(1)"
},
{
"status": "affected",
"version": "7.3(1)D1(1)"
},
{
"status": "affected",
"version": "6.2(14a)"
},
{
"status": "affected",
"version": "7.0(3)I4(6)"
},
{
"status": "affected",
"version": "7.3(4)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(3)"
},
{
"status": "affected",
"version": "9.2(2v)"
},
{
"status": "affected",
"version": "6.0(2)A6(5b)"
},
{
"status": "affected",
"version": "7.3(0)D1(1)"
},
{
"status": "affected",
"version": "6.2(17a)"
},
{
"status": "affected",
"version": "7.0(3)I4(7)"
},
{
"status": "affected",
"version": "6.0(2)U6(1a)"
},
{
"status": "affected",
"version": "7.1(5)N1(1b)"
},
{
"status": "affected",
"version": "7.0(3)I4(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8)"
},
{
"status": "affected",
"version": "7.0(3)I4(2)"
},
{
"status": "affected",
"version": "7.1(4)N1(1c)"
},
{
"status": "affected",
"version": "7.0(3)IM3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5a)"
},
{
"status": "affected",
"version": "6.0(2)A8(11)"
},
{
"status": "affected",
"version": "6.0(2)A6(4a)"
},
{
"status": "affected",
"version": "6.2(9)"
},
{
"status": "affected",
"version": "6.2(5)"
},
{
"status": "affected",
"version": "7.3(4)D1(1)"
},
{
"status": "affected",
"version": "6.2(20)"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.2(2t)"
},
{
"status": "affected",
"version": "9.2(3y)"
},
{
"status": "affected",
"version": "7.0(3)I4(1t)"
},
{
"status": "affected",
"version": "6.0(2)U6(5c)"
},
{
"status": "affected",
"version": "6.0(2)A6(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(6z)"
},
{
"status": "affected",
"version": "9.3(2)"
},
{
"status": "affected",
"version": "7.3(1)DY(1)"
},
{
"status": "affected",
"version": "7.0(3)F3(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(6)"
},
{
"status": "affected",
"version": "6.2(29)"
},
{
"status": "affected",
"version": "7.0(3)I7(3z)"
},
{
"status": "affected",
"version": "7.0(3)IM7(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(11b)"
},
{
"status": "affected",
"version": "6.2(9a)"
},
{
"status": "affected",
"version": "7.3(0)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I7(5a)"
},
{
"status": "affected",
"version": "6.2(11d)"
},
{
"status": "affected",
"version": "8.1(1)"
},
{
"status": "affected",
"version": "7.0(3)I6(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(10)"
},
{
"status": "affected",
"version": "7.2(2)D1(2)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(8)"
},
{
"status": "affected",
"version": "8.2(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(1)"
},
{
"status": "affected",
"version": "7.3(2)N1(1c)"
},
{
"status": "affected",
"version": "7.0(3)I5(3b)"
},
{
"status": "affected",
"version": "8.3(2)"
},
{
"status": "affected",
"version": "7.3(5)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(2a)"
},
{
"status": "affected",
"version": "7.3(2)N1(1b)"
},
{
"status": "affected",
"version": "6.2(27)"
},
{
"status": "affected",
"version": "7.3(2)D1(3a)"
},
{
"status": "affected",
"version": "7.3(1)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(7)"
},
{
"status": "affected",
"version": "9.2(4)"
},
{
"status": "affected",
"version": "7.1(4)N1(1a)"
},
{
"status": "affected",
"version": "7.1(3)N1(4)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2a)"
},
{
"status": "affected",
"version": "6.2(8b)"
},
{
"status": "affected",
"version": "6.0(2)A8(10)"
},
{
"status": "affected",
"version": "7.1(3)N1(2)"
},
{
"status": "affected",
"version": "6.2(13)"
},
{
"status": "affected",
"version": "6.0(2)A8(2)"
},
{
"status": "affected",
"version": "7.0(3)IC4(4)"
},
{
"status": "affected",
"version": "6.2(1)"
},
{
"status": "affected",
"version": "7.3(4)N1(1a)"
},
{
"status": "affected",
"version": "8.1(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(5b)"
},
{
"status": "affected",
"version": "7.0(3)F3(3c)"
},
{
"status": "affected",
"version": "7.3(3)D1(1)"
},
{
"status": "affected",
"version": "7.0(3)F3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(5)"
},
{
"status": "affected",
"version": "7.1(2)N1(1)"
},
{
"status": "affected",
"version": "7.1(3)N1(3)"
},
{
"status": "affected",
"version": "8.2(3)"
},
{
"status": "affected",
"version": "6.0(2)A6(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(2)"
},
{
"status": "affected",
"version": "6.2(5a)"
},
{
"status": "affected",
"version": "6.2(18)"
},
{
"status": "affected",
"version": "6.0(2)A6(5)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2b)"
},
{
"status": "affected",
"version": "7.1(3)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(4a)"
},
{
"status": "affected",
"version": "7.0(3)I5(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(3)"
},
{
"status": "affected",
"version": "6.0(2)A8(6)"
},
{
"status": "affected",
"version": "7.0(3)I6(2)"
},
{
"status": "affected",
"version": "8.3(1)"
},
{
"status": "affected",
"version": "6.2(3)"
},
{
"status": "affected",
"version": "6.2(22)"
},
{
"status": "affected",
"version": "7.1(1)N1(1)"
},
{
"status": "affected",
"version": "8.4(1)"
},
{
"status": "affected",
"version": "8.1(1b)"
},
{
"status": "affected",
"version": "7.3(0)N1(1b)"
},
{
"status": "affected",
"version": "7.2(2)D1(4)"
},
{
"status": "affected",
"version": "6.0(2)A8(5)"
},
{
"status": "affected",
"version": "7.3(0)DX(1)"
},
{
"status": "affected",
"version": "7.1(4)N1(1d)"
},
{
"status": "affected",
"version": "7.3(2)D1(1)"
},
{
"status": "affected",
"version": "7.3(2)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(8)"
},
{
"status": "affected",
"version": "7.1(1)N1(1a)"
},
{
"status": "affected",
"version": "7.0(3)IM3(3)"
},
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(2)"
},
{
"status": "affected",
"version": "6.2(9b)"
},
{
"status": "affected",
"version": "7.1(3)N1(2a)"
},
{
"status": "affected",
"version": "7.3(0)N1(1a)"
},
{
"status": "affected",
"version": "6.0(2)A8(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(6)"
},
{
"status": "affected",
"version": "7.3(2)D1(2)"
},
{
"status": "affected",
"version": "6.2(25)"
},
{
"status": "affected",
"version": "6.0(2)U6(3a)"
},
{
"status": "affected",
"version": "8.0(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(11a)"
},
{
"status": "affected",
"version": "6.2(11e)"
},
{
"status": "affected",
"version": "7.1(3)N1(5)"
},
{
"status": "affected",
"version": "7.0(3)I4(8z)"
},
{
"status": "affected",
"version": "6.2(11)"
},
{
"status": "affected",
"version": "7.0(3)I4(9)"
},
{
"status": "affected",
"version": "6.2(16)"
},
{
"status": "affected",
"version": "6.2(19)"
},
{
"status": "affected",
"version": "8.2(4)"
},
{
"status": "affected",
"version": "6.2(2a)"
},
{
"status": "affected",
"version": "7.2(2)D1(3)"
},
{
"status": "affected",
"version": "7.1(0)N1(1b)"
},
{
"status": "affected",
"version": "7.0(3)I7(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(7)"
},
{
"status": "affected",
"version": "6.2(5b)"
},
{
"status": "affected",
"version": "7.3(0)DY(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(9)"
},
{
"status": "affected",
"version": "6.0(2)A8(1)"
},
{
"status": "affected",
"version": "7.1(5)N1(1)"
},
{
"status": "affected",
"version": "7.2(1)D1(1)"
},
{
"status": "affected",
"version": "6.2(15)"
},
{
"status": "affected",
"version": "6.0(2)A6(6)"
},
{
"status": "affected",
"version": "6.0(2)A8(10a)"
},
{
"status": "affected",
"version": "7.0(3)I5(1)"
},
{
"status": "affected",
"version": "9.3(1z)"
},
{
"status": "affected",
"version": "9.2(2)"
},
{
"status": "affected",
"version": "6.2(7)"
},
{
"status": "affected",
"version": "6.2(9c)"
},
{
"status": "affected",
"version": "7.0(3)F3(4)"
},
{
"status": "affected",
"version": "7.3(3)N1(1)"
},
{
"status": "affected",
"version": "6.2(6b)"
},
{
"status": "affected",
"version": "7.0(3)I4(8b)"
},
{
"status": "affected",
"version": "8.1(2a)"
},
{
"status": "affected",
"version": "7.3(2)D1(3)"
},
{
"status": "affected",
"version": "6.2(8)"
},
{
"status": "affected",
"version": "6.0(2)A8(3)"
},
{
"status": "affected",
"version": "6.2(11b)"
},
{
"status": "affected",
"version": "7.0(3)I4(6t)"
},
{
"status": "affected",
"version": "7.0(3)I5(3a)"
},
{
"status": "affected",
"version": "8.1(1a)"
},
{
"status": "affected",
"version": "6.2(13a)"
},
{
"status": "affected",
"version": "6.0(2)A8(8)"
},
{
"status": "affected",
"version": "7.0(3)I7(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(3a)"
},
{
"status": "affected",
"version": "7.1(0)N1(1a)"
},
{
"status": "affected",
"version": "6.0(2)A8(4)"
},
{
"status": "affected",
"version": "6.0(2)A6(3a)"
},
{
"status": "affected",
"version": "6.0(2)A6(5a)"
},
{
"status": "affected",
"version": "7.0(3)F2(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8a)"
},
{
"status": "affected",
"version": "6.0(2)U6(9)"
},
{
"status": "affected",
"version": "7.0(3)F3(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(2a)"
},
{
"status": "affected",
"version": "6.2(12)"
},
{
"status": "affected",
"version": "6.2(17)"
},
{
"status": "affected",
"version": "7.0(3)I4(4)"
},
{
"status": "affected",
"version": "6.2(23)"
},
{
"status": "affected",
"version": "6.2(13b)"
},
{
"status": "affected",
"version": "6.0(2)U6(3)"
},
{
"status": "affected",
"version": "6.2(10)"
},
{
"status": "affected",
"version": "6.2(6a)"
},
{
"status": "affected",
"version": "6.2(6)"
},
{
"status": "affected",
"version": "7.1(2)N1(1a)"
},
{
"status": "affected",
"version": "6.2(14)"
},
{
"status": "affected",
"version": "7.0(3)I7(1)"
},
{
"status": "affected",
"version": "6.2(14b)"
},
{
"status": "affected",
"version": "6.2(21)"
},
{
"status": "affected",
"version": "7.2(2)D1(1)"
},
{
"status": "affected",
"version": "7.0(3)F2(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7b)"
},
{
"status": "affected",
"version": "6.2(8a)"
},
{
"status": "affected",
"version": "6.2(11c)"
},
{
"status": "affected",
"version": "7.0(3)F1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(1a)"
},
{
"status": "affected",
"version": "7.1(0)N1(1)"
},
{
"status": "affected",
"version": "7.2(0)D1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(2)"
},
{
"status": "affected",
"version": "7.1(4)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(4a)"
},
{
"status": "affected",
"version": "6.2(20a)"
},
{
"status": "affected",
"version": "6.0(2)U6(4)"
},
{
"status": "affected",
"version": "8.4(1a)"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "7.3(2)D1(1d)"
},
{
"status": "affected",
"version": "7.3(7)N1(1)"
},
{
"status": "affected",
"version": "6.2(24)"
},
{
"status": "affected",
"version": "6.2(31)"
},
{
"status": "affected",
"version": "7.0(3)I7(8)"
},
{
"status": "affected",
"version": "6.0(2)U6(10a)"
},
{
"status": "affected",
"version": "7.3(7)N1(1a)"
},
{
"status": "affected",
"version": "9.3(4)"
},
{
"status": "affected",
"version": "7.3(6)D1(1)"
},
{
"status": "affected",
"version": "6.2(26)"
},
{
"status": "affected",
"version": "8.2(6)"
},
{
"status": "affected",
"version": "6.2(33)"
},
{
"status": "affected",
"version": "9.3(5)"
},
{
"status": "affected",
"version": "8.4(2a)"
},
{
"status": "affected",
"version": "8.4(2b)"
},
{
"status": "affected",
"version": "7.3(8)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I7(9)"
},
{
"status": "affected",
"version": "7.3(7)N1(1b)"
},
{
"status": "affected",
"version": "6.2(24a)"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "9.3(6)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "8.4(4)"
},
{
"status": "affected",
"version": "7.3(7)D1(1)"
},
{
"status": "affected",
"version": "8.4(2c)"
},
{
"status": "affected",
"version": "9.3(5w)"
},
{
"status": "affected",
"version": "8.2(7)"
},
{
"status": "affected",
"version": "7.3(9)N1(1)"
},
{
"status": "affected",
"version": "9.3(7)"
},
{
"status": "affected",
"version": "9.3(7k)"
},
{
"status": "affected",
"version": "7.0(3)I7(9w)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "7.3(8)N1(1a)"
},
{
"status": "affected",
"version": "7.3(8)D1(1)"
},
{
"status": "affected",
"version": "9.3(7a)"
},
{
"status": "affected",
"version": "8.2(7a)"
},
{
"status": "affected",
"version": "9.3(8)"
},
{
"status": "affected",
"version": "8.4(4a)"
},
{
"status": "affected",
"version": "8.4(2d)"
},
{
"status": "affected",
"version": "7.3(10)N1(1)"
},
{
"status": "affected",
"version": "8.4(5)"
},
{
"status": "affected",
"version": "7.0(3)I7(10)"
},
{
"status": "affected",
"version": "7.3(8)N1(1b)"
},
{
"status": "affected",
"version": "8.2(8)"
},
{
"status": "affected",
"version": "10.2(1q)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "9.3(9)"
},
{
"status": "affected",
"version": "7.3(9)D1(1)"
},
{
"status": "affected",
"version": "7.3(11)N1(1)"
},
{
"status": "affected",
"version": "10.2(3)"
},
{
"status": "affected",
"version": "8.4(6)"
},
{
"status": "affected",
"version": "8.4(2e)"
},
{
"status": "affected",
"version": "9.3(10)"
},
{
"status": "affected",
"version": "7.3(11)N1(1a)"
},
{
"status": "affected",
"version": "10.2(2a)"
},
{
"status": "affected",
"version": "7.3(12)N1(1)"
},
{
"status": "affected",
"version": "9.2(1a)"
},
{
"status": "affected",
"version": "8.2(9)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.2(4)"
},
{
"status": "affected",
"version": "7.3(13)N1(1)"
},
{
"status": "affected",
"version": "8.4(7)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "8.4(6a)"
},
{
"status": "affected",
"version": "9.3(11)"
},
{
"status": "affected",
"version": "10.3(3)"
},
{
"status": "affected",
"version": "10.2(5)"
},
{
"status": "affected",
"version": "9.4(1)"
},
{
"status": "affected",
"version": "9.3(2a)"
},
{
"status": "affected",
"version": "8.4(2f)"
},
{
"status": "affected",
"version": "8.2(10)"
},
{
"status": "affected",
"version": "9.3(12)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "8.4(8)"
},
{
"status": "affected",
"version": "10.3(99w)"
},
{
"status": "affected",
"version": "7.3(14)N1(1)"
},
{
"status": "affected",
"version": "10.2(6)"
},
{
"status": "affected",
"version": "10.3(3w)"
},
{
"status": "affected",
"version": "10.3(99x)"
},
{
"status": "affected",
"version": "10.3(3o)"
},
{
"status": "affected",
"version": "8.4(9)"
},
{
"status": "affected",
"version": "10.3(4)"
},
{
"status": "affected",
"version": "10.3(3p)"
},
{
"status": "affected",
"version": "10.3(4a)"
},
{
"status": "affected",
"version": "9.4(1a)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "10.3(3q)"
},
{
"status": "affected",
"version": "9.3(13)"
},
{
"status": "affected",
"version": "8.2(11)"
},
{
"status": "affected",
"version": "9.4(2)"
},
{
"status": "affected",
"version": "10.3(5)"
},
{
"status": "affected",
"version": "10.2(7)"
},
{
"status": "affected",
"version": "10.3(3x)"
},
{
"status": "affected",
"version": "10.3(4g)"
},
{
"status": "affected",
"version": "10.2(8)"
},
{
"status": "affected",
"version": "10.3(3r)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root.\r\nNote: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. The following Cisco devices already allow administrative users to access the underlying operating system through the bash-shell feature, so, for these devices, this vulnerability does not grant any additional privileges:\r\n\r\nNexus 3000 Series Switches\r\nNexus 7000 Series Switches that are running Cisco NX-OS Software releases 8.1(1) and later\r\nNexus 9000 Series Switches in standalone NX-OS mode"
}
],
"exploits": [
{
"lang": "en",
"value": "In May 2024, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of this vulnerability in the wild."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T18:07:44.853Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nxos-cmd-injection-xD9OhyOP",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP"
}
],
"source": {
"advisory": "cisco-sa-nxos-cmd-injection-xD9OhyOP",
"defects": [
"CSCwj94682"
],
"discovery": "EXTERNAL"
},
"title": "Cisco NX-OS Software CLI Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20399",
"datePublished": "2024-07-01T16:11:44.028Z",
"dateReserved": "2023-11-08T15:08:07.660Z",
"dateUpdated": "2024-09-17T18:07:44.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1782
Vulnerability from cvelistv5
Published
2019-05-15 19:45
Modified
2024-11-20 17:20
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108407 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782"
},
{
"name": "108407",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108407"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1782",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:54:46.135024Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:20:56.298Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-22T13:06:04",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782"
},
{
"name": "108407",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108407"
}
],
"source": {
"advisory": "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782",
"defect": [
[
"CSCvh20027",
"CSCvh20389",
"CSCvi01445",
"CSCvi01448",
"CSCvi91985",
"CSCvi92126",
"CSCvi92128",
"CSCvi92129",
"CSCvi92130",
"CSCvi96522",
"CSCvi96524",
"CSCvi96525",
"CSCvi96526",
"CSCvi96527"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco FXOS and NX-OS Software Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1782",
"STATE": "PUBLIC",
"TITLE": "Cisco FXOS and NX-OS Software Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782"
},
{
"name": "108407",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108407"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782",
"defect": [
[
"CSCvh20027",
"CSCvh20389",
"CSCvi01445",
"CSCvi01448",
"CSCvi91985",
"CSCvi92126",
"CSCvi92128",
"CSCvi92129",
"CSCvi92130",
"CSCvi96522",
"CSCvi96524",
"CSCvi96525",
"CSCvi96526",
"CSCvi96527"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1782",
"datePublished": "2019-05-15T19:45:19.350442Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:20:56.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1901
Vulnerability from cvelistv5
Published
2019-07-31 17:25
Modified
2024-11-20 17:15
Severity ?
EPSS score ?
Summary
A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to the targeted device. A successful exploit may lead to a buffer overflow condition that could either cause a DoS condition or allow the attacker to execute arbitrary code with root privileges. Note: This vulnerability cannot be exploited by transit traffic through the device; the crafted packet must be targeted to a directly connected interface. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI mode if they are running a Cisco Nexus 9000 Series ACI Mode Switch Software release prior to 13.2(7f) or any 14.x release.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190731-nxos-bo | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS System Software |
Version: unspecified < 13.2(7f) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:35:52.433Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190731 Cisco Nexus 9000 Series ACI Mode Switch Software Link Layer Discovery Protocol Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190731-nxos-bo"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1901",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:53:43.930114Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:15:07.100Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS System Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "13.2(7f)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to the targeted device. A successful exploit may lead to a buffer overflow condition that could either cause a DoS condition or allow the attacker to execute arbitrary code with root privileges. Note: This vulnerability cannot be exploited by transit traffic through the device; the crafted packet must be targeted to a directly connected interface. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI mode if they are running a Cisco Nexus 9000 Series ACI Mode Switch Software release prior to 13.2(7f) or any 14.x release."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-31T17:25:12",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190731 Cisco Nexus 9000 Series ACI Mode Switch Software Link Layer Discovery Protocol Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190731-nxos-bo"
}
],
"source": {
"advisory": "cisco-sa-20190731-nxos-bo",
"defect": [
[
"CSCvp92121"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series ACI Mode Switch Software Link Layer Discovery Protocol Buffer Overflow Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-07-31T16:00:00-0700",
"ID": "CVE-2019-1901",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series ACI Mode Switch Software Link Layer Discovery Protocol Buffer Overflow Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS System Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "13.2(7f)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to the targeted device. A successful exploit may lead to a buffer overflow condition that could either cause a DoS condition or allow the attacker to execute arbitrary code with root privileges. Note: This vulnerability cannot be exploited by transit traffic through the device; the crafted packet must be targeted to a directly connected interface. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI mode if they are running a Cisco Nexus 9000 Series ACI Mode Switch Software release prior to 13.2(7f) or any 14.x release."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.8",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190731 Cisco Nexus 9000 Series ACI Mode Switch Software Link Layer Discovery Protocol Buffer Overflow Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190731-nxos-bo"
}
]
},
"source": {
"advisory": "cisco-sa-20190731-nxos-bo",
"defect": [
[
"CSCvp92121"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1901",
"datePublished": "2019-07-31T17:25:12.879538Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:15:07.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1734
Vulnerability from cvelistv5
Published
2019-11-05 19:15
Modified
2024-11-21 19:06
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 6.2(7) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1734",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:55:53.041640Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:06:05.831Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "6.2(7)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-05T19:15:35",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-fxos-info",
"defect": [
[
"CSCvj59436",
"CSCvk50808",
"CSCvk50810",
"CSCvk50814",
"CSCvk50816",
"CSCvk50838"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1734",
"STATE": "PUBLIC",
"TITLE": "Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.2(7)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.5",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-fxos-info",
"defect": [
[
"CSCvj59436",
"CSCvk50808",
"CSCvk50810",
"CSCvk50814",
"CSCvk50816",
"CSCvk50838"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1734",
"datePublished": "2019-11-05T19:15:35.896970Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:06:05.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1368
Vulnerability from cvelistv5
Published
2021-02-24 19:30
Modified
2024-11-08 23:37
Severity ?
EPSS score ?
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:16.857Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210224 Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1368",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:20:53.434491Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:37:56.190Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-24T19:30:49",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210224 Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35"
}
],
"source": {
"advisory": "cisco-sa-nxos-udld-rce-xetH6w35",
"defect": [
[
"CSCvv78238",
"CSCvv96088",
"CSCvv96090",
"CSCvv96092",
"CSCvv96107",
"CSCvw38964",
"CSCvw38981",
"CSCvw38982",
"CSCvw38983",
"CSCvw38984",
"CSCvw38995",
"CSCvw45654"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-02-24T16:00:00",
"ID": "CVE-2021-1368",
"STATE": "PUBLIC",
"TITLE": "Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.8",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210224 Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35"
}
]
},
"source": {
"advisory": "cisco-sa-nxos-udld-rce-xetH6w35",
"defect": [
[
"CSCvv78238",
"CSCvv96088",
"CSCvv96090",
"CSCvv96092",
"CSCvv96107",
"CSCvw38964",
"CSCvw38981",
"CSCvw38982",
"CSCvw38983",
"CSCvw38984",
"CSCvw38995",
"CSCvw45654"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1368",
"datePublished": "2021-02-24T19:30:49.775173Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:37:56.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-1454
Vulnerability from cvelistv5
Published
2016-10-06 10:00
Modified
2024-08-05 22:55
Severity ?
EPSS score ?
Summary
Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1036950 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/93417 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.642Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20161005 Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp"
},
{
"name": "1036950",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036950"
},
{
"name": "93417",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93417"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20161005 Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp"
},
{
"name": "1036950",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036950"
},
{
"name": "93417",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93417"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1454",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20161005 Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp"
},
{
"name": "1036950",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036950"
},
{
"name": "93417",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93417"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-1454",
"datePublished": "2016-10-06T10:00:00",
"dateReserved": "2016-01-04T00:00:00",
"dateUpdated": "2024-08-05T22:55:14.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0309
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:58
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect implementation of the CLI command, resulting in a failure to free all allocated memory upon completion. An attacker could exploit this vulnerability by authenticating to the affected device and repeatedly issuing a specific CLI command or sending a specific SNMP poll request for a specific Object Identifier (OID). A successful exploit could allow the attacker to cause the IP routing process to restart or to cause a device reset, resulting in a DoS condition. Cisco Bug IDs: CSCvf23136.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco Nexus 3000 and 9000 unknown |
Version: Cisco Nexus 3000 and 9000 unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0309",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:37:36.811267Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T14:58:01.916Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Nexus 3000 and 9000 unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Nexus 3000 and 9000 unknown"
}
]
}
],
"datePublic": "2018-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect implementation of the CLI command, resulting in a failure to free all allocated memory upon completion. An attacker could exploit this vulnerability by authenticating to the affected device and repeatedly issuing a specific CLI command or sending a specific SNMP poll request for a specific Object Identifier (OID). A successful exploit could allow the attacker to cause the IP routing process to restart or to cause a device reset, resulting in a DoS condition. Cisco Bug IDs: CSCvf23136."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0309",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Nexus 3000 and 9000 unknown",
"version": {
"version_data": [
{
"version_value": "Cisco Nexus 3000 and 9000 unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect implementation of the CLI command, resulting in a failure to free all allocated memory upon completion. An attacker could exploit this vulnerability by authenticating to the affected device and repeatedly issuing a specific CLI command or sending a specific SNMP poll request for a specific Object Identifier (OID). A successful exploit could allow the attacker to cause the IP routing process to restart or to cause a device reset, resulting in a DoS condition. Cisco Bug IDs: CSCvf23136."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0309",
"datePublished": "2018-06-21T11:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T14:58:01.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20824
Vulnerability from cvelistv5
Published
2022-08-25 18:40
Modified
2024-11-06 16:07
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation of specific values that are within a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, which would cause the affected device to reload, resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cdp-dos-ce-wWvPucC9 | vendor-advisory, x_refsource_CISCO | |
| https://security.netapp.com/advisory/ntap-20220923-0001/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220824 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Denial of Service and Arbitrary Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cdp-dos-ce-wWvPucC9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220923-0001/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20824",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T16:00:02.441929Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:07:28.736Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-08-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation of specific values that are within a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, which would cause the affected device to reload, resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T14:06:17",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220824 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Denial of Service and Arbitrary Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cdp-dos-ce-wWvPucC9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220923-0001/"
}
],
"source": {
"advisory": "cisco-sa-nxos-cdp-dos-ce-wWvPucC9",
"defect": [
[
"CSCwb70210",
"CSCwb74493",
"CSCwb74494",
"CSCwb74495",
"CSCwb74496",
"CSCwb74497",
"CSCwb74498",
"CSCwb74513"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco FXOS and NX-OS Software Cisco Discovery Protocol Denial of Service and Arbitrary Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-08-24T23:00:00",
"ID": "CVE-2022-20824",
"STATE": "PUBLIC",
"TITLE": "Cisco FXOS and NX-OS Software Cisco Discovery Protocol Denial of Service and Arbitrary Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation of specific values that are within a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, which would cause the affected device to reload, resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.8",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220824 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Denial of Service and Arbitrary Code Execution Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cdp-dos-ce-wWvPucC9"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220923-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220923-0001/"
}
]
},
"source": {
"advisory": "cisco-sa-nxos-cdp-dos-ce-wWvPucC9",
"defect": [
[
"CSCwb70210",
"CSCwb74493",
"CSCwb74494",
"CSCwb74495",
"CSCwb74496",
"CSCwb74497",
"CSCwb74498",
"CSCwb74513"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20824",
"datePublished": "2022-08-25T18:40:48.962538Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:07:28.736Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1589
Vulnerability from cvelistv5
Published
2019-05-03 14:50
Modified
2024-11-21 19:36
Severity ?
EPSS score ?
Summary
A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. The vulnerability is due to a lack of proper data-protection mechanisms for disk encryption keys that are used within the partitions on an affected device hard drive. An attacker could exploit this vulnerability by obtaining physical access to the affected device to view certain cleartext keys. A successful exploit could allow the attacker to execute a custom boot process or conduct further attacks on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-unmeasured-boot | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108175 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode |
Version: 8.3(0)SK(0.39) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.311Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Unmeasured Boot Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-unmeasured-boot"
},
{
"name": "108175",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108175"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1589",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:59:05.283099Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:36:09.390Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.3(0)SK(0.39)"
}
]
}
],
"datePublic": "2019-05-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. The vulnerability is due to a lack of proper data-protection mechanisms for disk encryption keys that are used within the partitions on an affected device hard drive. An attacker could exploit this vulnerability by obtaining physical access to the affected device to view certain cleartext keys. A successful exploit could allow the attacker to execute a custom boot process or conduct further attacks on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-07T14:06:08",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Unmeasured Boot Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-unmeasured-boot"
},
{
"name": "108175",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108175"
}
],
"source": {
"advisory": "cisco-sa-20190501-aci-unmeasured-boot",
"defect": [
[
"CSCvn09807"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric\u00a0Switches Application Centric Infrastructure Mode Unmeasured Boot Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-01T16:00:00-0700",
"ID": "CVE-2019-1589",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric\u00a0Switches Application Centric Infrastructure Mode Unmeasured Boot Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode",
"version": {
"version_data": [
{
"version_value": "8.3(0)SK(0.39)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. The vulnerability is due to a lack of proper data-protection mechanisms for disk encryption keys that are used within the partitions on an affected device hard drive. An attacker could exploit this vulnerability by obtaining physical access to the affected device to view certain cleartext keys. A successful exploit could allow the attacker to execute a custom boot process or conduct further attacks on an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.2",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Unmeasured Boot Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-unmeasured-boot"
},
{
"name": "108175",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108175"
}
]
},
"source": {
"advisory": "cisco-sa-20190501-aci-unmeasured-boot",
"defect": [
[
"CSCvn09807"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1589",
"datePublished": "2019-05-03T14:50:32.395599Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:36:09.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1586
Vulnerability from cvelistv5
Published
2021-08-25 19:10
Modified
2024-11-07 22:02
Severity ?
EPSS score ?
Summary
A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS System Software in ACI Mode |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1586",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:54:28.309256Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:02:32.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS System Software in ACI Mode",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-25T19:10:59",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM"
}
],
"source": {
"advisory": "cisco-sa-n9kaci-tcp-dos-YXukt6gM",
"defect": [
[
"CSCvw87983"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-08-25T16:00:00",
"ID": "CVE-2021-1586",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS System Software in ACI Mode",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-345"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM"
}
]
},
"source": {
"advisory": "cisco-sa-n9kaci-tcp-dos-YXukt6gM",
"defect": [
[
"CSCvw87983"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1586",
"datePublished": "2021-08-25T19:10:59.639835Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:02:32.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1803
Vulnerability from cvelistv5
Published
2019-05-03 16:20
Modified
2024-11-20 17:23
Severity ?
EPSS score ?
Summary
A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. The vulnerability is due to overly permissive file permissions of specific system files. An attacker could exploit this vulnerability by authenticating to an affected device, creating a crafted command string, and writing this crafted string to a specific file location. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device. The attacker would need to have valid administrator credentials for the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode |
Version: unspecified < 14.1(1i) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Root Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1803",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:55:15.565626Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:23:36.640Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode",
"vendor": "Cisco",
"versions": [
{
"lessThan": "14.1(1i)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. The vulnerability is due to overly permissive file permissions of specific system files. An attacker could exploit this vulnerability by authenticating to an affected device, creating a crafted command string, and writing this crafted string to a specific file location. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device. The attacker would need to have valid administrator credentials for the device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-03T16:20:16",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Root Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe"
}
],
"source": {
"advisory": "cisco-sa-20190501-nexus9k-rpe",
"defect": [
[
"CSCvo72253"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Root Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-01T16:00:00-0700",
"ID": "CVE-2019-1803",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Root Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "14.1(1i)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. The vulnerability is due to overly permissive file permissions of specific system files. An attacker could exploit this vulnerability by authenticating to an affected device, creating a crafted command string, and writing this crafted string to a specific file location. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device. The attacker would need to have valid administrator credentials for the device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.8",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Root Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe"
}
]
},
"source": {
"advisory": "cisco-sa-20190501-nexus9k-rpe",
"defect": [
[
"CSCvo72253"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1803",
"datePublished": "2019-05-03T16:20:16.584226Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:23:36.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3172
Vulnerability from cvelistv5
Published
2020-02-26 16:50
Modified
2024-11-15 17:38
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Unified Computing System (Managed) |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:24:00.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200226 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3172",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:25:00.721656Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:38:15.493Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Computing System (Managed)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-02-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-26T16:50:40",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200226 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp"
}
],
"source": {
"advisory": "cisco-sa-20200226-fxos-nxos-cdp",
"defect": [
[
"CSCux07556",
"CSCux58226",
"CSCvr31410",
"CSCvr37146",
"CSCvr37148",
"CSCvr37150",
"CSCvr37151"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-02-26T16:00:00-0800",
"ID": "CVE-2020-3172",
"STATE": "PUBLIC",
"TITLE": "Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Unified Computing System (Managed)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.8",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200226 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp"
}
]
},
"source": {
"advisory": "cisco-sa-20200226-fxos-nxos-cdp",
"defect": [
[
"CSCux07556",
"CSCux58226",
"CSCvr31410",
"CSCvr37146",
"CSCvr37148",
"CSCvr37150",
"CSCvr37151"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3172",
"datePublished": "2020-02-26T16:50:40.700230Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:38:15.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20284
Vulnerability from cvelistv5
Published
2024-08-28 16:37
Modified
2024-08-28 17:19
Severity ?
EPSS score ?
Summary
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.
The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: 8.2(5) Version: 7.3(6)N1(1a) Version: 7.3(5)D1(1) Version: 8.4(2) Version: 7.3(6)N1(1) Version: 6.2(2) Version: 8.4(3) Version: 9.2(3) Version: 7.0(3)I5(2) Version: 8.2(1) Version: 6.0(2)A8(7a) Version: 7.0(3)I4(5) Version: 6.0(2)A6(1) Version: 7.3(1)D1(1) Version: 6.2(14a) Version: 7.0(3)I4(6) Version: 7.3(4)N1(1) Version: 7.0(3)I4(3) Version: 9.2(2v) Version: 6.0(2)A6(5b) Version: 7.3(0)D1(1) Version: 6.2(17a) Version: 7.0(3)I4(7) Version: 6.0(2)U6(1a) Version: 7.1(5)N1(1b) Version: 7.0(3)I4(1) Version: 7.0(3)I4(8) Version: 7.0(3)I4(2) Version: 7.1(4)N1(1c) Version: 7.0(3)IM3(1) Version: 6.0(2)U6(5a) Version: 6.0(2)A8(11) Version: 6.0(2)A6(4a) Version: 6.2(9) Version: 6.2(5) Version: 7.3(4)D1(1) Version: 6.2(20) Version: 9.2(1) Version: 9.2(2t) Version: 9.2(3y) Version: 7.0(3)I4(1t) Version: 6.0(2)U6(5c) Version: 6.0(2)A6(4) Version: 7.0(3)I7(6z) Version: 9.3(2) Version: 7.3(1)DY(1) Version: 7.0(3)F3(3) Version: 6.0(2)U6(6) Version: 6.2(29) Version: 7.0(3)I7(3z) Version: 7.0(3)IM7(2) Version: 6.0(2)A8(11b) Version: 6.2(9a) Version: 7.3(0)N1(1) Version: 7.0(3)I7(5a) Version: 6.2(11d) Version: 8.1(1) Version: 7.0(3)I6(1) Version: 6.0(2)U6(10) Version: 7.2(2)D1(2) Version: 7.0(3)IM3(2) Version: 6.0(2)A6(8) Version: 8.2(2) Version: 6.0(2)U6(1) Version: 7.3(2)N1(1c) Version: 7.0(3)I5(3b) Version: 8.3(2) Version: 7.3(5)N1(1) Version: 6.0(2)A6(2a) Version: 7.3(2)N1(1b) Version: 6.2(27) Version: 7.3(2)D1(3a) Version: 7.3(1)N1(1) Version: 6.0(2)U6(7) Version: 9.2(4) Version: 7.1(4)N1(1a) Version: 7.1(3)N1(4) Version: 7.0(3)IM3(2a) Version: 6.2(8b) Version: 6.0(2)A8(10) Version: 7.1(3)N1(2) Version: 6.2(13) Version: 6.0(2)A8(2) Version: 7.0(3)IC4(4) Version: 6.2(1) Version: 7.3(4)N1(1a) Version: 8.1(2) Version: 6.0(2)A6(3) Version: 6.0(2)U6(5b) Version: 7.0(3)F3(3c) Version: 7.3(3)D1(1) Version: 7.0(3)F3(1) Version: 6.0(2)U6(5) Version: 7.0(3)F3(5) Version: 7.1(2)N1(1) Version: 7.1(3)N1(3) Version: 8.2(3) Version: 6.0(2)A6(7) Version: 7.0(3)I7(2) Version: 6.2(5a) Version: 6.2(18) Version: 6.0(2)A6(5) Version: 7.0(3)IM3(2b) Version: 7.1(3)N1(1) Version: 6.0(2)U6(4a) Version: 7.0(3)I5(3) Version: 7.0(3)I7(3) Version: 6.0(2)A8(6) Version: 7.0(3)I6(2) Version: 8.3(1) Version: 6.2(3) Version: 6.2(22) Version: 7.1(1)N1(1) Version: 8.4(1) Version: 8.1(1b) Version: 7.3(0)N1(1b) Version: 7.2(2)D1(4) Version: 6.0(2)A8(5) Version: 7.3(0)DX(1) Version: 7.1(4)N1(1d) Version: 7.3(2)D1(1) Version: 7.3(2)N1(1) Version: 6.0(2)U6(8) Version: 7.1(1)N1(1a) Version: 7.0(3)IM3(3) Version: 9.3(1) Version: 6.0(2)U6(2) Version: 6.2(9b) Version: 7.1(3)N1(2a) Version: 7.3(0)N1(1a) Version: 6.0(2)A8(7) Version: 7.0(3)I7(6) Version: 7.3(2)D1(2) Version: 6.2(25) Version: 6.0(2)U6(3a) Version: 8.0(1) Version: 6.0(2)A8(11a) Version: 6.2(11e) Version: 7.1(3)N1(5) Version: 7.0(3)I4(8z) Version: 6.2(11) Version: 7.0(3)I4(9) Version: 6.2(16) Version: 6.2(19) Version: 8.2(4) Version: 6.2(2a) Version: 7.2(2)D1(3) Version: 7.1(0)N1(1b) Version: 7.0(3)I7(4) Version: 7.0(3)I7(7) Version: 6.2(5b) Version: 7.3(0)DY(1) Version: 6.0(2)A8(9) Version: 6.0(2)A8(1) Version: 7.1(5)N1(1) Version: 7.2(1)D1(1) Version: 6.2(15) Version: 6.0(2)A6(6) Version: 6.0(2)A8(10a) Version: 7.0(3)I5(1) Version: 9.3(1z) Version: 9.2(2) Version: 6.2(7) Version: 6.2(9c) Version: 7.0(3)F3(4) Version: 7.3(3)N1(1) Version: 6.2(6b) Version: 7.0(3)I4(8b) Version: 8.1(2a) Version: 7.3(2)D1(3) Version: 6.2(8) Version: 6.0(2)A8(3) Version: 6.2(11b) Version: 7.0(3)I4(6t) Version: 7.0(3)I5(3a) Version: 8.1(1a) Version: 6.2(13a) Version: 6.0(2)A8(8) Version: 7.0(3)I7(5) Version: 7.0(3)F3(3a) Version: 7.1(0)N1(1a) Version: 6.0(2)A8(4) Version: 6.0(2)A6(3a) Version: 6.0(2)A6(5a) Version: 7.0(3)F2(1) Version: 7.0(3)I4(8a) Version: 6.0(2)U6(9) Version: 7.0(3)F3(2) Version: 6.0(2)U6(2a) Version: 6.2(12) Version: 6.2(17) Version: 7.0(3)I4(4) Version: 6.2(23) Version: 6.2(13b) Version: 6.0(2)U6(3) Version: 6.2(10) Version: 6.2(6a) Version: 6.2(6) Version: 7.1(2)N1(1a) Version: 6.2(14) Version: 7.0(3)I7(1) Version: 6.2(14b) Version: 6.2(21) Version: 7.2(2)D1(1) Version: 7.0(3)F2(2) Version: 7.0(3)IA7(2) Version: 7.0(3)IA7(1) Version: 6.0(2)A8(7b) Version: 6.2(8a) Version: 6.2(11c) Version: 7.0(3)F1(1) Version: 6.0(2)A6(1a) Version: 7.1(0)N1(1) Version: 7.2(0)D1(1) Version: 6.0(2)A6(2) Version: 7.1(4)N1(1) Version: 6.0(2)A8(4a) Version: 6.2(20a) Version: 6.0(2)U6(4) Version: 8.4(1a) Version: 9.3(3) Version: 7.3(2)D1(1d) Version: 7.3(7)N1(1) Version: 6.2(24) Version: 6.2(31) Version: 7.0(3)I7(8) Version: 6.0(2)U6(10a) Version: 7.3(7)N1(1a) Version: 9.3(4) Version: 7.3(6)D1(1) Version: 6.2(26) Version: 8.2(6) Version: 6.2(33) Version: 9.3(5) Version: 8.4(2a) Version: 8.4(2b) Version: 7.3(8)N1(1) Version: 7.0(3)I7(9) Version: 7.3(7)N1(1b) Version: 6.2(24a) Version: 8.5(1) Version: 9.3(6) Version: 10.1(2) Version: 10.1(1) Version: 8.4(4) Version: 7.3(7)D1(1) Version: 8.4(2c) Version: 9.3(5w) Version: 8.2(7) Version: 7.3(9)N1(1) Version: 9.3(7) Version: 9.3(7k) Version: 7.0(3)I7(9w) Version: 10.2(1) Version: 7.3(8)N1(1a) Version: 7.3(8)D1(1) Version: 9.3(7a) Version: 8.2(7a) Version: 9.3(8) Version: 8.4(4a) Version: 8.4(2d) Version: 7.3(10)N1(1) Version: 8.4(5) Version: 7.0(3)I7(10) Version: 7.3(8)N1(1b) Version: 8.2(8) Version: 10.2(1q) Version: 10.2(2) Version: 9.3(9) Version: 10.1(2t) Version: 7.3(9)D1(1) Version: 7.3(11)N1(1) Version: 10.2(3) Version: 8.4(6) Version: 10.2(3t) Version: 8.4(2e) Version: 9.3(10) Version: 7.3(11)N1(1a) Version: 10.2(2a) Version: 7.3(12)N1(1) Version: 9.2(1a) Version: 8.2(9) Version: 10.3(1) Version: 10.2(4) Version: 7.3(13)N1(1) Version: 8.4(7) Version: 10.3(2) Version: 8.4(6a) Version: 9.3(11) Version: 10.3(3) Version: 10.2(5) Version: 9.4(1) Version: 9.3(2a) Version: 8.4(2f) Version: 8.2(10) Version: 9.3(12) Version: 10.2(3v) Version: 10.4(1) Version: 8.4(8) Version: 10.3(99w) Version: 7.3(14)N1(1) Version: 10.2(6) Version: 10.3(3w) Version: 10.3(99x) Version: 10.3(3o) Version: 8.4(9) Version: 10.3(4) Version: 10.3(3p) Version: 10.3(4a) Version: 9.4(1a) Version: 10.4(2) Version: 10.3(3q) Version: 9.3(13) Version: 8.2(11) Version: 10.3(5) Version: 10.2(7) Version: 10.4(3) Version: 10.3(3x) Version: 10.3(4g) Version: 10.3(3r) |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20284",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T17:19:10.303470Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:19:17.361Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.2(5)"
},
{
"status": "affected",
"version": "7.3(6)N1(1a)"
},
{
"status": "affected",
"version": "7.3(5)D1(1)"
},
{
"status": "affected",
"version": "8.4(2)"
},
{
"status": "affected",
"version": "7.3(6)N1(1)"
},
{
"status": "affected",
"version": "6.2(2)"
},
{
"status": "affected",
"version": "8.4(3)"
},
{
"status": "affected",
"version": "9.2(3)"
},
{
"status": "affected",
"version": "7.0(3)I5(2)"
},
{
"status": "affected",
"version": "8.2(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7a)"
},
{
"status": "affected",
"version": "7.0(3)I4(5)"
},
{
"status": "affected",
"version": "6.0(2)A6(1)"
},
{
"status": "affected",
"version": "7.3(1)D1(1)"
},
{
"status": "affected",
"version": "6.2(14a)"
},
{
"status": "affected",
"version": "7.0(3)I4(6)"
},
{
"status": "affected",
"version": "7.3(4)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(3)"
},
{
"status": "affected",
"version": "9.2(2v)"
},
{
"status": "affected",
"version": "6.0(2)A6(5b)"
},
{
"status": "affected",
"version": "7.3(0)D1(1)"
},
{
"status": "affected",
"version": "6.2(17a)"
},
{
"status": "affected",
"version": "7.0(3)I4(7)"
},
{
"status": "affected",
"version": "6.0(2)U6(1a)"
},
{
"status": "affected",
"version": "7.1(5)N1(1b)"
},
{
"status": "affected",
"version": "7.0(3)I4(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8)"
},
{
"status": "affected",
"version": "7.0(3)I4(2)"
},
{
"status": "affected",
"version": "7.1(4)N1(1c)"
},
{
"status": "affected",
"version": "7.0(3)IM3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5a)"
},
{
"status": "affected",
"version": "6.0(2)A8(11)"
},
{
"status": "affected",
"version": "6.0(2)A6(4a)"
},
{
"status": "affected",
"version": "6.2(9)"
},
{
"status": "affected",
"version": "6.2(5)"
},
{
"status": "affected",
"version": "7.3(4)D1(1)"
},
{
"status": "affected",
"version": "6.2(20)"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.2(2t)"
},
{
"status": "affected",
"version": "9.2(3y)"
},
{
"status": "affected",
"version": "7.0(3)I4(1t)"
},
{
"status": "affected",
"version": "6.0(2)U6(5c)"
},
{
"status": "affected",
"version": "6.0(2)A6(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(6z)"
},
{
"status": "affected",
"version": "9.3(2)"
},
{
"status": "affected",
"version": "7.3(1)DY(1)"
},
{
"status": "affected",
"version": "7.0(3)F3(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(6)"
},
{
"status": "affected",
"version": "6.2(29)"
},
{
"status": "affected",
"version": "7.0(3)I7(3z)"
},
{
"status": "affected",
"version": "7.0(3)IM7(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(11b)"
},
{
"status": "affected",
"version": "6.2(9a)"
},
{
"status": "affected",
"version": "7.3(0)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I7(5a)"
},
{
"status": "affected",
"version": "6.2(11d)"
},
{
"status": "affected",
"version": "8.1(1)"
},
{
"status": "affected",
"version": "7.0(3)I6(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(10)"
},
{
"status": "affected",
"version": "7.2(2)D1(2)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(8)"
},
{
"status": "affected",
"version": "8.2(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(1)"
},
{
"status": "affected",
"version": "7.3(2)N1(1c)"
},
{
"status": "affected",
"version": "7.0(3)I5(3b)"
},
{
"status": "affected",
"version": "8.3(2)"
},
{
"status": "affected",
"version": "7.3(5)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(2a)"
},
{
"status": "affected",
"version": "7.3(2)N1(1b)"
},
{
"status": "affected",
"version": "6.2(27)"
},
{
"status": "affected",
"version": "7.3(2)D1(3a)"
},
{
"status": "affected",
"version": "7.3(1)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(7)"
},
{
"status": "affected",
"version": "9.2(4)"
},
{
"status": "affected",
"version": "7.1(4)N1(1a)"
},
{
"status": "affected",
"version": "7.1(3)N1(4)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2a)"
},
{
"status": "affected",
"version": "6.2(8b)"
},
{
"status": "affected",
"version": "6.0(2)A8(10)"
},
{
"status": "affected",
"version": "7.1(3)N1(2)"
},
{
"status": "affected",
"version": "6.2(13)"
},
{
"status": "affected",
"version": "6.0(2)A8(2)"
},
{
"status": "affected",
"version": "7.0(3)IC4(4)"
},
{
"status": "affected",
"version": "6.2(1)"
},
{
"status": "affected",
"version": "7.3(4)N1(1a)"
},
{
"status": "affected",
"version": "8.1(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(5b)"
},
{
"status": "affected",
"version": "7.0(3)F3(3c)"
},
{
"status": "affected",
"version": "7.3(3)D1(1)"
},
{
"status": "affected",
"version": "7.0(3)F3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(5)"
},
{
"status": "affected",
"version": "7.1(2)N1(1)"
},
{
"status": "affected",
"version": "7.1(3)N1(3)"
},
{
"status": "affected",
"version": "8.2(3)"
},
{
"status": "affected",
"version": "6.0(2)A6(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(2)"
},
{
"status": "affected",
"version": "6.2(5a)"
},
{
"status": "affected",
"version": "6.2(18)"
},
{
"status": "affected",
"version": "6.0(2)A6(5)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2b)"
},
{
"status": "affected",
"version": "7.1(3)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(4a)"
},
{
"status": "affected",
"version": "7.0(3)I5(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(3)"
},
{
"status": "affected",
"version": "6.0(2)A8(6)"
},
{
"status": "affected",
"version": "7.0(3)I6(2)"
},
{
"status": "affected",
"version": "8.3(1)"
},
{
"status": "affected",
"version": "6.2(3)"
},
{
"status": "affected",
"version": "6.2(22)"
},
{
"status": "affected",
"version": "7.1(1)N1(1)"
},
{
"status": "affected",
"version": "8.4(1)"
},
{
"status": "affected",
"version": "8.1(1b)"
},
{
"status": "affected",
"version": "7.3(0)N1(1b)"
},
{
"status": "affected",
"version": "7.2(2)D1(4)"
},
{
"status": "affected",
"version": "6.0(2)A8(5)"
},
{
"status": "affected",
"version": "7.3(0)DX(1)"
},
{
"status": "affected",
"version": "7.1(4)N1(1d)"
},
{
"status": "affected",
"version": "7.3(2)D1(1)"
},
{
"status": "affected",
"version": "7.3(2)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(8)"
},
{
"status": "affected",
"version": "7.1(1)N1(1a)"
},
{
"status": "affected",
"version": "7.0(3)IM3(3)"
},
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(2)"
},
{
"status": "affected",
"version": "6.2(9b)"
},
{
"status": "affected",
"version": "7.1(3)N1(2a)"
},
{
"status": "affected",
"version": "7.3(0)N1(1a)"
},
{
"status": "affected",
"version": "6.0(2)A8(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(6)"
},
{
"status": "affected",
"version": "7.3(2)D1(2)"
},
{
"status": "affected",
"version": "6.2(25)"
},
{
"status": "affected",
"version": "6.0(2)U6(3a)"
},
{
"status": "affected",
"version": "8.0(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(11a)"
},
{
"status": "affected",
"version": "6.2(11e)"
},
{
"status": "affected",
"version": "7.1(3)N1(5)"
},
{
"status": "affected",
"version": "7.0(3)I4(8z)"
},
{
"status": "affected",
"version": "6.2(11)"
},
{
"status": "affected",
"version": "7.0(3)I4(9)"
},
{
"status": "affected",
"version": "6.2(16)"
},
{
"status": "affected",
"version": "6.2(19)"
},
{
"status": "affected",
"version": "8.2(4)"
},
{
"status": "affected",
"version": "6.2(2a)"
},
{
"status": "affected",
"version": "7.2(2)D1(3)"
},
{
"status": "affected",
"version": "7.1(0)N1(1b)"
},
{
"status": "affected",
"version": "7.0(3)I7(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(7)"
},
{
"status": "affected",
"version": "6.2(5b)"
},
{
"status": "affected",
"version": "7.3(0)DY(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(9)"
},
{
"status": "affected",
"version": "6.0(2)A8(1)"
},
{
"status": "affected",
"version": "7.1(5)N1(1)"
},
{
"status": "affected",
"version": "7.2(1)D1(1)"
},
{
"status": "affected",
"version": "6.2(15)"
},
{
"status": "affected",
"version": "6.0(2)A6(6)"
},
{
"status": "affected",
"version": "6.0(2)A8(10a)"
},
{
"status": "affected",
"version": "7.0(3)I5(1)"
},
{
"status": "affected",
"version": "9.3(1z)"
},
{
"status": "affected",
"version": "9.2(2)"
},
{
"status": "affected",
"version": "6.2(7)"
},
{
"status": "affected",
"version": "6.2(9c)"
},
{
"status": "affected",
"version": "7.0(3)F3(4)"
},
{
"status": "affected",
"version": "7.3(3)N1(1)"
},
{
"status": "affected",
"version": "6.2(6b)"
},
{
"status": "affected",
"version": "7.0(3)I4(8b)"
},
{
"status": "affected",
"version": "8.1(2a)"
},
{
"status": "affected",
"version": "7.3(2)D1(3)"
},
{
"status": "affected",
"version": "6.2(8)"
},
{
"status": "affected",
"version": "6.0(2)A8(3)"
},
{
"status": "affected",
"version": "6.2(11b)"
},
{
"status": "affected",
"version": "7.0(3)I4(6t)"
},
{
"status": "affected",
"version": "7.0(3)I5(3a)"
},
{
"status": "affected",
"version": "8.1(1a)"
},
{
"status": "affected",
"version": "6.2(13a)"
},
{
"status": "affected",
"version": "6.0(2)A8(8)"
},
{
"status": "affected",
"version": "7.0(3)I7(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(3a)"
},
{
"status": "affected",
"version": "7.1(0)N1(1a)"
},
{
"status": "affected",
"version": "6.0(2)A8(4)"
},
{
"status": "affected",
"version": "6.0(2)A6(3a)"
},
{
"status": "affected",
"version": "6.0(2)A6(5a)"
},
{
"status": "affected",
"version": "7.0(3)F2(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8a)"
},
{
"status": "affected",
"version": "6.0(2)U6(9)"
},
{
"status": "affected",
"version": "7.0(3)F3(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(2a)"
},
{
"status": "affected",
"version": "6.2(12)"
},
{
"status": "affected",
"version": "6.2(17)"
},
{
"status": "affected",
"version": "7.0(3)I4(4)"
},
{
"status": "affected",
"version": "6.2(23)"
},
{
"status": "affected",
"version": "6.2(13b)"
},
{
"status": "affected",
"version": "6.0(2)U6(3)"
},
{
"status": "affected",
"version": "6.2(10)"
},
{
"status": "affected",
"version": "6.2(6a)"
},
{
"status": "affected",
"version": "6.2(6)"
},
{
"status": "affected",
"version": "7.1(2)N1(1a)"
},
{
"status": "affected",
"version": "6.2(14)"
},
{
"status": "affected",
"version": "7.0(3)I7(1)"
},
{
"status": "affected",
"version": "6.2(14b)"
},
{
"status": "affected",
"version": "6.2(21)"
},
{
"status": "affected",
"version": "7.2(2)D1(1)"
},
{
"status": "affected",
"version": "7.0(3)F2(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7b)"
},
{
"status": "affected",
"version": "6.2(8a)"
},
{
"status": "affected",
"version": "6.2(11c)"
},
{
"status": "affected",
"version": "7.0(3)F1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(1a)"
},
{
"status": "affected",
"version": "7.1(0)N1(1)"
},
{
"status": "affected",
"version": "7.2(0)D1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(2)"
},
{
"status": "affected",
"version": "7.1(4)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(4a)"
},
{
"status": "affected",
"version": "6.2(20a)"
},
{
"status": "affected",
"version": "6.0(2)U6(4)"
},
{
"status": "affected",
"version": "8.4(1a)"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "7.3(2)D1(1d)"
},
{
"status": "affected",
"version": "7.3(7)N1(1)"
},
{
"status": "affected",
"version": "6.2(24)"
},
{
"status": "affected",
"version": "6.2(31)"
},
{
"status": "affected",
"version": "7.0(3)I7(8)"
},
{
"status": "affected",
"version": "6.0(2)U6(10a)"
},
{
"status": "affected",
"version": "7.3(7)N1(1a)"
},
{
"status": "affected",
"version": "9.3(4)"
},
{
"status": "affected",
"version": "7.3(6)D1(1)"
},
{
"status": "affected",
"version": "6.2(26)"
},
{
"status": "affected",
"version": "8.2(6)"
},
{
"status": "affected",
"version": "6.2(33)"
},
{
"status": "affected",
"version": "9.3(5)"
},
{
"status": "affected",
"version": "8.4(2a)"
},
{
"status": "affected",
"version": "8.4(2b)"
},
{
"status": "affected",
"version": "7.3(8)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I7(9)"
},
{
"status": "affected",
"version": "7.3(7)N1(1b)"
},
{
"status": "affected",
"version": "6.2(24a)"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "9.3(6)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "8.4(4)"
},
{
"status": "affected",
"version": "7.3(7)D1(1)"
},
{
"status": "affected",
"version": "8.4(2c)"
},
{
"status": "affected",
"version": "9.3(5w)"
},
{
"status": "affected",
"version": "8.2(7)"
},
{
"status": "affected",
"version": "7.3(9)N1(1)"
},
{
"status": "affected",
"version": "9.3(7)"
},
{
"status": "affected",
"version": "9.3(7k)"
},
{
"status": "affected",
"version": "7.0(3)I7(9w)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "7.3(8)N1(1a)"
},
{
"status": "affected",
"version": "7.3(8)D1(1)"
},
{
"status": "affected",
"version": "9.3(7a)"
},
{
"status": "affected",
"version": "8.2(7a)"
},
{
"status": "affected",
"version": "9.3(8)"
},
{
"status": "affected",
"version": "8.4(4a)"
},
{
"status": "affected",
"version": "8.4(2d)"
},
{
"status": "affected",
"version": "7.3(10)N1(1)"
},
{
"status": "affected",
"version": "8.4(5)"
},
{
"status": "affected",
"version": "7.0(3)I7(10)"
},
{
"status": "affected",
"version": "7.3(8)N1(1b)"
},
{
"status": "affected",
"version": "8.2(8)"
},
{
"status": "affected",
"version": "10.2(1q)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "9.3(9)"
},
{
"status": "affected",
"version": "10.1(2t)"
},
{
"status": "affected",
"version": "7.3(9)D1(1)"
},
{
"status": "affected",
"version": "7.3(11)N1(1)"
},
{
"status": "affected",
"version": "10.2(3)"
},
{
"status": "affected",
"version": "8.4(6)"
},
{
"status": "affected",
"version": "10.2(3t)"
},
{
"status": "affected",
"version": "8.4(2e)"
},
{
"status": "affected",
"version": "9.3(10)"
},
{
"status": "affected",
"version": "7.3(11)N1(1a)"
},
{
"status": "affected",
"version": "10.2(2a)"
},
{
"status": "affected",
"version": "7.3(12)N1(1)"
},
{
"status": "affected",
"version": "9.2(1a)"
},
{
"status": "affected",
"version": "8.2(9)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.2(4)"
},
{
"status": "affected",
"version": "7.3(13)N1(1)"
},
{
"status": "affected",
"version": "8.4(7)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "8.4(6a)"
},
{
"status": "affected",
"version": "9.3(11)"
},
{
"status": "affected",
"version": "10.3(3)"
},
{
"status": "affected",
"version": "10.2(5)"
},
{
"status": "affected",
"version": "9.4(1)"
},
{
"status": "affected",
"version": "9.3(2a)"
},
{
"status": "affected",
"version": "8.4(2f)"
},
{
"status": "affected",
"version": "8.2(10)"
},
{
"status": "affected",
"version": "9.3(12)"
},
{
"status": "affected",
"version": "10.2(3v)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "8.4(8)"
},
{
"status": "affected",
"version": "10.3(99w)"
},
{
"status": "affected",
"version": "7.3(14)N1(1)"
},
{
"status": "affected",
"version": "10.2(6)"
},
{
"status": "affected",
"version": "10.3(3w)"
},
{
"status": "affected",
"version": "10.3(99x)"
},
{
"status": "affected",
"version": "10.3(3o)"
},
{
"status": "affected",
"version": "8.4(9)"
},
{
"status": "affected",
"version": "10.3(4)"
},
{
"status": "affected",
"version": "10.3(3p)"
},
{
"status": "affected",
"version": "10.3(4a)"
},
{
"status": "affected",
"version": "9.4(1a)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "10.3(3q)"
},
{
"status": "affected",
"version": "9.3(13)"
},
{
"status": "affected",
"version": "8.2(11)"
},
{
"status": "affected",
"version": "10.3(5)"
},
{
"status": "affected",
"version": "10.2(7)"
},
{
"status": "affected",
"version": "10.4(3)"
},
{
"status": "affected",
"version": "10.3(3x)"
},
{
"status": "affected",
"version": "10.3(4g)"
},
{
"status": "affected",
"version": "10.3(3r)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.\u0026nbsp;\r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "Protection Mechanism Failure",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:37:35.281Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nxos-psbe-ce-YvbTn5du",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du"
},
{
"name": "Cisco NX-OS Security with Python",
"url": "https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410"
}
],
"source": {
"advisory": "cisco-sa-nxos-psbe-ce-YvbTn5du",
"defects": [
"CSCwh77779"
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Python Parser Escape Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20284",
"datePublished": "2024-08-28T16:37:35.281Z",
"dateReserved": "2023-11-08T15:08:07.626Z",
"dateUpdated": "2024-08-28T17:19:17.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3120
Vulnerability from cvelistv5
Published
2020-02-05 17:50
Modified
2024-11-15 17:42
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos | vendor-advisory, x_refsource_CISCO | |
| http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco IOS XR Software |
Version: unspecified < 2.3.1.173 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:24:00.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3120",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:29:31.395421Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:42:14.893Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XR Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "2.3.1.173",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about the vulnerability that is described in this advisory. Cisco PSIRT is not aware of any malicious use of this vulnerability."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-05T18:06:04",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
}
],
"source": {
"advisory": "cisco-sa-20200205-fxnxos-iosxr-cdp-dos",
"defect": [
[
"CSCvr14976",
"CSCvr15024",
"CSCvr15072",
"CSCvr15073",
"CSCvr15078",
"CSCvr15079",
"CSCvr15082",
"CSCvr15083",
"CSCvr15111"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-02-05T16:00:00-0800",
"ID": "CVE-2020-3120",
"STATE": "PUBLIC",
"TITLE": "Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XR Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "2.3.1.173"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about the vulnerability that is described in this advisory. Cisco PSIRT is not aware of any malicious use of this vulnerability."
}
],
"impact": {
"cvss": {
"baseScore": "7.4",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos"
},
{
"name": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
}
]
},
"source": {
"advisory": "cisco-sa-20200205-fxnxos-iosxr-cdp-dos",
"defect": [
[
"CSCvr14976",
"CSCvr15024",
"CSCvr15072",
"CSCvr15073",
"CSCvr15078",
"CSCvr15079",
"CSCvr15082",
"CSCvr15083",
"CSCvr15111"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3120",
"datePublished": "2020-02-05T17:50:18.427416Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:42:14.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44487
Vulnerability from cvelistv5
Published
2023-10-10 00:00
Modified
2024-08-19 07:48
Severity ?
EPSS score ?
Summary
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "http",
"vendor": "ietf",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-44487",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-23T20:34:21.334116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-44487"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T20:35:03.253Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-19T07:48:04.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"tags": [
"x_transferred"
],
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"tags": [
"x_transferred"
],
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"tags": [
"x_transferred"
],
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/golang/go/issues/63417"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"tags": [
"x_transferred"
],
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"tags": [
"x_transferred"
],
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"tags": [
"x_transferred"
],
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/line/armeria/pull/5232"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T19:08:34.967324",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"url": "https://github.com/golang/go/issues/63417"
},
{
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"url": "https://github.com/line/armeria/pull/5232"
},
{
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-44487",
"datePublished": "2023-10-10T00:00:00",
"dateReserved": "2023-09-29T00:00:00",
"dateUpdated": "2024-08-19T07:48:04.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4232
Vulnerability from cvelistv5
Published
2015-07-03 10:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39569 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1032764 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75503 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:11:12.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150630 Cisco Nexus Devices NX-OS Software Command-Line Interpreter Local Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39569"
},
{
"name": "1032764",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032764"
},
{
"name": "75503",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75503"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150630 Cisco Nexus Devices NX-OS Software Command-Line Interpreter Local Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39569"
},
{
"name": "1032764",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032764"
},
{
"name": "75503",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75503"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150630 Cisco Nexus Devices NX-OS Software Command-Line Interpreter Local Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39569"
},
{
"name": "1032764",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032764"
},
{
"name": "75503",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75503"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-4232",
"datePublished": "2015-07-03T10:00:00",
"dateReserved": "2015-06-04T00:00:00",
"dateUpdated": "2024-08-06T06:11:12.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1590
Vulnerability from cvelistv5
Published
2021-08-25 19:11
Modified
2024-11-07 22:02
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service (DoS) condition. This vulnerability is due to a logic error in the implementation of the system login block-for command when an attack is detected and acted upon. An attacker could exploit this vulnerability by performing a brute-force login attack on an affected device. A successful exploit could allow the attacker to cause a login process to reload, which could result in a delay during authentication to the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-login-blockfor-RwjGVEcu | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210825 Cisco NX-OS Software system login block-for Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-login-blockfor-RwjGVEcu"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1590",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:54:24.586511Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:02:13.143Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service (DoS) condition. This vulnerability is due to a logic error in the implementation of the system login block-for command when an attack is detected and acted upon. An attacker could exploit this vulnerability by performing a brute-force login attack on an affected device. A successful exploit could allow the attacker to cause a login process to reload, which could result in a delay during authentication to the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-25T19:11:18",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210825 Cisco NX-OS Software system login block-for Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-login-blockfor-RwjGVEcu"
}
],
"source": {
"advisory": "cisco-sa-nxos-login-blockfor-RwjGVEcu",
"defect": [
[
"CSCuz49095",
"CSCvw45963",
"CSCvx74585"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software system login block-for Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-08-25T16:00:00",
"ID": "CVE-2021-1590",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software system login block-for Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service (DoS) condition. This vulnerability is due to a logic error in the implementation of the system login block-for command when an attack is detected and acted upon. An attacker could exploit this vulnerability by performing a brute-force login attack on an affected device. A successful exploit could allow the attacker to cause a login process to reload, which could result in a delay during authentication to the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210825 Cisco NX-OS Software system login block-for Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-login-blockfor-RwjGVEcu"
}
]
},
"source": {
"advisory": "cisco-sa-nxos-login-blockfor-RwjGVEcu",
"defect": [
[
"CSCuz49095",
"CSCvw45963",
"CSCvx74585"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1590",
"datePublished": "2021-08-25T19:11:18.814603Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:02:13.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34714
Vulnerability from cvelistv5
Published
2021-09-23 02:25
Modified
2024-11-07 21:59
Severity ?
EPSS score ?
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210922 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34714",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:40:36.961651Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:59:09.403Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T02:25:58",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210922 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ"
}
],
"source": {
"advisory": "cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ",
"defect": [
[
"CSCvw22670",
"CSCvw26126",
"CSCvw26127",
"CSCvw26129",
"CSCvw26130",
"CSCvw26152",
"CSCvw46194",
"CSCvw46239"
]
],
"discovery": "INTERNAL"
},
"title": "Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-09-22T16:00:00",
"ID": "CVE-2021-34714",
"STATE": "PUBLIC",
"TITLE": "Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.4",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210922 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ"
}
]
},
"source": {
"advisory": "cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ",
"defect": [
[
"CSCvw22670",
"CSCvw26126",
"CSCvw26127",
"CSCvw26129",
"CSCvw26130",
"CSCvw26152",
"CSCvw46194",
"CSCvw46239"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34714",
"datePublished": "2021-09-23T02:25:58.322621Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:59:09.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-0721
Vulnerability from cvelistv5
Published
2016-10-06 10:00
Modified
2024-08-06 04:17
Severity ?
EPSS score ?
Summary
Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/93410 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1036947 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:17:32.743Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93410",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93410"
},
{
"name": "20161005 Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa"
},
{
"name": "1036947",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036947"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "93410",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93410"
},
{
"name": "20161005 Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa"
},
{
"name": "1036947",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036947"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0721",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93410",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93410"
},
{
"name": "20161005 Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa"
},
{
"name": "1036947",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036947"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-0721",
"datePublished": "2016-10-06T10:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:17:32.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3454
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:10
Severity ?
EPSS score ?
Summary
A vulnerability in the Call Home feature of Cisco NX-OS Software could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of specific Call Home configuration parameters when the software is configured for transport method HTTP. An attacker could exploit this vulnerability by modifying parameters within the Call Home configuration on an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying OS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-callhome-cmdinj-zkxzSCY | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software 5.0(1a) |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.101Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200826 Cisco NX-OS Software Call Home Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-callhome-cmdinj-zkxzSCY"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3454",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:18:16.027701Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:10:22.655Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software 5.0(1a)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Call Home feature of Cisco NX-OS Software could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of specific Call Home configuration parameters when the software is configured for transport method HTTP. An attacker could exploit this vulnerability by modifying parameters within the Call Home configuration on an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying OS."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-27T15:40:17",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200826 Cisco NX-OS Software Call Home Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-callhome-cmdinj-zkxzSCY"
}
],
"source": {
"advisory": "cisco-sa-callhome-cmdinj-zkxzSCY",
"defect": [
[
"CSCve15011",
"CSCvg11715",
"CSCvg11732",
"CSCvg11752",
"CSCvh85161"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Call Home Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-08-26T16:00:00",
"ID": "CVE-2020-3454",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Call Home Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software 5.0(1a)",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Call Home feature of Cisco NX-OS Software could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of specific Call Home configuration parameters when the software is configured for transport method HTTP. An attacker could exploit this vulnerability by modifying parameters within the Call Home configuration on an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying OS."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.2",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200826 Cisco NX-OS Software Call Home Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-callhome-cmdinj-zkxzSCY"
}
]
},
"source": {
"advisory": "cisco-sa-callhome-cmdinj-zkxzSCY",
"defect": [
[
"CSCve15011",
"CSCvg11715",
"CSCvg11732",
"CSCvg11752",
"CSCvh85161"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3454",
"datePublished": "2020-08-27T15:40:17.920177Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:10:22.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0303
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:58
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco FXOS and NX-OS unknown |
Version: Cisco FXOS and NX-OS unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.585Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0303",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:42:07.087359Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T14:58:54.149Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco FXOS and NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco FXOS and NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0303",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco FXOS and NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco FXOS and NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0303",
"datePublished": "2018-06-21T11:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T14:58:54.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1969
Vulnerability from cvelistv5
Published
2019-08-29 21:50
Modified
2024-11-19 18:57
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 9.2(3) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:35:52.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190828 Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1969",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:23:17.371897Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T18:57:58.916Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "9.2(3)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-29T21:50:19",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190828 Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass"
}
],
"source": {
"advisory": "cisco-sa-20190828-nxos-snmp-bypass",
"defect": [
[
"CSCvo17439"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-08-28T16:00:00-0700",
"ID": "CVE-2019-1969",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.2(3)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190828 Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass"
}
]
},
"source": {
"advisory": "cisco-sa-20190828-nxos-snmp-bypass",
"defect": [
[
"CSCvo17439"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1969",
"datePublished": "2019-08-29T21:50:19.965411Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T18:57:58.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20089
Vulnerability from cvelistv5
Published
2023-02-23 00:00
Modified
2024-10-25 16:03
Severity ?
EPSS score ?
Summary
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This vulnerability is due to incorrect error checking when parsing ingress LLDP packets. An attacker could exploit this vulnerability by sending a steady stream of crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause a memory leak, which could result in a denial of service (DoS) condition when the device unexpectedly reloads. Note: This vulnerability cannot be exploited by transit traffic through the device. The crafted LLDP packet must be targeted to a directly connected interface, and the attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). In addition, the attack surface for this vulnerability can be reduced by disabling LLDP on interfaces where it is not required.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS System Software in ACI Mode |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230222 Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20089",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T14:36:32.500030Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T16:03:47.738Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS System Software in ACI Mode ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-02-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This vulnerability is due to incorrect error checking when parsing ingress LLDP packets. An attacker could exploit this vulnerability by sending a steady stream of crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause a memory leak, which could result in a denial of service (DoS) condition when the device unexpectedly reloads. Note: This vulnerability cannot be exploited by transit traffic through the device. The crafted LLDP packet must be targeted to a directly connected interface, and the attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). In addition, the attack surface for this vulnerability can be reduced by disabling LLDP on interfaces where it is not required."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-789",
"description": "CWE-789",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-23T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230222 Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX"
}
],
"source": {
"advisory": "cisco-sa-aci-lldp-dos-ySCNZOpX",
"defect": [
[
"CSCwc23246"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20089",
"datePublished": "2023-02-23T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-25T16:03:47.738Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3119
Vulnerability from cvelistv5
Published
2020-02-05 17:45
Modified
2024-11-15 17:42
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce | vendor-advisory, x_refsource_CISCO | |
| http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Unified Computing System (Managed) |
Version: unspecified < 9.3(2) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:24:00.514Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200205 Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3119",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:25:08.322696Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:42:33.555Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Computing System (Managed)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "9.3(2)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-05T18:06:05",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200205 Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
}
],
"source": {
"advisory": "cisco-sa-20200205-nxos-cdp-rce",
"defect": [
[
"CSCvr09175",
"CSCvr09531",
"CSCvr09539",
"CSCvr09544",
"CSCvr09555"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-02-05T16:00:00-0800",
"ID": "CVE-2020-3119",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Unified Computing System (Managed)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.3(2)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.8",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200205 Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce"
},
{
"name": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
}
]
},
"source": {
"advisory": "cisco-sa-20200205-nxos-cdp-rce",
"defect": [
[
"CSCvr09175",
"CSCvr09531",
"CSCvr09539",
"CSCvr09544",
"CSCvr09555"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3119",
"datePublished": "2020-02-05T17:45:15.813799Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:42:33.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3174
Vulnerability from cvelistv5
Published
2020-02-26 16:50
Modified
2024-11-15 17:38
Severity ?
EPSS score ?
Summary
A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. A successful exploit could allow the attacker to populate the ARP table with incorrect entries, which could lead to traffic disruptions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-arp | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software 7.3(2)D1(1d) |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:24:00.688Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200226 Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-arp"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3174",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:29:17.520901Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:38:37.605Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software 7.3(2)D1(1d)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-02-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. A successful exploit could allow the attacker to populate the ARP table with incorrect entries, which could lead to traffic disruptions."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-26T16:50:29",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200226 Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-arp"
}
],
"source": {
"advisory": "cisco-sa-20200226-nxos-arp",
"defect": [
[
"CSCvq48220"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-02-26T16:00:00-0800",
"ID": "CVE-2020-3174",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software 7.3(2)D1(1d)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. A successful exploit could allow the attacker to populate the ARP table with incorrect entries, which could lead to traffic disruptions."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.7",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-345"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200226 Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-arp"
}
]
},
"source": {
"advisory": "cisco-sa-20200226-nxos-arp",
"defect": [
[
"CSCvq48220"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3174",
"datePublished": "2020-02-26T16:50:29.751893Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:38:37.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-0775
Vulnerability from cvelistv5
Published
2015-06-12 14:00
Modified
2024-08-06 04:26
Severity ?
EPSS score ?
Summary
The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032561 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1032562 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39280 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:09.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032561"
},
{
"name": "1032562",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032562"
},
{
"name": "20150610 Cisco Nexus and Cisco Multilayer Director Switches MOTD Telnet Login Reset Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39280"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1032561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032561"
},
{
"name": "1032562",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032562"
},
{
"name": "20150610 Cisco Nexus and Cisco Multilayer Director Switches MOTD Telnet Login Reset Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39280"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0775",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032561",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032561"
},
{
"name": "1032562",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032562"
},
{
"name": "20150610 Cisco Nexus and Cisco Multilayer Director Switches MOTD Telnet Login Reset Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39280"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-0775",
"datePublished": "2015-06-12T14:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:26:09.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1584
Vulnerability from cvelistv5
Published
2021-08-25 19:10
Modified
2024-11-07 22:02
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient restrictions during the execution of a specific CLI command. An attacker with administrative privileges could exploit this vulnerability by performing a command injection attack on the vulnerable command. A successful exploit could allow the attacker to access the underlying operating system as root.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-mdvul-vrKVgNU | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS System Software in ACI Mode |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-mdvul-vrKVgNU"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1584",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:43:19.684331Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:02:38.495Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS System Software in ACI Mode",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient restrictions during the execution of a specific CLI command. An attacker with administrative privileges could exploit this vulnerability by performing a command injection attack on the vulnerable command. A successful exploit could allow the attacker to access the underlying operating system as root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-25T19:10:53",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-mdvul-vrKVgNU"
}
],
"source": {
"advisory": "cisco-sa-naci-mdvul-vrKVgNU",
"defect": [
[
"CSCvy05012"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-08-25T16:00:00",
"ID": "CVE-2021-1584",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS System Software in ACI Mode",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient restrictions during the execution of a specific CLI command. An attacker with administrative privileges could exploit this vulnerability by performing a command injection attack on the vulnerable command. A successful exploit could allow the attacker to access the underlying operating system as root."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.0",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-mdvul-vrKVgNU"
}
]
},
"source": {
"advisory": "cisco-sa-naci-mdvul-vrKVgNU",
"defect": [
[
"CSCvy05012"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1584",
"datePublished": "2021-08-25T19:10:53.827427Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:02:38.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3504
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:10
Severity ?
EPSS score ?
Summary
A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Unified Computing System (Managed) |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200826 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3504",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:24:18.362716Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:10:32.493Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Computing System (Managed)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-664",
"description": "CWE-664",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-27T15:40:13",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200826 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe"
}
],
"source": {
"advisory": "cisco-sa-ucs-cli-dos-GQUxCnTe",
"defect": [
[
"CSCvr91760"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-08-26T16:00:00",
"ID": "CVE-2020-3504",
"STATE": "PUBLIC",
"TITLE": "Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Unified Computing System (Managed)",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "3.3",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-664"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200826 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe"
}
]
},
"source": {
"advisory": "cisco-sa-ucs-cli-dos-GQUxCnTe",
"defect": [
[
"CSCvr91760"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3504",
"datePublished": "2020-08-27T15:40:13.292875Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:10:32.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20115
Vulnerability from cvelistv5
Published
2023-08-23 18:20
Modified
2024-10-02 18:56
Severity ?
EPSS score ?
Summary
A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device.
This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user.
There are workarounds that address this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: 9.2(1) Version: 9.2(2) Version: 9.2(2t) Version: 9.2(3) Version: 9.2(4) Version: 9.2(2v) Version: 9.3(1) Version: 9.3(2) Version: 9.3(3) Version: 9.3(4) Version: 9.3(5) Version: 9.3(6) Version: 9.3(7) Version: 9.3(7a) Version: 9.3(8) Version: 9.3(9) Version: 9.3(10) Version: 9.3(11) Version: 10.1(1) Version: 10.1(2) Version: 10.1(2t) Version: 10.2(1) Version: 10.2(1q) Version: 10.2(2) Version: 10.2(3) Version: 10.2(3t) Version: 10.2(4) Version: 10.2(5) Version: 10.3(1) Version: 10.3(2) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:36.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-nxos-sftp-xVAp5Hfd",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-sftp-xVAp5Hfd"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20115",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:56:28.348139Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T18:56:36.940Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.2(2)"
},
{
"status": "affected",
"version": "9.2(2t)"
},
{
"status": "affected",
"version": "9.2(3)"
},
{
"status": "affected",
"version": "9.2(4)"
},
{
"status": "affected",
"version": "9.2(2v)"
},
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "9.3(2)"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "9.3(4)"
},
{
"status": "affected",
"version": "9.3(5)"
},
{
"status": "affected",
"version": "9.3(6)"
},
{
"status": "affected",
"version": "9.3(7)"
},
{
"status": "affected",
"version": "9.3(7a)"
},
{
"status": "affected",
"version": "9.3(8)"
},
{
"status": "affected",
"version": "9.3(9)"
},
{
"status": "affected",
"version": "9.3(10)"
},
{
"status": "affected",
"version": "9.3(11)"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "10.1(2t)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "10.2(1q)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.2(3)"
},
{
"status": "affected",
"version": "10.2(3t)"
},
{
"status": "affected",
"version": "10.2(4)"
},
{
"status": "affected",
"version": "10.2(5)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device. \r\n\r This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user.\r\n\r There are workarounds that address this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-671",
"description": "Lack of Administrator Control over Security",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:46.171Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nxos-sftp-xVAp5Hfd",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-sftp-xVAp5Hfd"
}
],
"source": {
"advisory": "cisco-sa-nxos-sftp-xVAp5Hfd",
"defects": [
"CSCwe47138"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20115",
"datePublished": "2023-08-23T18:20:34.184Z",
"dateReserved": "2022-10-27T18:47:50.344Z",
"dateUpdated": "2024-10-02T18:56:36.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0313
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:57
Severity ?
EPSS score ?
Summary
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to send a malicious packet to the management interface on an affected system and execute a command-injection exploit. The vulnerability is due to incorrect input validation of user-supplied data to the NX-API subsystem. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet to the management interface of an affected system that has the NX-API feature enabled. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. Note: NX-API is disabled by default. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd47415, CSCve03216, CSCve03224, CSCve03234.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-api-execution | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco NX-OS unknown |
Version: Cisco NX-OS unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-api-execution"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0313",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:42:03.523217Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T14:57:16.648Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to send a malicious packet to the management interface on an affected system and execute a command-injection exploit. The vulnerability is due to incorrect input validation of user-supplied data to the NX-API subsystem. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet to the management interface of an affected system that has the NX-API feature enabled. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. Note: NX-API is disabled by default. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd47415, CSCve03216, CSCve03224, CSCve03234."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-api-execution"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0313",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to send a malicious packet to the management interface on an affected system and execute a command-injection exploit. The vulnerability is due to incorrect input validation of user-supplied data to the NX-API subsystem. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet to the management interface of an affected system that has the NX-API feature enabled. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. Note: NX-API is disabled by default. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd47415, CSCve03216, CSCve03224, CSCve03234."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-api-execution",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-api-execution"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0313",
"datePublished": "2018-06-21T11:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T14:57:16.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3517
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:09
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200826 Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3517",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:13:07.454503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:09:30.343Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-27T15:40:48",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200826 Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd"
}
],
"source": {
"advisory": "cisco-sa-fxos-nxos-cfs-dos-dAmnymbd",
"defect": [
[
"CSCvt39630",
"CSCvt46835",
"CSCvt46837",
"CSCvt46838",
"CSCvt46839",
"CSCvt46877"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-08-26T16:00:00",
"ID": "CVE-2020-3517",
"STATE": "PUBLIC",
"TITLE": "Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200826 Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd"
}
]
},
"source": {
"advisory": "cisco-sa-fxos-nxos-cfs-dos-dAmnymbd",
"defect": [
[
"CSCvt39630",
"CSCvt46835",
"CSCvt46837",
"CSCvt46838",
"CSCvt46839",
"CSCvt46877"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3517",
"datePublished": "2020-08-27T15:40:48.124786Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:09:30.343Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-0658
Vulnerability from cvelistv5
Published
2015-03-28 01:00
Modified
2024-08-06 04:17
Severity ?
EPSS score ?
Summary
The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1031992 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=38062 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:17:32.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1031992",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031992"
},
{
"name": "20150327 Cisco NX-OS Software DHCP Options Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38062"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-31T13:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1031992",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031992"
},
{
"name": "20150327 Cisco NX-OS Software DHCP Options Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38062"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1031992",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031992"
},
{
"name": "20150327 Cisco NX-OS Software DHCP Options Command Injection Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38062"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-0658",
"datePublished": "2015-03-28T01:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:17:32.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1778
Vulnerability from cvelistv5
Published
2019-05-15 19:35
Modified
2024-11-20 17:21
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1778 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108362 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 7.0(3)I7(4) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1778)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1778"
},
{
"name": "108362",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108362"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1778",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:54:47.709639Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:21:05.402Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)I7(4)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-17T12:06:06",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1778)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1778"
},
{
"name": "108362",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108362"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1778",
"defect": [
[
"CSCvh75996",
"CSCvj03877"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1778",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I7(4)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1778)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1778"
},
{
"name": "108362",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108362"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1778",
"defect": [
[
"CSCvh75996",
"CSCvj03877"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1778",
"datePublished": "2019-05-15T19:35:18.903829Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:21:05.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1585
Vulnerability from cvelistv5
Published
2019-03-06 21:00
Modified
2024-11-20 17:27
Severity ?
EPSS score ?
Summary
A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers files for the bashroot component on an affected device. An attacker could exploit this vulnerability by authenticating to the affected device with a crafted user ID, which may allow temporary administrative access to escalate privileges. A successful exploit could allow the attacker to escalate privileges on an affected device. This Vulnerability has been fixed in version 4.0(1h)
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/107312 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode |
Version: unspecified < 4.0(1h) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.365Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190306 Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec"
},
{
"name": "107312",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107312"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1585",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:55:54.751170Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:27:32.056Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode",
"vendor": "Cisco",
"versions": [
{
"lessThan": "4.0(1h)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers files for the bashroot component on an affected device. An attacker could exploit this vulnerability by authenticating to the affected device with a crafted user ID, which may allow temporary administrative access to escalate privileges. A successful exploit could allow the attacker to escalate privileges on an affected device. This Vulnerability has been fixed in version 4.0(1h)"
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-16",
"description": "CWE-16",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-08T10:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190306 Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec"
},
{
"name": "107312",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107312"
}
],
"source": {
"advisory": "cisco-sa-20190306-aci-controller-privsec",
"defect": [
[
"CSCvn09838"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-06T16:00:00-0800",
"ID": "CVE-2019-1585",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "4.0(1h)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers files for the bashroot component on an affected device. An attacker could exploit this vulnerability by authenticating to the affected device with a crafted user ID, which may allow temporary administrative access to escalate privileges. A successful exploit could allow the attacker to escalate privileges on an affected device. This Vulnerability has been fixed in version 4.0(1h)"
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-16"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190306 Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec"
},
{
"name": "107312",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107312"
}
]
},
"source": {
"advisory": "cisco-sa-20190306-aci-controller-privsec",
"defect": [
[
"CSCvn09838"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1585",
"datePublished": "2019-03-06T21:00:00Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:27:32.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1780
Vulnerability from cvelistv5
Published
2019-05-16 17:00
Modified
2024-11-21 19:23
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108392 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.632Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1780)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780"
},
{
"name": "108392",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108392"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1780",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:58:18.043976Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:23:24.133Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-21T09:06:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1780)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780"
},
{
"name": "108392",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108392"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-fxos-cmdinj-1780",
"defect": [
[
"CSCvi01431",
"CSCvi01440",
"CSCvi92326",
"CSCvi92328",
"CSCvi92329",
"CSCvi92332"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco FXOS and NX-OS Software Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1780",
"STATE": "PUBLIC",
"TITLE": "Cisco FXOS and NX-OS Software Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.2",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1780)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780"
},
{
"name": "108392",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108392"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-fxos-cmdinj-1780",
"defect": [
[
"CSCvi01431",
"CSCvi01440",
"CSCvi92326",
"CSCvi92328",
"CSCvi92329",
"CSCvi92332"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1780",
"datePublished": "2019-05-16T17:00:17.177415Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:23:24.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1735
Vulnerability from cvelistv5
Published
2019-05-15 18:45
Modified
2024-11-21 19:30
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108365 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:41.976Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735"
},
{
"name": "108365",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108365"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1735",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:58:37.156646Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:30:32.359Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-17T12:06:06",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735"
},
{
"name": "108365",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108365"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1735",
"defect": [
[
"CSCvj63728",
"CSCvj63877",
"CSCvk52969",
"CSCvk52971",
"CSCvk52972",
"CSCvk52975",
"CSCvk52985",
"CSCvk52988"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1735",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.4",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735"
},
{
"name": "108365",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108365"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1735",
"defect": [
[
"CSCvj63728",
"CSCvj63877",
"CSCvk52969",
"CSCvk52971",
"CSCvk52972",
"CSCvk52975",
"CSCvk52985",
"CSCvk52988"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1735",
"datePublished": "2019-05-15T18:45:28.744805Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:30:32.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0306
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:58
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected device. Note: This vulnerability requires that any feature license is uploaded to the device. The vulnerability does not require that the license be used. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve51693, CSCve91634, CSCve91659, CSCve91663.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-execution | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco NX-OS unknown |
Version: Cisco NX-OS unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-execution"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0306",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:42:05.198993Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T14:58:22.394Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected device. Note: This vulnerability requires that any feature license is uploaded to the device. The vulnerability does not require that the license be used. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve51693, CSCve91634, CSCve91659, CSCve91663."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-execution"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0306",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected device. Note: This vulnerability requires that any feature license is uploaded to the device. The vulnerability does not require that the license be used. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve51693, CSCve91634, CSCve91659, CSCve91663."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-execution",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-execution"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0306",
"datePublished": "2018-06-21T11:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T14:58:22.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4225
Vulnerability from cvelistv5
Published
2015-06-27 10:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/75433 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39529 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1032735 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:11:11.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "75433",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75433"
},
{
"name": "20150626 Cisco Application Policy Infrastructure Controller Unauthorized Access Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39529"
},
{
"name": "1032735",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032735"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "75433",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75433"
},
{
"name": "20150626 Cisco Application Policy Infrastructure Controller Unauthorized Access Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39529"
},
{
"name": "1032735",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032735"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75433",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75433"
},
{
"name": "20150626 Cisco Application Policy Infrastructure Controller Unauthorized Access Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39529"
},
{
"name": "1032735",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032735"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-4225",
"datePublished": "2015-06-27T10:00:00",
"dateReserved": "2015-06-04T00:00:00",
"dateUpdated": "2024-08-06T06:11:11.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1387
Vulnerability from cvelistv5
Published
2021-02-24 19:30
Modified
2024-11-08 23:37
Severity ?
EPSS score ?
Summary
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because the software improperly releases resources when it processes certain IPv6 packets that are destined to an affected device. An attacker could exploit this vulnerability by sending multiple crafted IPv6 packets to an affected device. A successful exploit could cause the network stack to run out of available buffers, impairing operations of control plane and management plane protocols and resulting in a DoS condition. Manual intervention would be required to restore normal operations on the affected device. For more information about the impact of this vulnerability, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipv6-netstack-edXPGV7K | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:16.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210224 Cisco NX-OS Software IPv6 Netstack Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipv6-netstack-edXPGV7K"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1387",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:03:50.276109Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:37:33.797Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because the software improperly releases resources when it processes certain IPv6 packets that are destined to an affected device. An attacker could exploit this vulnerability by sending multiple crafted IPv6 packets to an affected device. A successful exploit could cause the network stack to run out of available buffers, impairing operations of control plane and management plane protocols and resulting in a DoS condition. Manual intervention would be required to restore normal operations on the affected device. For more information about the impact of this vulnerability, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-24T19:30:55",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210224 Cisco NX-OS Software IPv6 Netstack Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipv6-netstack-edXPGV7K"
}
],
"source": {
"advisory": "cisco-sa-nxos-ipv6-netstack-edXPGV7K",
"defect": [
[
"CSCvu11961",
"CSCvu77380"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software IPv6 Netstack Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-02-24T16:00:00",
"ID": "CVE-2021-1387",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software IPv6 Netstack Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because the software improperly releases resources when it processes certain IPv6 packets that are destined to an affected device. An attacker could exploit this vulnerability by sending multiple crafted IPv6 packets to an affected device. A successful exploit could cause the network stack to run out of available buffers, impairing operations of control plane and management plane protocols and resulting in a DoS condition. Manual intervention would be required to restore normal operations on the affected device. For more information about the impact of this vulnerability, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-401"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210224 Cisco NX-OS Software IPv6 Netstack Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipv6-netstack-edXPGV7K"
}
]
},
"source": {
"advisory": "cisco-sa-nxos-ipv6-netstack-edXPGV7K",
"defect": [
[
"CSCvu11961",
"CSCvu77380"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1387",
"datePublished": "2021-02-24T19:30:55.602269Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:37:33.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20823
Vulnerability from cvelistv5
Published
2022-08-25 18:40
Modified
2024-11-06 16:07
Severity ?
EPSS score ?
Summary
A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220824 Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T16:01:28.963453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:07:37.716Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-08-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-25T18:40:30",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220824 Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu"
}
],
"source": {
"advisory": "cisco-sa-nxos-ospfv3-dos-48qutcu",
"defect": [
[
"CSCvz68748",
"CSCwb50012",
"CSCwb50013",
"CSCwb50015"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-08-24T23:00:00",
"ID": "CVE-2022-20823",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-126"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220824 Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu"
}
]
},
"source": {
"advisory": "cisco-sa-nxos-ospfv3-dos-48qutcu",
"defect": [
[
"CSCvz68748",
"CSCwb50012",
"CSCwb50013",
"CSCwb50015"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20823",
"datePublished": "2022-08-25T18:40:30.942730Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:07:37.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1590
Vulnerability from cvelistv5
Published
2019-05-03 14:50
Modified
2024-11-20 17:24
Severity ?
EPSS score ?
Summary
A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an affected device. The vulnerability is due to insufficient TLS client certificate validations for certificates sent between the various components of an ACI fabric. An attacker who has possession of a certificate that is trusted by the Cisco Manufacturing CA and the corresponding private key could exploit this vulnerability by presenting a valid certificate while attempting to connect to the targeted device. An exploit could allow the attacker to gain full control of all other components within the ACI fabric of an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-insecure-fabric | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode |
Version: unspecified < 14.1(1i) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Insecure Fabric Authentication Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-insecure-fabric"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1590",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:55:19.439697Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:24:03.504Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode",
"vendor": "Cisco",
"versions": [
{
"lessThan": "14.1(1i)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an affected device. The vulnerability is due to insufficient TLS client certificate validations for certificates sent between the various components of an ACI fabric. An attacker who has possession of a certificate that is trusted by the Cisco Manufacturing CA and the corresponding private key could exploit this vulnerability by presenting a valid certificate while attempting to connect to the targeted device. An exploit could allow the attacker to gain full control of all other components within the ACI fabric of an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-03T14:50:24",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Insecure Fabric Authentication Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-insecure-fabric"
}
],
"source": {
"advisory": "cisco-sa-20190501-aci-insecure-fabric",
"defect": [
[
"CSCvn09791"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Insecure Fabric Authentication Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-01T16:00:00-0700",
"ID": "CVE-2019-1590",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Insecure Fabric Authentication Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "14.1(1i)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an affected device. The vulnerability is due to insufficient TLS client certificate validations for certificates sent between the various components of an ACI fabric. An attacker who has possession of a certificate that is trusted by the Cisco Manufacturing CA and the corresponding private key could exploit this vulnerability by presenting a valid certificate while attempting to connect to the targeted device. An exploit could allow the attacker to gain full control of all other components within the ACI fabric of an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.1",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Insecure Fabric Authentication Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-insecure-fabric"
}
]
},
"source": {
"advisory": "cisco-sa-20190501-aci-insecure-fabric",
"defect": [
[
"CSCvn09791"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1590",
"datePublished": "2019-05-03T14:50:24.377345Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:24:03.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1731
Vulnerability from cvelistv5
Published
2019-05-15 16:50
Modified
2024-11-21 19:30
Severity ?
EPSS score ?
Summary
A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108353 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:41.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software SSH Key Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info"
},
{
"name": "108353",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108353"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1731",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:58:39.840105Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:30:56.701Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user\u0027s private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user\u0027s private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-17T06:06:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software SSH Key Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info"
},
{
"name": "108353",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108353"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-ssh-info",
"defect": [
[
"CSCvh76123",
"CSCvj01385",
"CSCvj01386",
"CSCvj01393"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software SSH Key Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1731",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software SSH Key Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user\u0027s private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user\u0027s private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.1",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS Software SSH Key Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info"
},
{
"name": "108353",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108353"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-ssh-info",
"defect": [
[
"CSCvh76123",
"CSCvj01385",
"CSCvj01386",
"CSCvj01393"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1731",
"datePublished": "2019-05-15T16:50:36.106074Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:30:56.701Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-0686
Vulnerability from cvelistv5
Published
2015-04-03 01:00
Modified
2024-08-06 04:17
Severity ?
EPSS score ?
Summary
The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service (device reload) via unspecified vectors, aka Bug ID CSCuq92240.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=38193 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1032021 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:17:32.734Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150402 Cisco Nexus 9000 Series Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38193"
},
{
"name": "1032021",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service (device reload) via unspecified vectors, aka Bug ID CSCuq92240."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-08T17:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150402 Cisco Nexus 9000 Series Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38193"
},
{
"name": "1032021",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032021"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0686",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service (device reload) via unspecified vectors, aka Bug ID CSCuq92240."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150402 Cisco Nexus 9000 Series Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38193"
},
{
"name": "1032021",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032021"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-0686",
"datePublished": "2015-04-03T01:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:17:32.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1230
Vulnerability from cvelistv5
Published
2021-02-24 19:30
Modified
2024-11-08 23:39
Severity ?
EPSS score ?
Summary
A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS System Software in ACI Mode |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.062Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1230",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:03:51.718735Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:39:28.825Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS System Software in ACI Mode",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-233",
"description": "CWE-233",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-24T19:30:30",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK"
}
],
"source": {
"advisory": "cisco-sa-n9kaci-bgp-De9dPKSK",
"defect": [
[
"CSCvr59494"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-02-24T16:00:00",
"ID": "CVE-2021-1230",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS System Software in ACI Mode",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-233"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK"
}
]
},
"source": {
"advisory": "cisco-sa-n9kaci-bgp-De9dPKSK",
"defect": [
[
"CSCvr59494"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1230",
"datePublished": "2021-02-24T19:30:30.975897Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:39:28.825Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20286
Vulnerability from cvelistv5
Published
2024-08-28 16:37
Modified
2024-08-28 17:23
Severity ?
EPSS score ?
Summary
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.
The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: 8.2(5) Version: 7.3(5)D1(1) Version: 8.4(2) Version: 6.2(2) Version: 8.4(3) Version: 9.2(3) Version: 7.0(3)I5(2) Version: 8.2(1) Version: 6.0(2)A8(7a) Version: 7.0(3)I4(5) Version: 6.0(2)A6(1) Version: 7.3(1)D1(1) Version: 6.2(14a) Version: 7.0(3)I4(6) Version: 7.0(3)I4(3) Version: 9.2(2v) Version: 6.0(2)A6(5b) Version: 7.3(0)D1(1) Version: 6.2(17a) Version: 7.0(3)I4(7) Version: 6.0(2)U6(1a) Version: 7.0(3)I4(1) Version: 7.0(3)I4(8) Version: 7.0(3)I4(2) Version: 7.0(3)IM3(1) Version: 6.0(2)U6(5a) Version: 6.0(2)A8(11) Version: 6.0(2)A6(4a) Version: 6.2(9) Version: 6.2(5) Version: 7.3(4)D1(1) Version: 6.2(20) Version: 9.2(1) Version: 9.2(2t) Version: 9.2(3y) Version: 7.0(3)I4(1t) Version: 6.0(2)U6(5c) Version: 6.0(2)A6(4) Version: 7.0(3)I7(6z) Version: 9.3(2) Version: 7.3(1)DY(1) Version: 7.0(3)F3(3) Version: 6.0(2)U6(6) Version: 6.2(29) Version: 7.0(3)I7(3z) Version: 7.0(3)IM7(2) Version: 6.0(2)A8(11b) Version: 6.2(9a) Version: 7.0(3)I7(5a) Version: 6.2(11d) Version: 8.1(1) Version: 7.0(3)I6(1) Version: 6.0(2)U6(10) Version: 7.2(2)D1(2) Version: 7.0(3)IM3(2) Version: 6.0(2)A6(8) Version: 8.2(2) Version: 6.0(2)U6(1) Version: 7.0(3)I5(3b) Version: 8.3(2) Version: 6.0(2)A6(2a) Version: 6.2(27) Version: 7.3(2)D1(3a) Version: 6.0(2)U6(7) Version: 9.2(4) Version: 7.0(3)IM3(2a) Version: 6.2(8b) Version: 6.0(2)A8(10) Version: 6.2(13) Version: 6.0(2)A8(2) Version: 7.0(3)IC4(4) Version: 6.2(1) Version: 8.1(2) Version: 6.0(2)A6(3) Version: 6.0(2)U6(5b) Version: 7.0(3)F3(3c) Version: 7.3(3)D1(1) Version: 7.0(3)F3(1) Version: 6.0(2)U6(5) Version: 7.0(3)F3(5) Version: 8.2(3) Version: 6.0(2)A6(7) Version: 7.0(3)I7(2) Version: 6.2(5a) Version: 6.2(18) Version: 6.0(2)A6(5) Version: 7.0(3)IM3(2b) Version: 6.0(2)U6(4a) Version: 7.0(3)I5(3) Version: 7.0(3)I7(3) Version: 6.0(2)A8(6) Version: 7.0(3)I6(2) Version: 8.3(1) Version: 6.2(3) Version: 6.2(22) Version: 8.4(1) Version: 8.1(1b) Version: 7.2(2)D1(4) Version: 6.0(2)A8(5) Version: 7.3(0)DX(1) Version: 7.3(2)D1(1) Version: 6.0(2)U6(8) Version: 7.0(3)IM3(3) Version: 9.3(1) Version: 6.0(2)U6(2) Version: 6.2(9b) Version: 6.0(2)A8(7) Version: 7.0(3)I7(6) Version: 7.3(2)D1(2) Version: 6.2(25) Version: 6.0(2)U6(3a) Version: 8.0(1) Version: 6.0(2)A8(11a) Version: 6.2(11e) Version: 7.0(3)I4(8z) Version: 6.2(11) Version: 7.0(3)I4(9) Version: 6.2(16) Version: 6.2(19) Version: 8.2(4) Version: 6.2(2a) Version: 7.2(2)D1(3) Version: 7.0(3)I7(4) Version: 7.0(3)I7(7) Version: 6.2(5b) Version: 7.3(0)DY(1) Version: 6.0(2)A8(9) Version: 6.0(2)A8(1) Version: 7.2(1)D1(1) Version: 6.2(15) Version: 6.0(2)A6(6) Version: 6.0(2)A8(10a) Version: 7.0(3)I5(1) Version: 9.3(1z) Version: 9.2(2) Version: 6.2(7) Version: 6.2(9c) Version: 7.0(3)F3(4) Version: 6.2(6b) Version: 7.0(3)I4(8b) Version: 8.1(2a) Version: 7.3(2)D1(3) Version: 6.2(8) Version: 6.0(2)A8(3) Version: 6.2(11b) Version: 7.0(3)I4(6t) Version: 7.0(3)I5(3a) Version: 8.1(1a) Version: 6.2(13a) Version: 6.0(2)A8(8) Version: 7.0(3)I7(5) Version: 7.0(3)F3(3a) Version: 6.0(2)A8(4) Version: 6.0(2)A6(3a) Version: 6.0(2)A6(5a) Version: 7.0(3)F2(1) Version: 7.0(3)I4(8a) Version: 6.0(2)U6(9) Version: 7.0(3)F3(2) Version: 6.0(2)U6(2a) Version: 6.2(12) Version: 6.2(17) Version: 7.0(3)I4(4) Version: 6.2(23) Version: 6.2(13b) Version: 6.0(2)U6(3) Version: 6.2(10) Version: 6.2(6a) Version: 6.2(6) Version: 6.2(14) Version: 7.0(3)I7(1) Version: 6.2(14b) Version: 6.2(21) Version: 7.2(2)D1(1) Version: 7.0(3)F2(2) Version: 7.0(3)IA7(2) Version: 7.0(3)IA7(1) Version: 6.0(2)A8(7b) Version: 6.2(8a) Version: 6.2(11c) Version: 7.0(3)F1(1) Version: 6.0(2)A6(1a) Version: 7.2(0)D1(1) Version: 6.0(2)A6(2) Version: 6.0(2)A8(4a) Version: 6.2(20a) Version: 6.0(2)U6(4) Version: 8.4(1a) Version: 9.3(3) Version: 7.3(2)D1(1d) Version: 6.2(24) Version: 6.2(31) Version: 7.0(3)I7(8) Version: 6.0(2)U6(10a) Version: 9.3(4) Version: 7.3(6)D1(1) Version: 6.2(26) Version: 8.2(6) Version: 6.2(33) Version: 9.3(5) Version: 8.4(2a) Version: 8.4(2b) Version: 7.0(3)I7(9) Version: 6.2(24a) Version: 8.5(1) Version: 9.3(6) Version: 10.1(2) Version: 10.1(1) Version: 8.4(4) Version: 7.3(7)D1(1) Version: 8.4(2c) Version: 9.3(5w) Version: 8.2(7) Version: 9.3(7) Version: 9.3(7k) Version: 7.0(3)I7(9w) Version: 10.2(1) Version: 7.3(8)D1(1) Version: 9.3(7a) Version: 8.2(7a) Version: 9.3(8) Version: 8.4(4a) Version: 8.4(2d) Version: 8.4(5) Version: 7.0(3)I7(10) Version: 8.2(8) Version: 10.2(1q) Version: 10.2(2) Version: 9.3(9) Version: 10.1(2t) Version: 7.3(9)D1(1) Version: 10.2(3) Version: 8.4(6) Version: 10.2(3t) Version: 8.4(2e) Version: 9.3(10) Version: 10.2(2a) Version: 9.2(1a) Version: 8.2(9) Version: 10.3(1) Version: 10.2(4) Version: 8.4(7) Version: 10.3(2) Version: 8.4(6a) Version: 9.3(11) Version: 10.3(3) Version: 10.2(5) Version: 9.4(1) Version: 9.3(2a) Version: 8.4(2f) Version: 8.2(10) Version: 9.3(12) Version: 10.2(3v) Version: 10.4(1) Version: 8.4(8) Version: 10.3(99w) Version: 10.2(6) Version: 10.3(3w) Version: 10.3(99x) Version: 10.3(3o) Version: 8.4(9) Version: 10.3(4) Version: 10.3(3p) Version: 10.3(4a) Version: 9.4(1a) Version: 10.4(2) Version: 10.3(3q) Version: 9.3(13) Version: 10.2(7) Version: 10.3(3x) Version: 10.3(4g) Version: 10.3(3r) |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20286",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T17:23:47.624528Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:23:56.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.2(5)"
},
{
"status": "affected",
"version": "7.3(5)D1(1)"
},
{
"status": "affected",
"version": "8.4(2)"
},
{
"status": "affected",
"version": "6.2(2)"
},
{
"status": "affected",
"version": "8.4(3)"
},
{
"status": "affected",
"version": "9.2(3)"
},
{
"status": "affected",
"version": "7.0(3)I5(2)"
},
{
"status": "affected",
"version": "8.2(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7a)"
},
{
"status": "affected",
"version": "7.0(3)I4(5)"
},
{
"status": "affected",
"version": "6.0(2)A6(1)"
},
{
"status": "affected",
"version": "7.3(1)D1(1)"
},
{
"status": "affected",
"version": "6.2(14a)"
},
{
"status": "affected",
"version": "7.0(3)I4(6)"
},
{
"status": "affected",
"version": "7.0(3)I4(3)"
},
{
"status": "affected",
"version": "9.2(2v)"
},
{
"status": "affected",
"version": "6.0(2)A6(5b)"
},
{
"status": "affected",
"version": "7.3(0)D1(1)"
},
{
"status": "affected",
"version": "6.2(17a)"
},
{
"status": "affected",
"version": "7.0(3)I4(7)"
},
{
"status": "affected",
"version": "6.0(2)U6(1a)"
},
{
"status": "affected",
"version": "7.0(3)I4(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8)"
},
{
"status": "affected",
"version": "7.0(3)I4(2)"
},
{
"status": "affected",
"version": "7.0(3)IM3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5a)"
},
{
"status": "affected",
"version": "6.0(2)A8(11)"
},
{
"status": "affected",
"version": "6.0(2)A6(4a)"
},
{
"status": "affected",
"version": "6.2(9)"
},
{
"status": "affected",
"version": "6.2(5)"
},
{
"status": "affected",
"version": "7.3(4)D1(1)"
},
{
"status": "affected",
"version": "6.2(20)"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.2(2t)"
},
{
"status": "affected",
"version": "9.2(3y)"
},
{
"status": "affected",
"version": "7.0(3)I4(1t)"
},
{
"status": "affected",
"version": "6.0(2)U6(5c)"
},
{
"status": "affected",
"version": "6.0(2)A6(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(6z)"
},
{
"status": "affected",
"version": "9.3(2)"
},
{
"status": "affected",
"version": "7.3(1)DY(1)"
},
{
"status": "affected",
"version": "7.0(3)F3(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(6)"
},
{
"status": "affected",
"version": "6.2(29)"
},
{
"status": "affected",
"version": "7.0(3)I7(3z)"
},
{
"status": "affected",
"version": "7.0(3)IM7(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(11b)"
},
{
"status": "affected",
"version": "6.2(9a)"
},
{
"status": "affected",
"version": "7.0(3)I7(5a)"
},
{
"status": "affected",
"version": "6.2(11d)"
},
{
"status": "affected",
"version": "8.1(1)"
},
{
"status": "affected",
"version": "7.0(3)I6(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(10)"
},
{
"status": "affected",
"version": "7.2(2)D1(2)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(8)"
},
{
"status": "affected",
"version": "8.2(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(1)"
},
{
"status": "affected",
"version": "7.0(3)I5(3b)"
},
{
"status": "affected",
"version": "8.3(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(2a)"
},
{
"status": "affected",
"version": "6.2(27)"
},
{
"status": "affected",
"version": "7.3(2)D1(3a)"
},
{
"status": "affected",
"version": "6.0(2)U6(7)"
},
{
"status": "affected",
"version": "9.2(4)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2a)"
},
{
"status": "affected",
"version": "6.2(8b)"
},
{
"status": "affected",
"version": "6.0(2)A8(10)"
},
{
"status": "affected",
"version": "6.2(13)"
},
{
"status": "affected",
"version": "6.0(2)A8(2)"
},
{
"status": "affected",
"version": "7.0(3)IC4(4)"
},
{
"status": "affected",
"version": "6.2(1)"
},
{
"status": "affected",
"version": "8.1(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(5b)"
},
{
"status": "affected",
"version": "7.0(3)F3(3c)"
},
{
"status": "affected",
"version": "7.3(3)D1(1)"
},
{
"status": "affected",
"version": "7.0(3)F3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(5)"
},
{
"status": "affected",
"version": "8.2(3)"
},
{
"status": "affected",
"version": "6.0(2)A6(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(2)"
},
{
"status": "affected",
"version": "6.2(5a)"
},
{
"status": "affected",
"version": "6.2(18)"
},
{
"status": "affected",
"version": "6.0(2)A6(5)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2b)"
},
{
"status": "affected",
"version": "6.0(2)U6(4a)"
},
{
"status": "affected",
"version": "7.0(3)I5(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(3)"
},
{
"status": "affected",
"version": "6.0(2)A8(6)"
},
{
"status": "affected",
"version": "7.0(3)I6(2)"
},
{
"status": "affected",
"version": "8.3(1)"
},
{
"status": "affected",
"version": "6.2(3)"
},
{
"status": "affected",
"version": "6.2(22)"
},
{
"status": "affected",
"version": "8.4(1)"
},
{
"status": "affected",
"version": "8.1(1b)"
},
{
"status": "affected",
"version": "7.2(2)D1(4)"
},
{
"status": "affected",
"version": "6.0(2)A8(5)"
},
{
"status": "affected",
"version": "7.3(0)DX(1)"
},
{
"status": "affected",
"version": "7.3(2)D1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(8)"
},
{
"status": "affected",
"version": "7.0(3)IM3(3)"
},
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(2)"
},
{
"status": "affected",
"version": "6.2(9b)"
},
{
"status": "affected",
"version": "6.0(2)A8(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(6)"
},
{
"status": "affected",
"version": "7.3(2)D1(2)"
},
{
"status": "affected",
"version": "6.2(25)"
},
{
"status": "affected",
"version": "6.0(2)U6(3a)"
},
{
"status": "affected",
"version": "8.0(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(11a)"
},
{
"status": "affected",
"version": "6.2(11e)"
},
{
"status": "affected",
"version": "7.0(3)I4(8z)"
},
{
"status": "affected",
"version": "6.2(11)"
},
{
"status": "affected",
"version": "7.0(3)I4(9)"
},
{
"status": "affected",
"version": "6.2(16)"
},
{
"status": "affected",
"version": "6.2(19)"
},
{
"status": "affected",
"version": "8.2(4)"
},
{
"status": "affected",
"version": "6.2(2a)"
},
{
"status": "affected",
"version": "7.2(2)D1(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(7)"
},
{
"status": "affected",
"version": "6.2(5b)"
},
{
"status": "affected",
"version": "7.3(0)DY(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(9)"
},
{
"status": "affected",
"version": "6.0(2)A8(1)"
},
{
"status": "affected",
"version": "7.2(1)D1(1)"
},
{
"status": "affected",
"version": "6.2(15)"
},
{
"status": "affected",
"version": "6.0(2)A6(6)"
},
{
"status": "affected",
"version": "6.0(2)A8(10a)"
},
{
"status": "affected",
"version": "7.0(3)I5(1)"
},
{
"status": "affected",
"version": "9.3(1z)"
},
{
"status": "affected",
"version": "9.2(2)"
},
{
"status": "affected",
"version": "6.2(7)"
},
{
"status": "affected",
"version": "6.2(9c)"
},
{
"status": "affected",
"version": "7.0(3)F3(4)"
},
{
"status": "affected",
"version": "6.2(6b)"
},
{
"status": "affected",
"version": "7.0(3)I4(8b)"
},
{
"status": "affected",
"version": "8.1(2a)"
},
{
"status": "affected",
"version": "7.3(2)D1(3)"
},
{
"status": "affected",
"version": "6.2(8)"
},
{
"status": "affected",
"version": "6.0(2)A8(3)"
},
{
"status": "affected",
"version": "6.2(11b)"
},
{
"status": "affected",
"version": "7.0(3)I4(6t)"
},
{
"status": "affected",
"version": "7.0(3)I5(3a)"
},
{
"status": "affected",
"version": "8.1(1a)"
},
{
"status": "affected",
"version": "6.2(13a)"
},
{
"status": "affected",
"version": "6.0(2)A8(8)"
},
{
"status": "affected",
"version": "7.0(3)I7(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(3a)"
},
{
"status": "affected",
"version": "6.0(2)A8(4)"
},
{
"status": "affected",
"version": "6.0(2)A6(3a)"
},
{
"status": "affected",
"version": "6.0(2)A6(5a)"
},
{
"status": "affected",
"version": "7.0(3)F2(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8a)"
},
{
"status": "affected",
"version": "6.0(2)U6(9)"
},
{
"status": "affected",
"version": "7.0(3)F3(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(2a)"
},
{
"status": "affected",
"version": "6.2(12)"
},
{
"status": "affected",
"version": "6.2(17)"
},
{
"status": "affected",
"version": "7.0(3)I4(4)"
},
{
"status": "affected",
"version": "6.2(23)"
},
{
"status": "affected",
"version": "6.2(13b)"
},
{
"status": "affected",
"version": "6.0(2)U6(3)"
},
{
"status": "affected",
"version": "6.2(10)"
},
{
"status": "affected",
"version": "6.2(6a)"
},
{
"status": "affected",
"version": "6.2(6)"
},
{
"status": "affected",
"version": "6.2(14)"
},
{
"status": "affected",
"version": "7.0(3)I7(1)"
},
{
"status": "affected",
"version": "6.2(14b)"
},
{
"status": "affected",
"version": "6.2(21)"
},
{
"status": "affected",
"version": "7.2(2)D1(1)"
},
{
"status": "affected",
"version": "7.0(3)F2(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7b)"
},
{
"status": "affected",
"version": "6.2(8a)"
},
{
"status": "affected",
"version": "6.2(11c)"
},
{
"status": "affected",
"version": "7.0(3)F1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(1a)"
},
{
"status": "affected",
"version": "7.2(0)D1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(4a)"
},
{
"status": "affected",
"version": "6.2(20a)"
},
{
"status": "affected",
"version": "6.0(2)U6(4)"
},
{
"status": "affected",
"version": "8.4(1a)"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "7.3(2)D1(1d)"
},
{
"status": "affected",
"version": "6.2(24)"
},
{
"status": "affected",
"version": "6.2(31)"
},
{
"status": "affected",
"version": "7.0(3)I7(8)"
},
{
"status": "affected",
"version": "6.0(2)U6(10a)"
},
{
"status": "affected",
"version": "9.3(4)"
},
{
"status": "affected",
"version": "7.3(6)D1(1)"
},
{
"status": "affected",
"version": "6.2(26)"
},
{
"status": "affected",
"version": "8.2(6)"
},
{
"status": "affected",
"version": "6.2(33)"
},
{
"status": "affected",
"version": "9.3(5)"
},
{
"status": "affected",
"version": "8.4(2a)"
},
{
"status": "affected",
"version": "8.4(2b)"
},
{
"status": "affected",
"version": "7.0(3)I7(9)"
},
{
"status": "affected",
"version": "6.2(24a)"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "9.3(6)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "8.4(4)"
},
{
"status": "affected",
"version": "7.3(7)D1(1)"
},
{
"status": "affected",
"version": "8.4(2c)"
},
{
"status": "affected",
"version": "9.3(5w)"
},
{
"status": "affected",
"version": "8.2(7)"
},
{
"status": "affected",
"version": "9.3(7)"
},
{
"status": "affected",
"version": "9.3(7k)"
},
{
"status": "affected",
"version": "7.0(3)I7(9w)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "7.3(8)D1(1)"
},
{
"status": "affected",
"version": "9.3(7a)"
},
{
"status": "affected",
"version": "8.2(7a)"
},
{
"status": "affected",
"version": "9.3(8)"
},
{
"status": "affected",
"version": "8.4(4a)"
},
{
"status": "affected",
"version": "8.4(2d)"
},
{
"status": "affected",
"version": "8.4(5)"
},
{
"status": "affected",
"version": "7.0(3)I7(10)"
},
{
"status": "affected",
"version": "8.2(8)"
},
{
"status": "affected",
"version": "10.2(1q)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "9.3(9)"
},
{
"status": "affected",
"version": "10.1(2t)"
},
{
"status": "affected",
"version": "7.3(9)D1(1)"
},
{
"status": "affected",
"version": "10.2(3)"
},
{
"status": "affected",
"version": "8.4(6)"
},
{
"status": "affected",
"version": "10.2(3t)"
},
{
"status": "affected",
"version": "8.4(2e)"
},
{
"status": "affected",
"version": "9.3(10)"
},
{
"status": "affected",
"version": "10.2(2a)"
},
{
"status": "affected",
"version": "9.2(1a)"
},
{
"status": "affected",
"version": "8.2(9)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.2(4)"
},
{
"status": "affected",
"version": "8.4(7)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "8.4(6a)"
},
{
"status": "affected",
"version": "9.3(11)"
},
{
"status": "affected",
"version": "10.3(3)"
},
{
"status": "affected",
"version": "10.2(5)"
},
{
"status": "affected",
"version": "9.4(1)"
},
{
"status": "affected",
"version": "9.3(2a)"
},
{
"status": "affected",
"version": "8.4(2f)"
},
{
"status": "affected",
"version": "8.2(10)"
},
{
"status": "affected",
"version": "9.3(12)"
},
{
"status": "affected",
"version": "10.2(3v)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "8.4(8)"
},
{
"status": "affected",
"version": "10.3(99w)"
},
{
"status": "affected",
"version": "10.2(6)"
},
{
"status": "affected",
"version": "10.3(3w)"
},
{
"status": "affected",
"version": "10.3(99x)"
},
{
"status": "affected",
"version": "10.3(3o)"
},
{
"status": "affected",
"version": "8.4(9)"
},
{
"status": "affected",
"version": "10.3(4)"
},
{
"status": "affected",
"version": "10.3(3p)"
},
{
"status": "affected",
"version": "10.3(4a)"
},
{
"status": "affected",
"version": "9.4(1a)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "10.3(3q)"
},
{
"status": "affected",
"version": "9.3(13)"
},
{
"status": "affected",
"version": "10.2(7)"
},
{
"status": "affected",
"version": "10.3(3x)"
},
{
"status": "affected",
"version": "10.3(4g)"
},
{
"status": "affected",
"version": "10.3(3r)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.\u0026nbsp;\r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "Protection Mechanism Failure",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:37:17.319Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nxos-psbe-ce-YvbTn5du",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du"
},
{
"name": "Cisco NX-OS Security with Python",
"url": "https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410"
}
],
"source": {
"advisory": "cisco-sa-nxos-psbe-ce-YvbTn5du",
"defects": [
"CSCwh77781"
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Python Parser Escape Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20286",
"datePublished": "2024-08-28T16:37:17.319Z",
"dateReserved": "2023-11-08T15:08:07.626Z",
"dateUpdated": "2024-08-28T17:23:56.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0331
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:57
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco FXOS, NX-OS, and UCS Manager unknown |
Version: Cisco FXOS, NX-OS, and UCS Manager unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:14.780Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0331",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:37:35.507766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T14:57:02.830Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco FXOS, NX-OS, and UCS Manager unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco FXOS, NX-OS, and UCS Manager unknown"
}
]
}
],
"datePublic": "2018-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0331",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco FXOS, NX-OS, and UCS Manager unknown",
"version": {
"version_data": [
{
"version_value": "Cisco FXOS, NX-OS, and UCS Manager unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0331",
"datePublished": "2018-06-21T11:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T14:57:02.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3398
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:10
Severity ?
EPSS score ?
Summary
A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) condition due to the BGP session being down. The vulnerability is due to incorrect parsing of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause the BGP peer connections to reset, which could lead to BGP route instability and impact traffic. The incoming BGP MVPN update message is valid but is parsed incorrectly by the NX-OS device, which could send a corrupted BGP update to the configured BGP peer. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:58.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200826 Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3398",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:13:11.138590Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:10:05.169Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) condition due to the BGP session being down. The vulnerability is due to incorrect parsing of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause the BGP peer connections to reset, which could lead to BGP route instability and impact traffic. The incoming BGP MVPN update message is valid but is parsed incorrectly by the NX-OS device, which could send a corrupted BGP update to the configured BGP peer. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-27T15:40:28",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200826 Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp"
}
],
"source": {
"advisory": "cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp",
"defect": [
[
"CSCvr60479"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-08-26T16:00:00",
"ID": "CVE-2020-3398",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) condition due to the BGP session being down. The vulnerability is due to incorrect parsing of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause the BGP peer connections to reset, which could lead to BGP route instability and impact traffic. The incoming BGP MVPN update message is valid but is parsed incorrectly by the NX-OS device, which could send a corrupted BGP update to the configured BGP peer. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200826 Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp"
}
]
},
"source": {
"advisory": "cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp",
"defect": [
[
"CSCvr60479"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3398",
"datePublished": "2020-08-27T15:40:28.988414Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:10:05.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3338
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:09
Severity ?
EPSS score ?
Summary
A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper error handling when processing inbound PIM6 packets. An attacker could exploit this vulnerability by sending multiple crafted PIM6 packets to an affected device. A successful exploit could allow the attacker to cause the PIM6 application to leak system memory. Over time, this memory leak could cause the PIM6 application to stop processing legitimate PIM6 traffic, leading to a DoS condition on the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software 5.2(1) |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:57.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200826 Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3338",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:13:08.676378Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:09:39.460Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software 5.2(1)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper error handling when processing inbound PIM6 packets. An attacker could exploit this vulnerability by sending multiple crafted PIM6 packets to an affected device. A successful exploit could allow the attacker to cause the PIM6 application to leak system memory. Over time, this memory leak could cause the PIM6 application to stop processing legitimate PIM6 traffic, leading to a DoS condition on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-27T15:40:43",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200826 Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw"
}
],
"source": {
"advisory": "cisco-sa-nxos-pim-memleak-dos-tC8eP7uw",
"defect": [
[
"CSCvr91853",
"CSCvr97684"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-08-26T16:00:00",
"ID": "CVE-2020-3338",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software 5.2(1)",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper error handling when processing inbound PIM6 packets. An attacker could exploit this vulnerability by sending multiple crafted PIM6 packets to an affected device. A successful exploit could allow the attacker to cause the PIM6 application to leak system memory. Over time, this memory leak could cause the PIM6 application to stop processing legitimate PIM6 traffic, leading to a DoS condition on the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-404"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200826 Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw"
}
]
},
"source": {
"advisory": "cisco-sa-nxos-pim-memleak-dos-tC8eP7uw",
"defect": [
[
"CSCvr91853",
"CSCvr97684"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3338",
"datePublished": "2020-08-27T15:40:43.612337Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:09:39.460Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1229
Vulnerability from cvelistv5
Published
2021-02-24 19:30
Modified
2024-11-08 23:39
Severity ?
EPSS score ?
Summary
A vulnerability in ICMP Version 6 (ICMPv6) processing in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a slow system memory leak, which over time could lead to a denial of service (DoS) condition. This vulnerability is due to improper error handling when an IPv6-configured interface receives a specific type of ICMPv6 packet. An attacker could exploit this vulnerability by sending a sustained rate of crafted ICMPv6 packets to a local IPv6 address on a targeted device. A successful exploit could allow the attacker to cause a system memory leak in the ICMPv6 process on the device. As a result, the ICMPv6 process could run out of system memory and stop processing traffic. The device could then drop all ICMPv6 packets, causing traffic instability on the device. Restoring device functionality would require a device reboot.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210224 Cisco NX-OS Software ICMP Version 6 Memory Leak Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1229",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:04:00.849888Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:39:57.780Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in ICMP Version 6 (ICMPv6) processing in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a slow system memory leak, which over time could lead to a denial of service (DoS) condition. This vulnerability is due to improper error handling when an IPv6-configured interface receives a specific type of ICMPv6 packet. An attacker could exploit this vulnerability by sending a sustained rate of crafted ICMPv6 packets to a local IPv6 address on a targeted device. A successful exploit could allow the attacker to cause a system memory leak in the ICMPv6 process on the device. As a result, the ICMPv6 process could run out of system memory and stop processing traffic. The device could then drop all ICMPv6 packets, causing traffic instability on the device. Restoring device functionality would require a device reboot."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-24T19:30:21",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210224 Cisco NX-OS Software ICMP Version 6 Memory Leak Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq"
}
],
"source": {
"advisory": "cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq",
"defect": [
[
"CSCvv24541",
"CSCvv96592",
"CSCvv96593"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software ICMP Version 6 Memory Leak Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-02-24T16:00:00",
"ID": "CVE-2021-1229",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software ICMP Version 6 Memory Leak Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in ICMP Version 6 (ICMPv6) processing in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a slow system memory leak, which over time could lead to a denial of service (DoS) condition. This vulnerability is due to improper error handling when an IPv6-configured interface receives a specific type of ICMPv6 packet. An attacker could exploit this vulnerability by sending a sustained rate of crafted ICMPv6 packets to a local IPv6 address on a targeted device. A successful exploit could allow the attacker to cause a system memory leak in the ICMPv6 process on the device. As a result, the ICMPv6 process could run out of system memory and stop processing traffic. The device could then drop all ICMPv6 packets, causing traffic instability on the device. Restoring device functionality would require a device reboot."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.8",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-401"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210224 Cisco NX-OS Software ICMP Version 6 Memory Leak Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq"
}
]
},
"source": {
"advisory": "cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq",
"defect": [
[
"CSCvv24541",
"CSCvv96592",
"CSCvv96593"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1229",
"datePublished": "2021-02-24T19:30:21.325015Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:39:57.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0311
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:57
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco FXOS and NX-OS unknown |
Version: Cisco FXOS and NX-OS unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0311",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:43:38.619660Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T14:57:32.415Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco FXOS and NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco FXOS and NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco FXOS and NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco FXOS and NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0311",
"datePublished": "2018-06-21T11:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T14:57:32.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0291
Vulnerability from cvelistv5
Published
2018-06-20 21:00
Modified
2024-11-29 15:02
Severity ?
EPSS score ?
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco NX-OS unknown |
Version: Cisco NX-OS unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:14.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0291",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:37:39.607604Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:02:46.880Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0291",
"datePublished": "2018-06-20T21:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:02:46.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4237
Vulnerability from cvelistv5
Published
2015-07-03 10:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032775 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39583 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:11:12.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032775",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032775"
},
{
"name": "20150701 Cisco Nexus Operating System Devices Command Line Interface Local Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39583"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1032775",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032775"
},
{
"name": "20150701 Cisco Nexus Operating System Devices Command Line Interface Local Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39583"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4237",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032775",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032775"
},
{
"name": "20150701 Cisco Nexus Operating System Devices Command Line Interface Local Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39583"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-4237",
"datePublished": "2015-07-03T10:00:00",
"dateReserved": "2015-06-04T00:00:00",
"dateUpdated": "2024-08-06T06:11:12.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1767
Vulnerability from cvelistv5
Published
2019-05-15 18:45
Modified
2024-11-20 17:22
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities. NX-OS versions prior to 8.3(1) are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108386 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.722Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj"
},
{
"name": "108386",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108386"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1767",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:55:00.651175Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:22:19.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities. NX-OS versions prior to 8.3(1) are affected."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-20T15:06:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj"
},
{
"name": "108386",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108386"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-overflow-inj",
"defect": [
[
"CSCvh76129",
"CSCvh76132",
"CSCvj00497",
"CSCvj10162"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1767",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities. NX-OS versions prior to 8.3(1) are affected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj"
},
{
"name": "108386",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108386"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-overflow-inj",
"defect": [
[
"CSCvh76129",
"CSCvh76132",
"CSCvj00497",
"CSCvj10162"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1767",
"datePublished": "2019-05-15T18:45:18.115908Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:22:19.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4301
Vulnerability from cvelistv5
Published
2015-08-19 15:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=40431 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1033267 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:11:12.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150812 Cisco Nexus 9000 Series Resource Exhaustion Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40431"
},
{
"name": "1033267",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033267"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device\u0027s filesystem, aka Bug ID CSCuu77225."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-22T18:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150812 Cisco Nexus 9000 Series Resource Exhaustion Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40431"
},
{
"name": "1033267",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033267"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device\u0027s filesystem, aka Bug ID CSCuu77225."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150812 Cisco Nexus 9000 Series Resource Exhaustion Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40431"
},
{
"name": "1033267",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033267"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-4301",
"datePublished": "2015-08-19T15:00:00",
"dateReserved": "2015-06-04T00:00:00",
"dateUpdated": "2024-08-06T06:11:12.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1587
Vulnerability from cvelistv5
Published
2021-08-25 19:11
Modified
2024-11-07 22:02
Severity ?
EPSS score ?
Summary
A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific packets with a Transparent Interconnection of Lots of Links (TRILL) OAM EtherType. An attacker could exploit this vulnerability by sending crafted packets, including the TRILL OAM EtherType of 0x8902, to a device that is part of a VXLAN Ethernet VPN (EVPN) fabric. A successful exploit could allow the attacker to cause an affected device to experience high CPU usage and consume excessive system resources, which may result in overall control plane instability and cause the affected device to reload. Note: The NGOAM feature is disabled by default.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ngoam-dos-LTDb9Hv | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210825 Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ngoam-dos-LTDb9Hv"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1587",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:54:27.093740Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:02:26.359Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific packets with a Transparent Interconnection of Lots of Links (TRILL) OAM EtherType. An attacker could exploit this vulnerability by sending crafted packets, including the TRILL OAM EtherType of 0x8902, to a device that is part of a VXLAN Ethernet VPN (EVPN) fabric. A successful exploit could allow the attacker to cause an affected device to experience high CPU usage and consume excessive system resources, which may result in overall control plane instability and cause the affected device to reload. Note: The NGOAM feature is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-115",
"description": "CWE-115",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-25T19:11:06",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210825 Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ngoam-dos-LTDb9Hv"
}
],
"source": {
"advisory": "cisco-sa-nxos-ngoam-dos-LTDb9Hv",
"defect": [
[
"CSCvx66917"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-08-25T16:00:00",
"ID": "CVE-2021-1587",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific packets with a Transparent Interconnection of Lots of Links (TRILL) OAM EtherType. An attacker could exploit this vulnerability by sending crafted packets, including the TRILL OAM EtherType of 0x8902, to a device that is part of a VXLAN Ethernet VPN (EVPN) fabric. A successful exploit could allow the attacker to cause an affected device to experience high CPU usage and consume excessive system resources, which may result in overall control plane instability and cause the affected device to reload. Note: The NGOAM feature is disabled by default."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-115"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210825 Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ngoam-dos-LTDb9Hv"
}
]
},
"source": {
"advisory": "cisco-sa-nxos-ngoam-dos-LTDb9Hv",
"defect": [
[
"CSCvx66917"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1587",
"datePublished": "2021-08-25T19:11:06.170453Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:02:26.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3397
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:09
Severity ?
EPSS score ?
Summary
A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this specific, valid BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause one of the BGP-related routing applications to restart multiple times, leading to a system-level restart. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:58.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200826 Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3397",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:13:09.910461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:09:56.819Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this specific, valid BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause one of the BGP-related routing applications to restart multiple times, leading to a system-level restart. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-27T15:40:34",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200826 Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ"
}
],
"source": {
"advisory": "cisco-sa-nxosbgp-nlri-dos-458rG2OQ",
"defect": [
[
"CSCvr58652"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-08-26T16:00:00",
"ID": "CVE-2020-3397",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this specific, valid BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause one of the BGP-related routing applications to restart multiple times, leading to a system-level restart. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200826 Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ"
}
]
},
"source": {
"advisory": "cisco-sa-nxosbgp-nlri-dos-458rG2OQ",
"defect": [
[
"CSCvr58652"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3397",
"datePublished": "2020-08-27T15:40:34.148007Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:09:56.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1367
Vulnerability from cvelistv5
Published
2021-02-24 19:30
Modified
2024-11-08 23:38
Severity ?
EPSS score ?
Summary
A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted PIM packet to an affected device. A successful exploit could allow the attacker to cause a traffic loop, resulting in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-dos-Y8SjMz4 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:16.870Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210224 Cisco NX-OS Software Protocol Independent Multicast Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-dos-Y8SjMz4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1367",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:48:20.897429Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:38:19.100Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted PIM packet to an affected device. A successful exploit could allow the attacker to cause a traffic loop, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-24T19:30:45",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210224 Cisco NX-OS Software Protocol Independent Multicast Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-dos-Y8SjMz4"
}
],
"source": {
"advisory": "cisco-sa-nxos-pim-dos-Y8SjMz4",
"defect": [
[
"CSCvv98438"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Protocol Independent Multicast Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-02-24T16:00:00",
"ID": "CVE-2021-1367",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Protocol Independent Multicast Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted PIM packet to an affected device. A successful exploit could allow the attacker to cause a traffic loop, resulting in a DoS condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.3",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210224 Cisco NX-OS Software Protocol Independent Multicast Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-dos-Y8SjMz4"
}
]
},
"source": {
"advisory": "cisco-sa-nxos-pim-dos-Y8SjMz4",
"defect": [
[
"CSCvv98438"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1367",
"datePublished": "2021-02-24T19:30:45.486967Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:38:19.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1768
Vulnerability from cvelistv5
Published
2019-05-16 01:25
Modified
2024-11-20 17:18
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108386 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj"
},
{
"name": "108386",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108386"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1768",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:54:18.695033Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:18:02.308Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-20T15:06:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj"
},
{
"name": "108386",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108386"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-overflow-inj",
"defect": [
[
"CSCvh76129",
"CSCvh76132",
"CSCvj00497",
"CSCvj10162"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1768",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj"
},
{
"name": "108386",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108386"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-overflow-inj",
"defect": [
[
"CSCvh76129",
"CSCvh76132",
"CSCvj00497",
"CSCvj10162"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1768",
"datePublished": "2019-05-16T01:25:21.627879Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:18:02.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-6457
Vulnerability from cvelistv5
Published
2016-11-19 02:45
Modified
2024-08-06 01:29
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability affects Cisco Nexus 9000 Series Leaf Switches (TOR) - ACI Mode and Cisco Application Policy Infrastructure Controller (APIC). More Information: CSCuy93241. Known Affected Releases: 11.2(2x) 11.2(3x) 11.3(1x) 11.3(2x) 12.0(1x). Known Fixed Releases: 11.2(2i) 11.2(2j) 11.2(3f) 11.2(3g) 11.2(3h) 11.2(3l) 11.3(0.236) 11.3(1j) 11.3(2i) 11.3(2j) 12.0(1r).
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94077 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1037185 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) 11.2(2x) through 12.0(1x) |
Version: Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) 11.2(2x) through 12.0(1x) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:29:20.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94077",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94077"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic"
},
{
"name": "1037185",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037185"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) 11.2(2x) through 12.0(1x)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) 11.2(2x) through 12.0(1x)"
}
]
}
],
"datePublic": "2016-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability affects Cisco Nexus 9000 Series Leaf Switches (TOR) - ACI Mode and Cisco Application Policy Infrastructure Controller (APIC). More Information: CSCuy93241. Known Affected Releases: 11.2(2x) 11.2(3x) 11.3(1x) 11.3(2x) 12.0(1x). Known Fixed Releases: 11.2(2i) 11.2(2j) 11.2(3f) 11.2(3g) 11.2(3h) 11.2(3l) 11.3(0.236) 11.3(1j) 11.3(2i) 11.3(2j) 12.0(1r)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "unspecified",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "94077",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94077"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic"
},
{
"name": "1037185",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037185"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-6457",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) 11.2(2x) through 12.0(1x)",
"version": {
"version_data": [
{
"version_value": "Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) 11.2(2x) through 12.0(1x)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability affects Cisco Nexus 9000 Series Leaf Switches (TOR) - ACI Mode and Cisco Application Policy Infrastructure Controller (APIC). More Information: CSCuy93241. Known Affected Releases: 11.2(2x) 11.2(3x) 11.3(1x) 11.3(2x) 12.0(1x). Known Fixed Releases: 11.2(2i) 11.2(2j) 11.2(3f) 11.2(3g) 11.2(3h) 11.2(3l) 11.3(0.236) 11.3(1j) 11.3(2i) 11.3(2j) 12.0(1r)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94077",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94077"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic"
},
{
"name": "1037185",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037185"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-6457",
"datePublished": "2016-11-19T02:45:00",
"dateReserved": "2016-07-26T00:00:00",
"dateUpdated": "2024-08-06T01:29:20.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20285
Vulnerability from cvelistv5
Published
2024-08-28 16:37
Modified
2024-08-28 17:19
Severity ?
EPSS score ?
Summary
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.
The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: 7.3(6)N1(1a) Version: 8.4(2) Version: 7.3(6)N1(1) Version: 9.2(3) Version: 7.0(3)I5(2) Version: 8.2(1) Version: 6.0(2)A8(7a) Version: 7.0(3)I4(5) Version: 6.0(2)A6(1) Version: 7.3(1)D1(1) Version: 7.0(3)I4(6) Version: 7.3(4)N1(1) Version: 7.0(3)I4(3) Version: 9.2(2v) Version: 6.0(2)A6(5b) Version: 7.3(0)D1(1) Version: 6.2(17a) Version: 7.0(3)I4(7) Version: 6.0(2)U6(1a) Version: 7.1(5)N1(1b) Version: 7.0(3)I4(1) Version: 7.0(3)I4(8) Version: 7.0(3)I4(2) Version: 7.1(4)N1(1c) Version: 7.0(3)IM3(1) Version: 6.0(2)U6(5a) Version: 6.0(2)A8(11) Version: 6.0(2)A6(4a) Version: 6.2(9) Version: 6.2(5) Version: 9.2(1) Version: 9.2(2t) Version: 9.2(3y) Version: 7.0(3)I4(1t) Version: 6.0(2)U6(5c) Version: 6.0(2)A6(4) Version: 7.0(3)I7(6z) Version: 9.3(2) Version: 7.3(1)DY(1) Version: 7.0(3)F3(3) Version: 6.0(2)U6(6) Version: 6.2(29) Version: 7.0(3)I7(3z) Version: 7.0(3)IM7(2) Version: 6.0(2)A8(11b) Version: 6.2(9a) Version: 7.3(0)N1(1) Version: 7.0(3)I7(5a) Version: 6.2(11d) Version: 7.0(3)I6(1) Version: 6.0(2)U6(10) Version: 7.0(3)IM3(2) Version: 6.0(2)A6(8) Version: 6.0(2)U6(1) Version: 7.3(2)N1(1c) Version: 7.0(3)I5(3b) Version: 7.3(5)N1(1) Version: 6.0(2)A6(2a) Version: 7.3(2)N1(1b) Version: 6.2(27) Version: 7.3(1)N1(1) Version: 6.0(2)U6(7) Version: 9.2(4) Version: 7.1(4)N1(1a) Version: 8.1(1) Version: 7.1(3)N1(4) Version: 7.0(3)IM3(2a) Version: 6.0(2)A8(10) Version: 7.1(3)N1(2) Version: 8.2(2) Version: 6.2(13) Version: 6.0(2)A8(2) Version: 7.0(3)IC4(4) Version: 6.2(1) Version: 8.3(2) Version: 7.3(4)N1(1a) Version: 6.0(2)A6(3) Version: 6.0(2)U6(5b) Version: 7.0(3)F3(3c) Version: 7.0(3)F3(1) Version: 6.0(2)U6(5) Version: 7.0(3)F3(5) Version: 7.1(2)N1(1) Version: 7.1(3)N1(3) Version: 6.0(2)A6(7) Version: 7.0(3)I7(2) Version: 6.2(5a) Version: 6.0(2)A6(5) Version: 7.0(3)IM3(2b) Version: 7.1(3)N1(1) Version: 6.0(2)U6(4a) Version: 7.0(3)I5(3) Version: 7.0(3)I7(3) Version: 6.0(2)A8(6) Version: 7.0(3)I6(2) Version: 8.3(1) Version: 6.2(3) Version: 7.1(1)N1(1) Version: 8.1(1b) Version: 7.3(0)N1(1b) Version: 6.0(2)A8(5) Version: 7.1(4)N1(1d) Version: 7.3(2)N1(1) Version: 6.0(2)U6(8) Version: 7.1(1)N1(1a) Version: 7.0(3)IM3(3) Version: 9.3(1) Version: 6.0(2)U6(2) Version: 6.2(9b) Version: 7.1(3)N1(2a) Version: 7.3(0)N1(1a) Version: 6.0(2)A8(7) Version: 7.0(3)I7(6) Version: 8.4(1) Version: 6.2(25) Version: 6.0(2)U6(3a) Version: 6.0(2)A8(11a) Version: 6.2(11e) Version: 7.1(3)N1(5) Version: 7.0(3)I4(8z) Version: 6.2(11) Version: 7.0(3)I4(9) Version: 6.2(19) Version: 7.1(0)N1(1b) Version: 7.0(3)I7(4) Version: 7.0(3)I7(7) Version: 6.2(5b) Version: 7.3(0)DY(1) Version: 6.0(2)A8(9) Version: 6.0(2)A8(1) Version: 7.1(5)N1(1) Version: 6.2(15) Version: 6.0(2)A6(6) Version: 6.0(2)A8(10a) Version: 7.0(3)I5(1) Version: 9.3(1z) Version: 9.2(2) Version: 6.2(7) Version: 6.2(9c) Version: 7.0(3)F3(4) Version: 7.3(3)N1(1) Version: 7.0(3)I4(8b) Version: 6.0(2)A8(3) Version: 6.2(11b) Version: 7.0(3)I4(6t) Version: 7.0(3)I5(3a) Version: 8.1(1a) Version: 6.2(13a) Version: 6.0(2)A8(8) Version: 7.0(3)I7(5) Version: 7.0(3)F3(3a) Version: 7.1(0)N1(1a) Version: 6.0(2)A8(4) Version: 6.0(2)A6(3a) Version: 6.0(2)A6(5a) Version: 7.0(3)F2(1) Version: 7.0(3)I4(8a) Version: 6.0(2)U6(9) Version: 7.0(3)F3(2) Version: 6.0(2)U6(2a) Version: 6.2(17) Version: 7.0(3)I4(4) Version: 6.2(23) Version: 6.2(13b) Version: 6.0(2)U6(3) Version: 7.1(2)N1(1a) Version: 7.0(3)I7(1) Version: 6.2(21) Version: 7.0(3)F2(2) Version: 7.0(3)IA7(2) Version: 7.0(3)IA7(1) Version: 6.0(2)A8(7b) Version: 6.2(11c) Version: 7.0(3)F1(1) Version: 6.0(2)A6(1a) Version: 7.1(0)N1(1) Version: 6.0(2)A6(2) Version: 7.1(4)N1(1) Version: 6.0(2)A8(4a) Version: 6.0(2)U6(4) Version: 8.4(1a) Version: 9.3(3) Version: 7.3(7)N1(1) Version: 6.2(31) Version: 7.0(3)I7(8) Version: 6.0(2)U6(10a) Version: 7.3(7)N1(1a) Version: 9.3(4) Version: 6.2(33) Version: 9.3(5) Version: 8.4(2a) Version: 8.4(2b) Version: 7.3(8)N1(1) Version: 7.0(3)I7(9) Version: 7.3(7)N1(1b) Version: 8.5(1) Version: 9.3(6) Version: 10.1(2) Version: 10.1(1) Version: 8.4(2c) Version: 9.3(5w) Version: 7.3(9)N1(1) Version: 9.3(7) Version: 9.3(7k) Version: 7.0(3)I7(9w) Version: 10.2(1) Version: 7.3(8)N1(1a) Version: 9.3(7a) Version: 9.3(8) Version: 8.4(2d) Version: 7.3(10)N1(1) Version: 7.0(3)I7(10) Version: 7.3(8)N1(1b) Version: 10.2(1q) Version: 10.2(2) Version: 9.3(9) Version: 10.1(2t) Version: 7.3(11)N1(1) Version: 10.2(3) Version: 10.2(3t) Version: 8.4(2e) Version: 9.3(10) Version: 7.3(11)N1(1a) Version: 10.2(2a) Version: 7.3(12)N1(1) Version: 9.2(1a) Version: 10.3(1) Version: 10.2(4) Version: 7.3(13)N1(1) Version: 10.3(2) Version: 9.3(11) Version: 10.3(3) Version: 10.2(5) Version: 9.4(1) Version: 9.3(2a) Version: 8.4(2f) Version: 9.3(12) Version: 10.2(3v) Version: 10.4(1) Version: 10.3(99w) Version: 7.3(14)N1(1) Version: 10.2(6) Version: 10.3(3w) Version: 10.3(99x) Version: 10.3(3o) Version: 10.3(4) Version: 10.3(3p) Version: 10.3(4a) Version: 9.4(1a) Version: 10.4(2) Version: 10.3(3q) Version: 9.3(13) Version: 10.3(5) Version: 10.2(7) Version: 10.4(3) Version: 10.3(3x) Version: 10.3(4g) Version: 10.3(3r) |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20285",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T17:19:39.299396Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:19:57.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.3(6)N1(1a)"
},
{
"status": "affected",
"version": "8.4(2)"
},
{
"status": "affected",
"version": "7.3(6)N1(1)"
},
{
"status": "affected",
"version": "9.2(3)"
},
{
"status": "affected",
"version": "7.0(3)I5(2)"
},
{
"status": "affected",
"version": "8.2(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7a)"
},
{
"status": "affected",
"version": "7.0(3)I4(5)"
},
{
"status": "affected",
"version": "6.0(2)A6(1)"
},
{
"status": "affected",
"version": "7.3(1)D1(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(6)"
},
{
"status": "affected",
"version": "7.3(4)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(3)"
},
{
"status": "affected",
"version": "9.2(2v)"
},
{
"status": "affected",
"version": "6.0(2)A6(5b)"
},
{
"status": "affected",
"version": "7.3(0)D1(1)"
},
{
"status": "affected",
"version": "6.2(17a)"
},
{
"status": "affected",
"version": "7.0(3)I4(7)"
},
{
"status": "affected",
"version": "6.0(2)U6(1a)"
},
{
"status": "affected",
"version": "7.1(5)N1(1b)"
},
{
"status": "affected",
"version": "7.0(3)I4(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8)"
},
{
"status": "affected",
"version": "7.0(3)I4(2)"
},
{
"status": "affected",
"version": "7.1(4)N1(1c)"
},
{
"status": "affected",
"version": "7.0(3)IM3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5a)"
},
{
"status": "affected",
"version": "6.0(2)A8(11)"
},
{
"status": "affected",
"version": "6.0(2)A6(4a)"
},
{
"status": "affected",
"version": "6.2(9)"
},
{
"status": "affected",
"version": "6.2(5)"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.2(2t)"
},
{
"status": "affected",
"version": "9.2(3y)"
},
{
"status": "affected",
"version": "7.0(3)I4(1t)"
},
{
"status": "affected",
"version": "6.0(2)U6(5c)"
},
{
"status": "affected",
"version": "6.0(2)A6(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(6z)"
},
{
"status": "affected",
"version": "9.3(2)"
},
{
"status": "affected",
"version": "7.3(1)DY(1)"
},
{
"status": "affected",
"version": "7.0(3)F3(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(6)"
},
{
"status": "affected",
"version": "6.2(29)"
},
{
"status": "affected",
"version": "7.0(3)I7(3z)"
},
{
"status": "affected",
"version": "7.0(3)IM7(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(11b)"
},
{
"status": "affected",
"version": "6.2(9a)"
},
{
"status": "affected",
"version": "7.3(0)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I7(5a)"
},
{
"status": "affected",
"version": "6.2(11d)"
},
{
"status": "affected",
"version": "7.0(3)I6(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(10)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(8)"
},
{
"status": "affected",
"version": "6.0(2)U6(1)"
},
{
"status": "affected",
"version": "7.3(2)N1(1c)"
},
{
"status": "affected",
"version": "7.0(3)I5(3b)"
},
{
"status": "affected",
"version": "7.3(5)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(2a)"
},
{
"status": "affected",
"version": "7.3(2)N1(1b)"
},
{
"status": "affected",
"version": "6.2(27)"
},
{
"status": "affected",
"version": "7.3(1)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(7)"
},
{
"status": "affected",
"version": "9.2(4)"
},
{
"status": "affected",
"version": "7.1(4)N1(1a)"
},
{
"status": "affected",
"version": "8.1(1)"
},
{
"status": "affected",
"version": "7.1(3)N1(4)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2a)"
},
{
"status": "affected",
"version": "6.0(2)A8(10)"
},
{
"status": "affected",
"version": "7.1(3)N1(2)"
},
{
"status": "affected",
"version": "8.2(2)"
},
{
"status": "affected",
"version": "6.2(13)"
},
{
"status": "affected",
"version": "6.0(2)A8(2)"
},
{
"status": "affected",
"version": "7.0(3)IC4(4)"
},
{
"status": "affected",
"version": "6.2(1)"
},
{
"status": "affected",
"version": "8.3(2)"
},
{
"status": "affected",
"version": "7.3(4)N1(1a)"
},
{
"status": "affected",
"version": "6.0(2)A6(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(5b)"
},
{
"status": "affected",
"version": "7.0(3)F3(3c)"
},
{
"status": "affected",
"version": "7.0(3)F3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(5)"
},
{
"status": "affected",
"version": "7.1(2)N1(1)"
},
{
"status": "affected",
"version": "7.1(3)N1(3)"
},
{
"status": "affected",
"version": "6.0(2)A6(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(2)"
},
{
"status": "affected",
"version": "6.2(5a)"
},
{
"status": "affected",
"version": "6.0(2)A6(5)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2b)"
},
{
"status": "affected",
"version": "7.1(3)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(4a)"
},
{
"status": "affected",
"version": "7.0(3)I5(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(3)"
},
{
"status": "affected",
"version": "6.0(2)A8(6)"
},
{
"status": "affected",
"version": "7.0(3)I6(2)"
},
{
"status": "affected",
"version": "8.3(1)"
},
{
"status": "affected",
"version": "6.2(3)"
},
{
"status": "affected",
"version": "7.1(1)N1(1)"
},
{
"status": "affected",
"version": "8.1(1b)"
},
{
"status": "affected",
"version": "7.3(0)N1(1b)"
},
{
"status": "affected",
"version": "6.0(2)A8(5)"
},
{
"status": "affected",
"version": "7.1(4)N1(1d)"
},
{
"status": "affected",
"version": "7.3(2)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(8)"
},
{
"status": "affected",
"version": "7.1(1)N1(1a)"
},
{
"status": "affected",
"version": "7.0(3)IM3(3)"
},
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(2)"
},
{
"status": "affected",
"version": "6.2(9b)"
},
{
"status": "affected",
"version": "7.1(3)N1(2a)"
},
{
"status": "affected",
"version": "7.3(0)N1(1a)"
},
{
"status": "affected",
"version": "6.0(2)A8(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(6)"
},
{
"status": "affected",
"version": "8.4(1)"
},
{
"status": "affected",
"version": "6.2(25)"
},
{
"status": "affected",
"version": "6.0(2)U6(3a)"
},
{
"status": "affected",
"version": "6.0(2)A8(11a)"
},
{
"status": "affected",
"version": "6.2(11e)"
},
{
"status": "affected",
"version": "7.1(3)N1(5)"
},
{
"status": "affected",
"version": "7.0(3)I4(8z)"
},
{
"status": "affected",
"version": "6.2(11)"
},
{
"status": "affected",
"version": "7.0(3)I4(9)"
},
{
"status": "affected",
"version": "6.2(19)"
},
{
"status": "affected",
"version": "7.1(0)N1(1b)"
},
{
"status": "affected",
"version": "7.0(3)I7(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(7)"
},
{
"status": "affected",
"version": "6.2(5b)"
},
{
"status": "affected",
"version": "7.3(0)DY(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(9)"
},
{
"status": "affected",
"version": "6.0(2)A8(1)"
},
{
"status": "affected",
"version": "7.1(5)N1(1)"
},
{
"status": "affected",
"version": "6.2(15)"
},
{
"status": "affected",
"version": "6.0(2)A6(6)"
},
{
"status": "affected",
"version": "6.0(2)A8(10a)"
},
{
"status": "affected",
"version": "7.0(3)I5(1)"
},
{
"status": "affected",
"version": "9.3(1z)"
},
{
"status": "affected",
"version": "9.2(2)"
},
{
"status": "affected",
"version": "6.2(7)"
},
{
"status": "affected",
"version": "6.2(9c)"
},
{
"status": "affected",
"version": "7.0(3)F3(4)"
},
{
"status": "affected",
"version": "7.3(3)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8b)"
},
{
"status": "affected",
"version": "6.0(2)A8(3)"
},
{
"status": "affected",
"version": "6.2(11b)"
},
{
"status": "affected",
"version": "7.0(3)I4(6t)"
},
{
"status": "affected",
"version": "7.0(3)I5(3a)"
},
{
"status": "affected",
"version": "8.1(1a)"
},
{
"status": "affected",
"version": "6.2(13a)"
},
{
"status": "affected",
"version": "6.0(2)A8(8)"
},
{
"status": "affected",
"version": "7.0(3)I7(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(3a)"
},
{
"status": "affected",
"version": "7.1(0)N1(1a)"
},
{
"status": "affected",
"version": "6.0(2)A8(4)"
},
{
"status": "affected",
"version": "6.0(2)A6(3a)"
},
{
"status": "affected",
"version": "6.0(2)A6(5a)"
},
{
"status": "affected",
"version": "7.0(3)F2(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8a)"
},
{
"status": "affected",
"version": "6.0(2)U6(9)"
},
{
"status": "affected",
"version": "7.0(3)F3(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(2a)"
},
{
"status": "affected",
"version": "6.2(17)"
},
{
"status": "affected",
"version": "7.0(3)I4(4)"
},
{
"status": "affected",
"version": "6.2(23)"
},
{
"status": "affected",
"version": "6.2(13b)"
},
{
"status": "affected",
"version": "6.0(2)U6(3)"
},
{
"status": "affected",
"version": "7.1(2)N1(1a)"
},
{
"status": "affected",
"version": "7.0(3)I7(1)"
},
{
"status": "affected",
"version": "6.2(21)"
},
{
"status": "affected",
"version": "7.0(3)F2(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7b)"
},
{
"status": "affected",
"version": "6.2(11c)"
},
{
"status": "affected",
"version": "7.0(3)F1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(1a)"
},
{
"status": "affected",
"version": "7.1(0)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(2)"
},
{
"status": "affected",
"version": "7.1(4)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(4a)"
},
{
"status": "affected",
"version": "6.0(2)U6(4)"
},
{
"status": "affected",
"version": "8.4(1a)"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "7.3(7)N1(1)"
},
{
"status": "affected",
"version": "6.2(31)"
},
{
"status": "affected",
"version": "7.0(3)I7(8)"
},
{
"status": "affected",
"version": "6.0(2)U6(10a)"
},
{
"status": "affected",
"version": "7.3(7)N1(1a)"
},
{
"status": "affected",
"version": "9.3(4)"
},
{
"status": "affected",
"version": "6.2(33)"
},
{
"status": "affected",
"version": "9.3(5)"
},
{
"status": "affected",
"version": "8.4(2a)"
},
{
"status": "affected",
"version": "8.4(2b)"
},
{
"status": "affected",
"version": "7.3(8)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I7(9)"
},
{
"status": "affected",
"version": "7.3(7)N1(1b)"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "9.3(6)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "8.4(2c)"
},
{
"status": "affected",
"version": "9.3(5w)"
},
{
"status": "affected",
"version": "7.3(9)N1(1)"
},
{
"status": "affected",
"version": "9.3(7)"
},
{
"status": "affected",
"version": "9.3(7k)"
},
{
"status": "affected",
"version": "7.0(3)I7(9w)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "7.3(8)N1(1a)"
},
{
"status": "affected",
"version": "9.3(7a)"
},
{
"status": "affected",
"version": "9.3(8)"
},
{
"status": "affected",
"version": "8.4(2d)"
},
{
"status": "affected",
"version": "7.3(10)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I7(10)"
},
{
"status": "affected",
"version": "7.3(8)N1(1b)"
},
{
"status": "affected",
"version": "10.2(1q)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "9.3(9)"
},
{
"status": "affected",
"version": "10.1(2t)"
},
{
"status": "affected",
"version": "7.3(11)N1(1)"
},
{
"status": "affected",
"version": "10.2(3)"
},
{
"status": "affected",
"version": "10.2(3t)"
},
{
"status": "affected",
"version": "8.4(2e)"
},
{
"status": "affected",
"version": "9.3(10)"
},
{
"status": "affected",
"version": "7.3(11)N1(1a)"
},
{
"status": "affected",
"version": "10.2(2a)"
},
{
"status": "affected",
"version": "7.3(12)N1(1)"
},
{
"status": "affected",
"version": "9.2(1a)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.2(4)"
},
{
"status": "affected",
"version": "7.3(13)N1(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "9.3(11)"
},
{
"status": "affected",
"version": "10.3(3)"
},
{
"status": "affected",
"version": "10.2(5)"
},
{
"status": "affected",
"version": "9.4(1)"
},
{
"status": "affected",
"version": "9.3(2a)"
},
{
"status": "affected",
"version": "8.4(2f)"
},
{
"status": "affected",
"version": "9.3(12)"
},
{
"status": "affected",
"version": "10.2(3v)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "10.3(99w)"
},
{
"status": "affected",
"version": "7.3(14)N1(1)"
},
{
"status": "affected",
"version": "10.2(6)"
},
{
"status": "affected",
"version": "10.3(3w)"
},
{
"status": "affected",
"version": "10.3(99x)"
},
{
"status": "affected",
"version": "10.3(3o)"
},
{
"status": "affected",
"version": "10.3(4)"
},
{
"status": "affected",
"version": "10.3(3p)"
},
{
"status": "affected",
"version": "10.3(4a)"
},
{
"status": "affected",
"version": "9.4(1a)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "10.3(3q)"
},
{
"status": "affected",
"version": "9.3(13)"
},
{
"status": "affected",
"version": "10.3(5)"
},
{
"status": "affected",
"version": "10.2(7)"
},
{
"status": "affected",
"version": "10.4(3)"
},
{
"status": "affected",
"version": "10.3(3x)"
},
{
"status": "affected",
"version": "10.3(4g)"
},
{
"status": "affected",
"version": "10.3(3r)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.\u0026nbsp;\r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-653",
"description": "Insufficient Compartmentalization",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:37:27.149Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nxos-psbe-ce-YvbTn5du",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du"
},
{
"name": "Cisco NX-OS Security with Python",
"url": "https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410"
}
],
"source": {
"advisory": "cisco-sa-nxos-psbe-ce-YvbTn5du",
"defects": [
"CSCwh77780"
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Python Parser Escape Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20285",
"datePublished": "2024-08-28T16:37:27.149Z",
"dateReserved": "2023-11-08T15:08:07.626Z",
"dateUpdated": "2024-08-28T17:19:57.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0293
Vulnerability from cvelistv5
Published
2018-06-20 21:00
Modified
2024-11-29 15:02
Severity ?
EPSS score ?
Summary
A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device. The vulnerability is due to incorrect RBAC privilege assignment for certain CLI commands. An attacker could exploit this vulnerability by authenticating to a device as a nonadministrative user and executing specific commands from the CLI. An exploit could allow the attacker to run commands that should be restricted to administrative users. These commands could modify the configuration or boot image on the device. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd77904.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/104520 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco NX-OS unknown |
Version: Cisco NX-OS unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104520",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104520"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0293",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:42:16.060197Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:02:28.459Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device. The vulnerability is due to incorrect RBAC privilege assignment for certain CLI commands. An attacker could exploit this vulnerability by authenticating to a device as a nonadministrative user and executing specific commands from the CLI. An exploit could allow the attacker to run commands that should be restricted to administrative users. These commands could modify the configuration or boot image on the device. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd77904."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "104520",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104520"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0293",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device. The vulnerability is due to incorrect RBAC privilege assignment for certain CLI commands. An attacker could exploit this vulnerability by authenticating to a device as a nonadministrative user and executing specific commands from the CLI. An exploit could allow the attacker to run commands that should be restricted to administrative users. These commands could modify the configuration or boot image on the device. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd77904."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104520",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104520"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0293",
"datePublished": "2018-06-20T21:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:02:28.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1730
Vulnerability from cvelistv5
Published
2019-05-15 16:50
Modified
2024-11-21 19:30
Severity ?
EPSS score ?
Summary
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108397 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.051Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass"
},
{
"name": "108397",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108397"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1730",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:58:38.466792Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:30:45.299Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-21T13:06:05",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass"
},
{
"name": "108397",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108397"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-bash-bypass",
"defect": [
[
"CSCvh76090",
"CSCvj01472",
"CSCvj01497"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1730",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass"
},
{
"name": "108397",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108397"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-bash-bypass",
"defect": [
[
"CSCvh76090",
"CSCvj01472",
"CSCvj01497"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1730",
"datePublished": "2019-05-15T16:50:43.974976Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:30:45.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1804
Vulnerability from cvelistv5
Published
2019-05-03 16:25
Modified
2024-11-19 19:08
Severity ?
EPSS score ?
Summary
A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is due to the presence of a default SSH key pair that is present in all devices. An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials. An exploit could allow the attacker to access the system with the privileges of the root user. This vulnerability is only exploitable over IPv6; IPv4 is not vulnerable.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-sshkey | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode 11.0.1b |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-sshkey"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1804",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:21:20.927627Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:08:10.858Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode 11.0.1b",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is due to the presence of a default SSH key pair that is present in all devices. An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials. An exploit could allow the attacker to access the system with the privileges of the root user. This vulnerability is only exploitable over IPv6; IPv4 is not vulnerable."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-03T16:25:31",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-sshkey"
}
],
"source": {
"advisory": "cisco-sa-20190501-nexus9k-sshkey",
"defect": [
[
"CSCvo80686"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-01T16:00:00-0700",
"ID": "CVE-2019-1804",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode 11.0.1b",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is due to the presence of a default SSH key pair that is present in all devices. An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials. An exploit could allow the attacker to access the system with the privileges of the root user. This vulnerability is only exploitable over IPv6; IPv4 is not vulnerable."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-sshkey"
}
]
},
"source": {
"advisory": "cisco-sa-20190501-nexus9k-sshkey",
"defect": [
[
"CSCvo80686"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1804",
"datePublished": "2019-05-03T16:25:32.005358Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:08:10.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3415
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:10
Severity ?
EPSS score ?
Summary
A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Exploitation of this vulnerability also requires jumbo frames to be enabled on the interface that receives the crafted Cisco Discovery Protocol packets on the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dme-rce-cbE3nhZS | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:58.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200826 Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dme-rce-cbE3nhZS"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3415",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:18:14.256789Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:10:14.077Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Exploitation of this vulnerability also requires jumbo frames to be enabled on the interface that receives the crafted Cisco Discovery Protocol packets on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-27T15:40:23",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200826 Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dme-rce-cbE3nhZS"
}
],
"source": {
"advisory": "cisco-sa-nxos-dme-rce-cbE3nhZS",
"defect": [
[
"CSCvr89315",
"CSCvs10167"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-08-26T16:00:00",
"ID": "CVE-2020-3415",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Exploitation of this vulnerability also requires jumbo frames to be enabled on the interface that receives the crafted Cisco Discovery Protocol packets on the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.8",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200826 Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dme-rce-cbE3nhZS"
}
]
},
"source": {
"advisory": "cisco-sa-nxos-dme-rce-cbE3nhZS",
"defect": [
[
"CSCvr89315",
"CSCvs10167"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3415",
"datePublished": "2020-08-27T15:40:23.899583Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:10:14.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4324
Vulnerability from cvelistv5
Published
2015-08-19 15:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1033327 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/76372 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=40470 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:11:12.896Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1033327",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033327"
},
{
"name": "76372",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/76372"
},
{
"name": "20150817 Cisco NX-OS Internet Group Management Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40470"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1033327",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033327"
},
{
"name": "76372",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/76372"
},
{
"name": "20150817 Cisco NX-OS Internet Group Management Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40470"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4324",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033327",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033327"
},
{
"name": "76372",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76372"
},
{
"name": "20150817 Cisco NX-OS Internet Group Management Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40470"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-4324",
"datePublished": "2015-08-19T15:00:00",
"dateReserved": "2015-06-04T00:00:00",
"dateUpdated": "2024-08-06T06:11:12.896Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1967
Vulnerability from cvelistv5
Published
2019-08-29 21:45
Modified
2024-11-19 18:58
Severity ?
EPSS score ?
Summary
A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload. Note: The NTP feature is enabled by default.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ntp-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(2) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:35:51.286Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190828 Cisco NX-OS Software Network Time Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ntp-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1967",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:23:18.708362Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T18:58:07.518Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(2)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload. Note: The NTP feature is enabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-29T21:45:15",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190828 Cisco NX-OS Software Network Time Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ntp-dos"
}
],
"source": {
"advisory": "cisco-sa-20190828-nxos-ntp-dos",
"defect": [
[
"CSCvm35740",
"CSCvm51138",
"CSCvm51139",
"CSCvm51142"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Network Time Protocol Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-08-28T16:00:00-0700",
"ID": "CVE-2019-1967",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Network Time Protocol Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(2)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload. Note: The NTP feature is enabled by default."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190828 Cisco NX-OS Software Network Time Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ntp-dos"
}
]
},
"source": {
"advisory": "cisco-sa-20190828-nxos-ntp-dos",
"defect": [
[
"CSCvm35740",
"CSCvm51138",
"CSCvm51139",
"CSCvm51142"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1967",
"datePublished": "2019-08-29T21:45:15.166469Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T18:58:07.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1361
Vulnerability from cvelistv5
Published
2021-02-24 19:30
Modified
2024-11-08 23:38
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:16.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210224 Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1361",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T19:56:03.272438Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:38:40.489Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-24T19:30:41",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210224 Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2"
}
],
"source": {
"advisory": "cisco-sa-3000-9000-fileaction-QtLzDRy2",
"defect": [
[
"CSCvw89875"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-02-24T16:00:00",
"ID": "CVE-2021-1361",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-552"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210224 Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2"
}
]
},
"source": {
"advisory": "cisco-sa-3000-9000-fileaction-QtLzDRy2",
"defect": [
[
"CSCvw89875"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1361",
"datePublished": "2021-02-24T19:30:41.350830Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:38:40.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12662
Vulnerability from cvelistv5
Published
2019-09-25 20:16
Modified
2024-11-20 17:09
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software 6.0(2)A1(1) |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:39.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190925 Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-12662",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:51:46.149868Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:09:50.280Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software 6.0(2)A1(1)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-25T20:16:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190925 Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman"
}
],
"source": {
"advisory": "cisco-sa-20190925-vman",
"defect": [
[
"CSCve53538",
"CSCve93259",
"CSCvg14195"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-09-25T16:00:00-0700",
"ID": "CVE-2019-12662",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software 6.0(2)A1(1)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190925 Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman"
}
]
},
"source": {
"advisory": "cisco-sa-20190925-vman",
"defect": [
[
"CSCve53538",
"CSCve93259",
"CSCvg14195"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-12662",
"datePublished": "2019-09-25T20:16:01.772896Z",
"dateReserved": "2019-06-04T00:00:00",
"dateUpdated": "2024-11-20T17:09:50.280Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0301
Vulnerability from cvelistv5
Published
2018-06-20 21:00
Modified
2024-11-29 15:01
Severity ?
EPSS score ?
Summary
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow. The vulnerability is due to incorrect input validation in the authentication module of the NX-API subsystem. An attacker could exploit this vulnerability by sending a crafted HTTP or HTTPS packet to the management interface of an affected system with the NX-API feature enabled. An exploit could allow the attacker to execute arbitrary code as root. Note: NX-API is disabled by default. This vulnerability affects: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd45804, CSCve02322, CSCve02412.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/104512 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-bo | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco NX-OS unknown |
Version: Cisco NX-OS unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:14.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104512"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-bo"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0301",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:45:41.511877Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:01:59.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow. The vulnerability is due to incorrect input validation in the authentication module of the NX-API subsystem. An attacker could exploit this vulnerability by sending a crafted HTTP or HTTPS packet to the management interface of an affected system with the NX-API feature enabled. An exploit could allow the attacker to execute arbitrary code as root. Note: NX-API is disabled by default. This vulnerability affects: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd45804, CSCve02322, CSCve02412."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "104512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104512"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-bo"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow. The vulnerability is due to incorrect input validation in the authentication module of the NX-API subsystem. An attacker could exploit this vulnerability by sending a crafted HTTP or HTTPS packet to the management interface of an affected system with the NX-API feature enabled. An exploit could allow the attacker to execute arbitrary code as root. Note: NX-API is disabled by default. This vulnerability affects: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd45804, CSCve02322, CSCve02412."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104512"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-bo",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-bo"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0301",
"datePublished": "2018-06-20T21:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:01:59.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-10136
Vulnerability from cvelistv5
Published
2020-06-02 08:35
Modified
2024-09-17 00:56
Severity ?
EPSS score ?
Summary
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | IETF | RFC2003 - IP Encapsulation within IP |
Version: STD 1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:50:57.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#636397",
"tags": [
"x_transferred"
],
"url": "https://kb.cert.org/vuls/id/636397/"
},
{
"tags": [
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.digi.com/resources/security"
},
{
"name": "VU#636397",
"tags": [
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/636397"
},
{
"name": "Security Concerns with IP Tunneling",
"tags": [
"x_transferred"
],
"url": "https://datatracker.ietf.org/doc/html/rfc6169"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RFC2003 - IP Encapsulation within IP",
"vendor": "IETF",
"versions": [
{
"status": "affected",
"version": "STD 1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Yannay Livneh for reporting this issue."
}
],
"datePublic": "2020-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T21:10:04.191Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#636397",
"url": "https://kb.cert.org/vuls/id/636397/"
},
{
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4"
},
{
"url": "https://www.digi.com/resources/security"
},
{
"name": "VU#636397",
"url": "https://www.kb.cert.org/vuls/id/636397"
},
{
"name": "Security Concerns with IP Tunneling",
"url": "https://datatracker.ietf.org/doc/html/rfc6169"
}
],
"solutions": [
{
"lang": "en",
"value": "Customers should apply the latest patch provided by the affected vendor that addresses this issue and prevents unspecified IP-in-IP packets from being processed. Devices manufacturers are urged to disable IP-in-IP in their default configuration and require their customers to explicitly configure IP-in-IP as and when needed."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "IP-in-IP protocol allows a remote, unauthenticated attacker to route arbitrary network traffic",
"workarounds": [
{
"lang": "en",
"value": "Users can block IP-in-IP packets by filtering IP protocol number 4. Note this filtering is for the IPv4 Protocol (or IPv6 Next Header) field value of 4 and not IP protocol version 4 (IPv4)."
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2020-10136",
"datePublished": "2020-06-02T08:35:12.921954Z",
"dateReserved": "2020-03-05T00:00:00",
"dateUpdated": "2024-09-17T00:56:11.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1977
Vulnerability from cvelistv5
Published
2019-08-29 21:50
Modified
2024-11-21 19:15
Severity ?
EPSS score ?
Summary
A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an endpoint device in certain circumstances. The vulnerability is due to improper endpoint learning when packets are received on a specific port from outside the ACI fabric and destined to an endpoint located on a border leaf when Disable Remote Endpoint Learning has been enabled. This can result in a Remote (XR) entry being created for the impacted endpoint that will become stale if the endpoint migrates to a different port or leaf switch. This results in traffic not reaching the impacted endpoint until the Remote entry can be relearned by another mechanism.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nexus-aci-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Nexus 9000 Series Fabric Switches in ACI |
Version: unspecified < 12.2(4M) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:35:51.847Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190828 Cisco Nexus 9000 Series Fabric Switches ACI Mode Border Leaf Endpoint Learning Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nexus-aci-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1977",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:57:07.380958Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:15:02.726Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Nexus 9000 Series Fabric Switches in ACI",
"vendor": "Cisco",
"versions": [
{
"lessThan": "12.2(4M)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an endpoint device in certain circumstances. The vulnerability is due to improper endpoint learning when packets are received on a specific port from outside the ACI fabric and destined to an endpoint located on a border leaf when Disable Remote Endpoint Learning has been enabled. This can result in a Remote (XR) entry being created for the impacted endpoint that will become stale if the endpoint migrates to a different port or leaf switch. This results in traffic not reaching the impacted endpoint until the Remote entry can be relearned by another mechanism."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-371",
"description": "CWE-371",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-29T21:50:14",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190828 Cisco Nexus 9000 Series Fabric Switches ACI Mode Border Leaf Endpoint Learning Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nexus-aci-dos"
}
],
"source": {
"advisory": "cisco-sa-20190828-nexus-aci-dos",
"defect": [
[
"CSCvi11291"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Border Leaf Endpoint Learning Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-08-28T16:00:00-0700",
"ID": "CVE-2019-1977",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Border Leaf Endpoint Learning Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Nexus 9000 Series Fabric Switches in ACI",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "12.2(4M)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an endpoint device in certain circumstances. The vulnerability is due to improper endpoint learning when packets are received on a specific port from outside the ACI fabric and destined to an endpoint located on a border leaf when Disable Remote Endpoint Learning has been enabled. This can result in a Remote (XR) entry being created for the impacted endpoint that will become stale if the endpoint migrates to a different port or leaf switch. This results in traffic not reaching the impacted endpoint until the Remote entry can be relearned by another mechanism."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-371"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190828 Cisco Nexus 9000 Series Fabric Switches ACI Mode Border Leaf Endpoint Learning Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nexus-aci-dos"
}
]
},
"source": {
"advisory": "cisco-sa-20190828-nexus-aci-dos",
"defect": [
[
"CSCvi11291"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1977",
"datePublished": "2019-08-29T21:50:14.241461Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:15:02.726Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1769
Vulnerability from cvelistv5
Published
2019-05-15 19:20
Modified
2024-11-20 17:21
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system of an attached line card with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system of an attached line card with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-linecardinj-1769 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108393 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.806Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Line Card Command Injection Vulnerability (CVE-2019-1769)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-linecardinj-1769"
},
{
"name": "108393",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108393"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1769",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:54:57.272461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:21:59.855Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system of an attached line card with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system of an attached line card with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-21T09:06:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Line Card Command Injection Vulnerability (CVE-2019-1769)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-linecardinj-1769"
},
{
"name": "108393",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108393"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-linecardinj-1769",
"defect": [
[
"CSCvh20032",
"CSCvj00299"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Line Card Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1769",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Line Card Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system of an attached line card with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system of an attached line card with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS Software Line Card Command Injection Vulnerability (CVE-2019-1769)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-linecardinj-1769"
},
{
"name": "108393",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108393"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-linecardinj-1769",
"defect": [
[
"CSCvh20032",
"CSCvj00299"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1769",
"datePublished": "2019-05-15T19:20:25.137561Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:21:59.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0330
Vulnerability from cvelistv5
Published
2018-06-20 21:00
Modified
2024-11-29 15:00
Severity ?
EPSS score ?
Summary
A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly validate certain parameters included within an NX-API request. An attacker that can successfully authenticate to the NX-API could submit a request designed to bypass NX-OS role assignment. A successful exploit could allow the attacker to execute commands with elevated privileges. This vulnerability affects the following if configured to use the NX-API feature: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCvc73177, CSCve40903, CSCve40911.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-nxapi | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco NX-OS unknown |
Version: Cisco NX-OS unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.418Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-nxapi"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0330",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:42:11.599117Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:00:23.660Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly validate certain parameters included within an NX-API request. An attacker that can successfully authenticate to the NX-API could submit a request designed to bypass NX-OS role assignment. A successful exploit could allow the attacker to execute commands with elevated privileges. This vulnerability affects the following if configured to use the NX-API feature: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCvc73177, CSCve40903, CSCve40911."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-nxapi"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0330",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly validate certain parameters included within an NX-API request. An attacker that can successfully authenticate to the NX-API could submit a request designed to bypass NX-OS role assignment. A successful exploit could allow the attacker to execute commands with elevated privileges. This vulnerability affects the following if configured to use the NX-API feature: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCvc73177, CSCve40903, CSCve40911."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-nxapi",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-nxapi"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0330",
"datePublished": "2018-06-20T21:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:00:23.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1968
Vulnerability from cvelistv5
Published
2019-08-29 21:50
Modified
2024-11-19 18:57
Severity ?
EPSS score ?
Summary
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software 6.0(2)A4(1) |
Version: unspecified < 8.3(2) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:35:52.007Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190828 Cisco NX-OS Software NX-API Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1968",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:23:15.309150Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T18:57:48.765Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software 6.0(2)A4(1)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(2)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-29T21:50:25",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190828 Cisco NX-OS Software NX-API Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos"
}
],
"source": {
"advisory": "cisco-sa-20190828-nxos-api-dos",
"defect": [
[
"CSCvn26502",
"CSCvn31273",
"CSCvn57900"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software NX-API Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-08-28T16:00:00-0700",
"ID": "CVE-2019-1968",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software NX-API Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software 6.0(2)A4(1)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(2)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190828 Cisco NX-OS Software NX-API Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos"
}
]
},
"source": {
"advisory": "cisco-sa-20190828-nxos-api-dos",
"defect": [
[
"CSCvn26502",
"CSCvn31273",
"CSCvn57900"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1968",
"datePublished": "2019-08-29T21:50:25.458591Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T18:57:48.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4213
Vulnerability from cvelistv5
Published
2015-06-24 10:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032712 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75378 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39469 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:11:11.784Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032712",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032712"
},
{
"name": "75378",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75378"
},
{
"name": "20150623 Cisco Nexus 9000 Series Software Password Exposure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39469"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1032712",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032712"
},
{
"name": "75378",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75378"
},
{
"name": "20150623 Cisco Nexus 9000 Series Software Password Exposure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39469"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032712",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032712"
},
{
"name": "75378",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75378"
},
{
"name": "20150623 Cisco Nexus 9000 Series Software Password Exposure Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39469"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-4213",
"datePublished": "2015-06-24T10:00:00",
"dateReserved": "2015-06-04T00:00:00",
"dateUpdated": "2024-08-06T06:11:11.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0310
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:57
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco FXOS and NX-OS unknown |
Version: Cisco FXOS and NX-OS unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0310",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:45:33.591091Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T14:57:46.193Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco FXOS and NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco FXOS and NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0310",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco FXOS and NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco FXOS and NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0310",
"datePublished": "2018-06-21T11:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T14:57:46.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1588
Vulnerability from cvelistv5
Published
2021-08-25 19:11
Modified
2024-11-07 22:02
Severity ?
EPSS score ?
Summary
A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation when an affected device is processing an MPLS echo-request or echo-reply packet. An attacker could exploit this vulnerability by sending malicious MPLS echo-request or echo-reply packets to an interface that is enabled for MPLS forwarding on the affected device. A successful exploit could allow the attacker to cause the MPLS OAM process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-mpls-oam-dos-sGO9x5GM | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210825 Cisco NX-OS Software MPLS OAM Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-mpls-oam-dos-sGO9x5GM"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1588",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:54:25.820055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:02:19.462Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation when an affected device is processing an MPLS echo-request or echo-reply packet. An attacker could exploit this vulnerability by sending malicious MPLS echo-request or echo-reply packets to an interface that is enabled for MPLS forwarding on the affected device. A successful exploit could allow the attacker to cause the MPLS OAM process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-25T19:11:13",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210825 Cisco NX-OS Software MPLS OAM Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-mpls-oam-dos-sGO9x5GM"
}
],
"source": {
"advisory": "cisco-sa-nxos-mpls-oam-dos-sGO9x5GM",
"defect": [
[
"CSCvx48078",
"CSCvx66765"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software MPLS OAM Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-08-25T16:00:00",
"ID": "CVE-2021-1588",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software MPLS OAM Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation when an affected device is processing an MPLS echo-request or echo-reply packet. An attacker could exploit this vulnerability by sending malicious MPLS echo-request or echo-reply packets to an interface that is enabled for MPLS forwarding on the affected device. A successful exploit could allow the attacker to cause the MPLS OAM process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-126"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210825 Cisco NX-OS Software MPLS OAM Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-mpls-oam-dos-sGO9x5GM"
}
]
},
"source": {
"advisory": "cisco-sa-nxos-mpls-oam-dos-sGO9x5GM",
"defect": [
[
"CSCvx48078",
"CSCvx66765"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1588",
"datePublished": "2021-08-25T19:11:13.438325Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:02:19.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0292
Vulnerability from cvelistv5
Published
2018-06-20 21:00
Modified
2024-11-29 15:02
Severity ?
EPSS score ?
Summary
A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the IGMP Snooping subsystem. An attacker could exploit this vulnerability by sending crafted IGMP packets to an affected system. An exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCuv79620, CSCvg71263.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosigmp | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco NX-OS unknown |
Version: Cisco NX-OS unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.430Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosigmp"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0292",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:42:22.336104Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:02:37.165Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the IGMP Snooping subsystem. An attacker could exploit this vulnerability by sending crafted IGMP packets to an affected system. An exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCuv79620, CSCvg71263."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosigmp"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0292",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the IGMP Snooping subsystem. An attacker could exploit this vulnerability by sending crafted IGMP packets to an affected system. An exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCuv79620, CSCvg71263."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosigmp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosigmp"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0292",
"datePublished": "2018-06-20T21:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:02:37.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-6295
Vulnerability from cvelistv5
Published
2015-09-20 14:00
Modified
2024-08-06 07:15
Severity ?
EPSS score ?
Summary
Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=40990 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1033611 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:15:13.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150916 Cisco Nexus 9000 Series Switches Reserved VLAN Number Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40990"
},
{
"name": "1033611",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033611"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150916 Cisco Nexus 9000 Series Switches Reserved VLAN Number Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40990"
},
{
"name": "1033611",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033611"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150916 Cisco Nexus 9000 Series Switches Reserved VLAN Number Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40990"
},
{
"name": "1033611",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033611"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-6295",
"datePublished": "2015-09-20T14:00:00",
"dateReserved": "2015-08-17T00:00:00",
"dateUpdated": "2024-08-06T07:15:13.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3165
Vulnerability from cvelistv5
Published
2020-02-26 16:45
Modified
2024-11-15 17:39
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. The vulnerability occurs because the BGP MD5 authentication is bypassed if the peer does not have MD5 authentication configured, the NX-OS device does have BGP MD5 authentication configured, and the NX-OS BGP virtual routing and forwarding (VRF) name is configured to be greater than 19 characters. An attacker could exploit this vulnerability by attempting to establish a BGP session with the NX-OS peer. A successful exploit could allow the attacker to establish a BGP session with the NX-OS device without MD5 authentication. The Cisco implementation of the BGP protocol accepts incoming BGP traffic only from explicitly configured peers. To exploit this vulnerability, an attacker must send the malicious packets over a TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the affected system’s trusted network.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-bgpmd5 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: 9.2(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:24:00.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200226 Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-bgpmd5"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3165",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:22:24.323433Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:39:00.943Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.2(1)"
}
]
}
],
"datePublic": "2020-02-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. The vulnerability occurs because the BGP MD5 authentication is bypassed if the peer does not have MD5 authentication configured, the NX-OS device does have BGP MD5 authentication configured, and the NX-OS BGP virtual routing and forwarding (VRF) name is configured to be greater than 19 characters. An attacker could exploit this vulnerability by attempting to establish a BGP session with the NX-OS peer. A successful exploit could allow the attacker to establish a BGP session with the NX-OS device without MD5 authentication. The Cisco implementation of the BGP protocol accepts incoming BGP traffic only from explicitly configured peers. To exploit this vulnerability, an attacker must send the malicious packets over a TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the affected system\u0026rsquo;s trusted network."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-26T16:45:18",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200226 Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-bgpmd5"
}
],
"source": {
"advisory": "cisco-sa-20200226-nxos-bgpmd5",
"defect": [
[
"CSCvq72707"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-02-26T16:00:00-0800",
"ID": "CVE-2020-3165",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_value": "9.2(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. The vulnerability occurs because the BGP MD5 authentication is bypassed if the peer does not have MD5 authentication configured, the NX-OS device does have BGP MD5 authentication configured, and the NX-OS BGP virtual routing and forwarding (VRF) name is configured to be greater than 19 characters. An attacker could exploit this vulnerability by attempting to establish a BGP session with the NX-OS peer. A successful exploit could allow the attacker to establish a BGP session with the NX-OS device without MD5 authentication. The Cisco implementation of the BGP protocol accepts incoming BGP traffic only from explicitly configured peers. To exploit this vulnerability, an attacker must send the malicious packets over a TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the affected system\u0026rsquo;s trusted network."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.2",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200226 Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-bgpmd5"
}
]
},
"source": {
"advisory": "cisco-sa-20200226-nxos-bgpmd5",
"defect": [
[
"CSCvq72707"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3165",
"datePublished": "2020-02-26T16:45:18.681531Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:39:00.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0294
Vulnerability from cvelistv5
Published
2018-06-20 21:00
Modified
2024-11-29 15:02
Severity ?
EPSS score ?
Summary
A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco FXOS and NX-OS unknown |
Version: Cisco FXOS and NX-OS unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0294",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:42:14.413008Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:02:18.535Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco FXOS and NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco FXOS and NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0294",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco FXOS and NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco FXOS and NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0294",
"datePublished": "2018-06-20T21:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:02:18.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3394
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:09
Severity ?
EPSS score ?
Summary
A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. To exploit this vulnerability, the attacker would need to have valid credentials for the affected device. The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command. A successful exploit could allow the attacker to gain full administrative privileges without using the enable password. Note: The Enable Secret feature is disabled by default.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:58.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200826 Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3394",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:18:12.987319Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:09:48.378Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. To exploit this vulnerability, the attacker would need to have valid credentials for the affected device. The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command. A successful exploit could allow the attacker to gain full administrative privileges without using the enable password. Note: The Enable Secret feature is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-27T15:40:38",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200826 Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC"
}
],
"source": {
"advisory": "cisco-sa-n3n9k-priv-escal-3QhXJBC",
"defect": [
[
"CSCvt77885"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-08-26T16:00:00",
"ID": "CVE-2020-3394",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. To exploit this vulnerability, the attacker would need to have valid credentials for the affected device. The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command. A successful exploit could allow the attacker to gain full administrative privileges without using the enable password. Note: The Enable Secret feature is disabled by default."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.8",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200826 Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC"
}
]
},
"source": {
"advisory": "cisco-sa-n3n9k-priv-escal-3QhXJBC",
"defect": [
[
"CSCvt77885"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3394",
"datePublished": "2020-08-27T15:40:38.740636Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:09:48.378Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0295
Vulnerability from cvelistv5
Published
2018-06-20 21:00
Modified
2024-11-29 15:02
Severity ?
EPSS score ?
Summary
A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update messages. An attacker could exploit this vulnerability by sending a crafted BGP update message to the targeted device. An exploit could allow the attacker to cause the switch to reload unexpectedly. The Cisco implementation of the BGP protocol only accepts incoming BGP traffic from explicitly defined peers. To exploit this vulnerability, an attacker must be able to send the malicious packets over a TCP connection that appears to come from a trusted BGP peer or inject malformed messages into the victim's BGP network. This would require obtaining information about the BGP peers in the affected system's trusted network. The vulnerability may be triggered when the router receives a malformed BGP message from a peer on an existing BGP session. At least one BGP neighbor session must be established for a router to be vulnerable. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve79599, CSCve87784, CSCve91371, CSCve91387.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosbgp | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco NX-OS unknown |
Version: Cisco NX-OS unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.489Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosbgp"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0295",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:43:43.333193Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:02:09.803Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco NX-OS unknown"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update messages. An attacker could exploit this vulnerability by sending a crafted BGP update message to the targeted device. An exploit could allow the attacker to cause the switch to reload unexpectedly. The Cisco implementation of the BGP protocol only accepts incoming BGP traffic from explicitly defined peers. To exploit this vulnerability, an attacker must be able to send the malicious packets over a TCP connection that appears to come from a trusted BGP peer or inject malformed messages into the victim\u0027s BGP network. This would require obtaining information about the BGP peers in the affected system\u0027s trusted network. The vulnerability may be triggered when the router receives a malformed BGP message from a peer on an existing BGP session. At least one BGP neighbor session must be established for a router to be vulnerable. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve79599, CSCve87784, CSCve91371, CSCve91387."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-23T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosbgp"
},
{
"name": "1041169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS unknown",
"version": {
"version_data": [
{
"version_value": "Cisco NX-OS unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update messages. An attacker could exploit this vulnerability by sending a crafted BGP update message to the targeted device. An exploit could allow the attacker to cause the switch to reload unexpectedly. The Cisco implementation of the BGP protocol only accepts incoming BGP traffic from explicitly defined peers. To exploit this vulnerability, an attacker must be able to send the malicious packets over a TCP connection that appears to come from a trusted BGP peer or inject malformed messages into the victim\u0027s BGP network. This would require obtaining information about the BGP peers in the affected system\u0027s trusted network. The vulnerability may be triggered when the router receives a malformed BGP message from a peer on an existing BGP session. At least one BGP neighbor session must be established for a router to be vulnerable. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve79599, CSCve87784, CSCve91371, CSCve91387."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosbgp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosbgp"
},
{
"name": "1041169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0295",
"datePublished": "2018-06-20T21:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:02:09.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1690
Vulnerability from cvelistv5
Published
2019-03-11 22:00
Modified
2024-11-21 19:42
Severity ?
EPSS score ?
Summary
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/107317 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Application Policy Infrastructure Controller (APIC) |
Version: unspecified < 4.2(0.21c) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:41.061Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "107317",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107317"
},
{
"name": "20190306 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1690",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:59:59.996279Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:42:40.791Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Application Policy Infrastructure Controller (APIC)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "4.2(0.21c)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-12T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "107317",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107317"
},
{
"name": "20190306 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6"
}
],
"source": {
"advisory": "cisco-sa-20190306-apic-ipv6",
"defect": [
[
"CSCvn09855"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-06T16:00:00-0800",
"ID": "CVE-2019-1690",
"STATE": "PUBLIC",
"TITLE": "Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Application Policy Infrastructure Controller (APIC)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "4.2(0.21c)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.3",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "107317",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107317"
},
{
"name": "20190306 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6"
}
]
},
"source": {
"advisory": "cisco-sa-20190306-apic-ipv6",
"defect": [
[
"CSCvn09855"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1690",
"datePublished": "2019-03-11T22:00:00Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:42:40.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4277
Vulnerability from cvelistv5
Published
2015-08-19 18:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39939 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1033259 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:11:12.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150811 Cisco ASR 9000 Series Aggregation Services Routers tmp Files Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39939"
},
{
"name": "1033259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033259"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-08-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-20T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150811 Cisco ASR 9000 Series Aggregation Services Routers tmp Files Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39939"
},
{
"name": "1033259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033259"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150811 Cisco ASR 9000 Series Aggregation Services Routers tmp Files Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39939"
},
{
"name": "1033259",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033259"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-4277",
"datePublished": "2015-08-19T18:00:00",
"dateReserved": "2015-06-04T00:00:00",
"dateUpdated": "2024-08-06T06:11:12.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1583
Vulnerability from cvelistv5
Published
2021-08-25 19:10
Modified
2024-11-07 22:02
Severity ?
EPSS score ?
Summary
A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system. This vulnerability is due to improper access control. An attacker with Administrator privileges could exploit this vulnerability by executing a specific vulnerable command on an affected device. A successful exploit could allow the attacker to read arbitrary files on the file system of the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-afr-UtjfO2D7 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS System Software in ACI Mode |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Arbitrary File Read Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-afr-UtjfO2D7"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1583",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:40:54.721873Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:02:44.390Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS System Software in ACI Mode",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system. This vulnerability is due to improper access control. An attacker with Administrator privileges could exploit this vulnerability by executing a specific vulnerable command on an affected device. A successful exploit could allow the attacker to read arbitrary files on the file system of the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-25T19:10:48",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Arbitrary File Read Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-afr-UtjfO2D7"
}
],
"source": {
"advisory": "cisco-sa-naci-afr-UtjfO2D7",
"defect": [
[
"CSCvy05010"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Arbitrary File Read Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-08-25T16:00:00",
"ID": "CVE-2021-1583",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Arbitrary File Read Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS System Software in ACI Mode",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system. This vulnerability is due to improper access control. An attacker with Administrator privileges could exploit this vulnerability by executing a specific vulnerable command on an affected device. A successful exploit could allow the attacker to read arbitrary files on the file system of the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.4",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Arbitrary File Read Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-afr-UtjfO2D7"
}
]
},
"source": {
"advisory": "cisco-sa-naci-afr-UtjfO2D7",
"defect": [
[
"CSCvy05010"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1583",
"datePublished": "2021-08-25T19:10:48.311346Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:02:44.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1781
Vulnerability from cvelistv5
Published
2019-05-15 19:45
Modified
2024-11-20 17:20
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108407 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.734Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782"
},
{
"name": "108407",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108407"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1781",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:54:44.395123Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:20:46.849Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-22T13:06:04",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782"
},
{
"name": "108407",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108407"
}
],
"source": {
"advisory": "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782",
"defect": [
[
"CSCvh20027",
"CSCvh20389",
"CSCvi01445",
"CSCvi01448",
"CSCvi91985",
"CSCvi92126",
"CSCvi92128",
"CSCvi92129",
"CSCvi92130",
"CSCvi96522",
"CSCvi96524",
"CSCvi96525",
"CSCvi96526",
"CSCvi96527"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco FXOS and NX-OS Software Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1781",
"STATE": "PUBLIC",
"TITLE": "Cisco FXOS and NX-OS Software Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782"
},
{
"name": "108407",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108407"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782",
"defect": [
[
"CSCvh20027",
"CSCvh20389",
"CSCvi01445",
"CSCvi01448",
"CSCvi91985",
"CSCvi92126",
"CSCvi92128",
"CSCvi92129",
"CSCvi92130",
"CSCvi96522",
"CSCvi96524",
"CSCvi96525",
"CSCvi96526",
"CSCvi96527"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1781",
"datePublished": "2019-05-15T19:45:27.562921Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:20:46.849Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1231
Vulnerability from cvelistv5
Published
2021-02-24 19:30
Modified
2024-11-08 23:38
Severity ?
EPSS score ?
Summary
A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allow the attacker to disable switching on the SFP interface, which could disrupt network traffic.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS System Software in ACI Mode |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1231",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:48:27.423914Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:38:56.652Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS System Software in ACI Mode",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allow the attacker to disable switching on the SFP interface, which could disrupt network traffic."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-24T19:30:36",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj"
}
],
"source": {
"advisory": "cisco-sa-apic-lldap-dos-WerV9CFj",
"defect": [
[
"CSCvu84570"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-02-24T16:00:00",
"ID": "CVE-2021-1231",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS System Software in ACI Mode",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allow the attacker to disable switching on the SFP interface, which could disrupt network traffic."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.7",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj"
}
]
},
"source": {
"advisory": "cisco-sa-apic-lldap-dos-WerV9CFj",
"defect": [
[
"CSCvu84570"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1231",
"datePublished": "2021-02-24T19:30:36.992019Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:38:56.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1523
Vulnerability from cvelistv5
Published
2021-08-25 19:10
Modified
2024-11-07 22:03
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in one or more leaf switches being removed from the fabric. This vulnerability is due to mishandling of ingress TCP traffic to a specific port. An attacker could exploit this vulnerability by sending a stream of TCP packets to a specific port on a Switched Virtual Interface (SVI) configured on the device. A successful exploit could allow the attacker to cause a specific packet queue to queue network buffers but never process them, leading to an eventual queue wedge. This could cause control plane traffic to be dropped, resulting in a denial of service (DoS) condition where the leaf switches are unavailable. Note: This vulnerability requires a manual intervention to power-cycle the device to recover.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-queue-wedge-cLDDEfKF | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS System Software in ACI Mode |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-queue-wedge-cLDDEfKF"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1523",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:54:29.770788Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:03:29.112Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS System Software in ACI Mode",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in one or more leaf switches being removed from the fabric. This vulnerability is due to mishandling of ingress TCP traffic to a specific port. An attacker could exploit this vulnerability by sending a stream of TCP packets to a specific port on a Switched Virtual Interface (SVI) configured on the device. A successful exploit could allow the attacker to cause a specific packet queue to queue network buffers but never process them, leading to an eventual queue wedge. This could cause control plane traffic to be dropped, resulting in a denial of service (DoS) condition where the leaf switches are unavailable. Note: This vulnerability requires a manual intervention to power-cycle the device to recover."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-772",
"description": "CWE-772",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-25T19:10:10",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-queue-wedge-cLDDEfKF"
}
],
"source": {
"advisory": "cisco-sa-n9kaci-queue-wedge-cLDDEfKF",
"defect": [
[
"CSCvx14142"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-08-25T16:00:00",
"ID": "CVE-2021-1523",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS System Software in ACI Mode",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in one or more leaf switches being removed from the fabric. This vulnerability is due to mishandling of ingress TCP traffic to a specific port. An attacker could exploit this vulnerability by sending a stream of TCP packets to a specific port on a Switched Virtual Interface (SVI) configured on the device. A successful exploit could allow the attacker to cause a specific packet queue to queue network buffers but never process them, leading to an eventual queue wedge. This could cause control plane traffic to be dropped, resulting in a denial of service (DoS) condition where the leaf switches are unavailable. Note: This vulnerability requires a manual intervention to power-cycle the device to recover."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-772"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-queue-wedge-cLDDEfKF"
}
]
},
"source": {
"advisory": "cisco-sa-n9kaci-queue-wedge-cLDDEfKF",
"defect": [
[
"CSCvx14142"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1523",
"datePublished": "2021-08-25T19:10:10.198266Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:03:29.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1587
Vulnerability from cvelistv5
Published
2019-05-03 14:45
Modified
2024-11-21 19:36
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information. The vulnerability occurs because the affected software does not properly validate user-supplied input. An attacker could exploit this vulnerability by issuing certain commands with filtered query results on the device. This action may cause returned messages to display confidential system information. A successful exploit could allow the attacker to read sensitive information on the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-filter-query | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Application Policy Infrastructure Controller (APIC) |
Version: unspecified < 4.2(0.33c) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Filter Query Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-filter-query"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1587",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:59:08.475465Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:36:31.794Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Application Policy Infrastructure Controller (APIC)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "4.2(0.33c)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information. The vulnerability occurs because the affected software does not properly validate user-supplied input. An attacker could exploit this vulnerability by issuing certain commands with filtered query results on the device. This action may cause returned messages to display confidential system information. A successful exploit could allow the attacker to read sensitive information on the device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-03T14:45:15",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Filter Query Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-filter-query"
}
],
"source": {
"advisory": "cisco-sa-20190501-aci-filter-query",
"defect": [
[
"CSCvn09825"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Filter Query Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-01T16:00:00-0700",
"ID": "CVE-2019-1587",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Filter Query Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Application Policy Infrastructure Controller (APIC)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "4.2(0.33c)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information. The vulnerability occurs because the affected software does not properly validate user-supplied input. An attacker could exploit this vulnerability by issuing certain commands with filtered query results on the device. This action may cause returned messages to display confidential system information. A successful exploit could allow the attacker to read sensitive information on the device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.3",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Filter Query Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-filter-query"
}
]
},
"source": {
"advisory": "cisco-sa-20190501-aci-filter-query",
"defect": [
[
"CSCvn09825"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1587",
"datePublished": "2019-05-03T14:45:15.900409Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:36:31.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12717
Vulnerability from cvelistv5
Published
2019-09-25 20:16
Modified
2024-11-20 17:09
Severity ?
EPSS score ?
Summary
A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges, which may lead to complete system compromise. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-nxos-vman-cmd-inj | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software 5.0(3)A1(1) |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:32:53.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190925 Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-nxos-vman-cmd-inj"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-12717",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:51:39.940430Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:09:14.938Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software 5.0(3)A1(1)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges, which may lead to complete system compromise. An attacker would need valid administrator credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-25T20:16:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190925 Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-nxos-vman-cmd-inj"
}
],
"source": {
"advisory": "cisco-sa-20190925-nxos-vman-cmd-inj",
"defect": [
[
"CSCvk76030",
"CSCvo19193"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-09-25T16:00:00-0700",
"ID": "CVE-2019-12717",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software 5.0(3)A1(1)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges, which may lead to complete system compromise. An attacker would need valid administrator credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190925 Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-nxos-vman-cmd-inj"
}
]
},
"source": {
"advisory": "cisco-sa-20190925-nxos-vman-cmd-inj",
"defect": [
[
"CSCvk76030",
"CSCvo19193"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-12717",
"datePublished": "2019-09-25T20:16:02.660912Z",
"dateReserved": "2019-06-04T00:00:00",
"dateUpdated": "2024-11-20T17:09:14.938Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1779
Vulnerability from cvelistv5
Published
2019-05-15 19:40
Modified
2024-11-21 19:26
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108394 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.641Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1779)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779"
},
{
"name": "108394",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108394"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1779",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:58:34.645310Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:26:22.386Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-21T17:06:03",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1779)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779"
},
{
"name": "108394",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108394"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-fxos-cmdinj-1779",
"defect": [
[
"CSCve51688",
"CSCvh76126",
"CSCvj00412",
"CSCvj00416",
"CSCvj00418"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco FXOS and NX-OS Software Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1779",
"STATE": "PUBLIC",
"TITLE": "Cisco FXOS and NX-OS Software Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.2",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1779)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779"
},
{
"name": "108394",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108394"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-fxos-cmdinj-1779",
"defect": [
[
"CSCve51688",
"CSCvh76126",
"CSCvj00412",
"CSCvj00416",
"CSCvj00418"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1779",
"datePublished": "2019-05-15T19:40:16.540228Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:26:22.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4323
Vulnerability from cvelistv5
Published
2015-08-19 23:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.9); Nexus 3000 devices 6.0(2)U5(1.41), 7.0(3)I2(0.373), and 7.3(0)ZN(0.83); Nexus 4000 devices 4.1(2)E1(1b); Nexus 7000 devices 6.2(14)S1; Nexus 9000 devices 7.3(0)ZN(0.9); and MDS 9000 devices 6.2 (13) and 7.1(0)ZN(91.99) and MDS SAN-OS 7.1(0)ZN(91.99) allows remote attackers to cause a denial of service (device outage) via a crafted ARP packet, related to incorrect MTU validation, aka Bug IDs CSCuv71933, CSCuv61341, CSCuv61321, CSCuu78074, CSCut37060, CSCuv61266, CSCuv61351, CSCuv61358, and CSCuv61366.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/76367 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1033321 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=40469 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:11:12.903Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "76367",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/76367"
},
{
"name": "1033321",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033321"
},
{
"name": "20150814 Cisco Nexus Operating System Address Resolution Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40469"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.9); Nexus 3000 devices 6.0(2)U5(1.41), 7.0(3)I2(0.373), and 7.3(0)ZN(0.83); Nexus 4000 devices 4.1(2)E1(1b); Nexus 7000 devices 6.2(14)S1; Nexus 9000 devices 7.3(0)ZN(0.9); and MDS 9000 devices 6.2 (13) and 7.1(0)ZN(91.99) and MDS SAN-OS 7.1(0)ZN(91.99) allows remote attackers to cause a denial of service (device outage) via a crafted ARP packet, related to incorrect MTU validation, aka Bug IDs CSCuv71933, CSCuv61341, CSCuv61321, CSCuu78074, CSCut37060, CSCuv61266, CSCuv61351, CSCuv61358, and CSCuv61366."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-19T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "76367",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/76367"
},
{
"name": "1033321",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033321"
},
{
"name": "20150814 Cisco Nexus Operating System Address Resolution Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40469"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4323",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.9); Nexus 3000 devices 6.0(2)U5(1.41), 7.0(3)I2(0.373), and 7.3(0)ZN(0.83); Nexus 4000 devices 4.1(2)E1(1b); Nexus 7000 devices 6.2(14)S1; Nexus 9000 devices 7.3(0)ZN(0.9); and MDS 9000 devices 6.2 (13) and 7.1(0)ZN(91.99) and MDS SAN-OS 7.1(0)ZN(91.99) allows remote attackers to cause a denial of service (device outage) via a crafted ARP packet, related to incorrect MTU validation, aka Bug IDs CSCuv71933, CSCuv61341, CSCuv61321, CSCuu78074, CSCut37060, CSCuv61266, CSCuv61351, CSCuv61358, and CSCuv61366."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "76367",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76367"
},
{
"name": "1033321",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033321"
},
{
"name": "20150814 Cisco Nexus Operating System Address Resolution Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40469"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-4323",
"datePublished": "2015-08-19T23:00:00",
"dateReserved": "2015-06-04T00:00:00",
"dateUpdated": "2024-08-06T06:11:12.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2019-05-16 17:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108392 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108392 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E762B981-6AC3-41E2-9FF5-DBA9616EA75C",
"versionEndExcluding": "6.2\\(25\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86770ECC-BC1D-42BC-A65B-FCE598491BEE",
"versionEndExcluding": "8.1\\(1b\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4863FC5-6578-48DE-838D-E5D2EEFF27B1",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B25B92ED-37C0-4653-9C5E-B4C13C46464C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2374E02D-46FE-477F-A74D-49E72149E6EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C44335D8-8A78-486C-A325-9691FA4C3271",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF06D835-FBE6-4866-B410-C2F66AEF68CD",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE",
"versionEndExcluding": "6.0\\(2\\)a8\\(11\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFCC3C2-3483-4BD0-AF71-23574D0849B1",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF06D835-FBE6-4866-B410-C2F66AEF68CD",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B10C9143-9E1F-4DA3-924B-68D48B4F2D37",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4",
"versionEndExcluding": "6.2\\(22\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3411F8C2-D65A-46CF-9563-0A9866462491",
"versionEndExcluding": "7.3\\(3\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8882184-A5B1-4F67-B942-FDEE2FFD43F4",
"versionEndExcluding": "8.2\\(3\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC2CF14-BF68-49FD-AFDE-886FD1A51520",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30E29EEC-FA0C-4DCE-A4A1-6CD66180AC36",
"versionEndExcluding": "2.3.1.130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E1360A-E239-424C-BDB2-5A40B852F282",
"versionEndExcluding": "2.4.1.122",
"versionStartIncluding": "2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de los programas Cisco FXOS y Cisco NX-OS podr\u00eda permitir que un atacante local autenticado con credenciales de administrador ejecute comandos arbitrarios en el sistema operativo subyacente de un dispositivo afectado con privilegios elevados. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios elevados. Un atacante necesitar\u00eda credenciales de administrador v\u00e1lidas para aprovechar esta vulnerabilidad. Las versiones de NX-OS anteriores a 8.3 (1) est\u00e1n afectadas. Las versiones de NX-OS anteriores a 8.3 (1) est\u00e1n afectadas."
}
],
"id": "CVE-2019-1780",
"lastModified": "2024-11-21T04:37:21.717",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 3.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-16T17:29:01.277",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108392"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-08-19 23:59
Modified
2024-11-21 02:30
Severity ?
Summary
Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.9); Nexus 3000 devices 6.0(2)U5(1.41), 7.0(3)I2(0.373), and 7.3(0)ZN(0.83); Nexus 4000 devices 4.1(2)E1(1b); Nexus 7000 devices 6.2(14)S1; Nexus 9000 devices 7.3(0)ZN(0.9); and MDS 9000 devices 6.2 (13) and 7.1(0)ZN(91.99) and MDS SAN-OS 7.1(0)ZN(91.99) allows remote attackers to cause a denial of service (device outage) via a crafted ARP packet, related to incorrect MTU validation, aka Bug IDs CSCuv71933, CSCuv61341, CSCuv61321, CSCuu78074, CSCut37060, CSCuv61266, CSCuv61351, CSCuv61358, and CSCuv61366.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 6.2\(14\)s1 | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | 6.0\(2\)u5\(1.41\) | |
| cisco | nx-os | 7.0\(3\)i2\(0.373\) | |
| cisco | nx-os | 7.3\(0\)zn\(0.83\) | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_31128pq | * | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3264q | - | |
| cisco | nexus_3524 | - | |
| cisco | nexus_3548 | - | |
| cisco | nx-os | 7.3\(0\)zn\(0.9\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | mds_9000_nx-os | 6.2\(13\) | |
| cisco | mds_9000_nx-os | 7.1\(0\)zn\(91.99\) | |
| cisco | nx-os | 7.3\(0\)zn\(0.9\) | |
| cisco | nexus_1000v | - | |
| cisco | nx-os | 4.1\(2\)e1\(1b\) | |
| cisco | nexus_4001i | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(14\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8505B4-61A1-4E98-8E13-9F8BAF825E42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(1.41\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6CFA09E0-9FA2-4E21-B285-CC64495461B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(0.373\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDBECEDD-FFEA-4720-822F-3132CB914DEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)zn\\(0.83\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF357599-3FB1-4B4F-9E79-74E0BFC9F35B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E262B017-866F-4C82-895B-F92B8D49E469",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)zn\\(0.9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8645B1E7-8044-4311-B2AB-7820DC723313",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:mds_9000_nx-os:6.2\\(13\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BCB4D609-7FE0-4F40-AFA1-958352D912DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:mds_9000_nx-os:7.1\\(0\\)zn\\(91.99\\):*:*:*:*:*:*:*",
"matchCriteriaId": "06801F10-A29A-4CA0-918F-4E3CA550DCE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)zn\\(0.9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8645B1E7-8044-4311-B2AB-7820DC723313",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:nexus_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75364901-EF60-471D-9119-63835F6BF139",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AC852D6C-720F-48AC-BB5B-7E514FD9D2E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_4001i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB68FC53-5CD6-445F-9BB5-1F3724D92A4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.9); Nexus 3000 devices 6.0(2)U5(1.41), 7.0(3)I2(0.373), and 7.3(0)ZN(0.83); Nexus 4000 devices 4.1(2)E1(1b); Nexus 7000 devices 6.2(14)S1; Nexus 9000 devices 7.3(0)ZN(0.9); and MDS 9000 devices 6.2 (13) and 7.1(0)ZN(91.99) and MDS SAN-OS 7.1(0)ZN(91.99) allows remote attackers to cause a denial of service (device outage) via a crafted ARP packet, related to incorrect MTU validation, aka Bug IDs CSCuv71933, CSCuv61341, CSCuv61321, CSCuu78074, CSCut37060, CSCuv61266, CSCuv61351, CSCuv61358, and CSCuv61366."
},
{
"lang": "es",
"value": "Vulnerabilidad de desbordamiento de buffer en Cisco NX-OS en dispositivos Nexus 1000V para VMware vSphere 7.3(0)ZN(0.9); dispositivos Nexus 3000 6.0(2)U5(1.41), 7.0(3)I2(0.373) y 7.3(0)ZN(0.83); dispositivos Nexus 4000 4.1(2)E1(1b); dispositivos Nexus 7000 6.2(14)S1; dispositivos Nexus 9000 7.3(0)ZN(0.9) y dispositivos MDS 9000 6.2 (13) y 7.1(0)ZN(91.99) y MDS SAN-OS 7.1(0)ZN(91.99), permite a atacantes remotos causar una denegaci\u00f3n de servicio (interrupci\u00f3n del dispositivo) a trav\u00e9s de un paquete ARP manipulado, relacionado con la validaci\u00f3n incorrecta de MTU, tambi\u00e9n conocido como Bug IDs CSCuv71933, CSCuv61341, CSCuv61321, CSCuu78074, CSCut37060, CSCuv61266, CSCuv61351, CSCuv61358 y CSCuv61366."
}
],
"id": "CVE-2015-4323",
"lastModified": "2024-11-21T02:30:49.973",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-08-19T23:59:02.590",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40469"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/76367"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1033321"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/76367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033321"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-20 21:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update messages. An attacker could exploit this vulnerability by sending a crafted BGP update message to the targeted device. An exploit could allow the attacker to cause the switch to reload unexpectedly. The Cisco implementation of the BGP protocol only accepts incoming BGP traffic from explicitly defined peers. To exploit this vulnerability, an attacker must be able to send the malicious packets over a TCP connection that appears to come from a trusted BGP peer or inject malformed messages into the victim's BGP network. This would require obtaining information about the BGP peers in the affected system's trusted network. The vulnerability may be triggered when the router receives a malformed BGP message from a peer on an existing BGP session. At least one BGP neighbor session must be established for a router to be vulnerable. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve79599, CSCve87784, CSCve91371, CSCve91387.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosbgp | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosbgp | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D75479AD-9847-497C-9438-AA82D91B6F71",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6004E45-878B-4034-AD67-8D2CCB01E9B6",
"versionEndExcluding": "8.1\\(2\\)",
"versionStartIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93C9AFED-1347-4B0E-B031-AF5EA891B9BD",
"versionEndExcluding": "7.0\\(3\\)i3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C899EF-A64F-4FD8-851C-1D4E2929BAF4",
"versionEndExcluding": "7.0\\(3\\)i7\\(1\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34CF5006-23A1-4B93-8AC6-D97ABB0C2F15",
"versionEndExcluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF419AC-58CA-44DD-A036-F85AC8A7FC35",
"versionEndExcluding": "7.0\\(3\\)i6\\(2\\)",
"versionStartIncluding": "7.0\\(3\\)i5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEBF467-C2E2-4ED9-8E8A-02E062E734D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC6D08-C547-44A3-AC77-A63DB58E4889",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D4C48-4D01-4761-B2D8-F16E90F78560",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D75479AD-9847-497C-9438-AA82D91B6F71",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02DD5791-E4D3-475C-84B0-E642ACFC5EB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update messages. An attacker could exploit this vulnerability by sending a crafted BGP update message to the targeted device. An exploit could allow the attacker to cause the switch to reload unexpectedly. The Cisco implementation of the BGP protocol only accepts incoming BGP traffic from explicitly defined peers. To exploit this vulnerability, an attacker must be able to send the malicious packets over a TCP connection that appears to come from a trusted BGP peer or inject malformed messages into the victim\u0027s BGP network. This would require obtaining information about the BGP peers in the affected system\u0027s trusted network. The vulnerability may be triggered when the router receives a malformed BGP message from a peer on an existing BGP session. At least one BGP neighbor session must be established for a router to be vulnerable. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve79599, CSCve87784, CSCve91371, CSCve91387."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n BGP (Border Gateway Protocol) en el software Cisco NX-OS podr\u00eda permitir que un atacante remoto sin autenticar provoque una denegaci\u00f3n de servicio (DoS) debido a que el dispositivo se recarga inesperadamente. Esta vulnerabilidad se debe a la validaci\u00f3n de entrada incompleta de los mensajes de actualizaci\u00f3n de BGP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un mensaje de actualizaci\u00f3n de BGP manipulado al dispositivo objetivo. Su explotaci\u00f3n podr\u00eda permitir que el atacante provoque el reinicio inesperado del switch. La implementaci\u00f3n de Cisco del protocolo BGP solo acepta el tr\u00e1fico BGP entrante desde peers definidos de forma expl\u00edcita. Para explotar esta vulnerabilidad, un atacante debe ser capaz de enviar paquetes maliciosos por una conexi\u00f3n TCP que parece provenir de un peer BGP de confianza o inyectar mensajes mal formados en la red BGP de la v\u00edctima. Esto requerir\u00eda la obtenci\u00f3n de informaci\u00f3n sobre los peers BGP en la red de confianza del sistema afectado. La vulnerabilidad podr\u00eda desencadenarse cuando el router recibe un mensaje BGP mal formado desde un peer o una sesi\u00f3n BGP existente. Debe establecerse, por lo menos, una sesi\u00f3n BGP vecina para que un router sea vulnerable. La vulnerabilidad afecta a Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches en modo Application Centric Infrastructure (ACI), Nexus 9000 Series Switches en modo NX-OS independiente y los m\u00f3dulos Line Cards y Fabric de Nexus 9500 R-Series. Cisco Bug IDs: CSCve79599, CSCve87784, CSCve91371, CSCve91387."
}
],
"id": "CVE-2018-0295",
"lastModified": "2024-11-21T03:37:55.090",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-20T21:29:00.437",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosbgp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosbgp"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-06 21:29
Modified
2024-11-21 04:36
Severity ?
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers files for the bashroot component on an affected device. An attacker could exploit this vulnerability by authenticating to the affected device with a crafted user ID, which may allow temporary administrative access to escalate privileges. A successful exploit could allow the attacker to escalate privileges on an affected device. This Vulnerability has been fixed in version 4.0(1h)
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/107312 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107312 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 8.3\(0\)sk\(0.39\) | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9500 | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | application_policy_infrastructure_controller_software | * | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9500 | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3\\(0\\)sk\\(0.39\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39E9A017-225B-4FCB-A5AA-8CEA1435A1AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CA33812-34D5-4A3D-95A4-D949DE9AC25E",
"versionEndIncluding": "4.0\\(1h\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers files for the bashroot component on an affected device. An attacker could exploit this vulnerability by authenticating to the affected device with a crafted user ID, which may allow temporary administrative access to escalate privileges. A successful exploit could allow the attacker to escalate privileges on an affected device. This Vulnerability has been fixed in version 4.0(1h)"
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de autorizaci\u00f3n de Cisco Nexus 9000 Series ACI Mode Switch Software puede permitir a un atacante local autenticado escalar usuarios est\u00e1ndares con privilegios root en un dispositivo afectado. La vulnerabilidad se debe a una mala configuraci\u00f3n de determinados archivos sudoers para el componente bashroot en un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad autentic\u00e1ndose en el dispositivo afectado con un ID de usuario manipulado, el cual podr\u00eda permitir el acceso del administrador temporal para escalar privilegios. Un exploit exitoso podr\u00eda permitir que el atacante escale sus privilegios en el dispositivo afectado. Esta vulnerabilidad se ha solucionado en la versi\u00f3n 4.0(1h)."
}
],
"id": "CVE-2019-1585",
"lastModified": "2024-11-21T04:36:51.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-06T21:29:00.323",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107312"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-30 09:15
Modified
2024-11-21 04:37
Severity ?
6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an endpoint device in certain circumstances. The vulnerability is due to improper endpoint learning when packets are received on a specific port from outside the ACI fabric and destined to an endpoint located on a border leaf when Disable Remote Endpoint Learning has been enabled. This can result in a Remote (XR) entry being created for the impacted endpoint that will become stale if the endpoint migrates to a different port or leaf switch. This results in traffic not reaching the impacted endpoint until the Remote entry can be relearned by another mechanism.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 12.3\(1h\) | |
| cisco | nx-os | 13.1\(2m\) | |
| cisco | nx-os | 13.1\(2o\) | |
| cisco | nx-os | 13.1\(2p\) | |
| cisco | nexus_9000 | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93108tc-fx | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180lc-ex | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93180yc-fx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336c-fx2 | - | |
| cisco | nexus_9336pq | - | |
| cisco | nexus_9348gc-fxp | - | |
| cisco | nexus_9364c | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "51A48073-7EB7-4954-8343-5C498681F25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "970718D9-4789-414B-8ED2-FBF914B4047C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C45D91E-5AA4-46B4-9A87-75480AC04732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "973B7EE9-6B18-4D1D-8DEE-3C43D0CEB89C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an endpoint device in certain circumstances. The vulnerability is due to improper endpoint learning when packets are received on a specific port from outside the ACI fabric and destined to an endpoint located on a border leaf when Disable Remote Endpoint Learning has been enabled. This can result in a Remote (XR) entry being created for the impacted endpoint that will become stale if the endpoint migrates to a different port or leaf switch. This results in traffic not reaching the impacted endpoint until the Remote entry can be relearned by another mechanism."
},
{
"lang": "es",
"value": "Una vulnerabilidad dentro de la funcionalidad Endpoint Learning de Cisco Nexus 9000 Series Switches ejecut\u00e1ndose en el modo Application Centric Infrastructure (ACI), podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en dispositivo endpoint en determinadas circunstancias. La vulnerabilidad es debido al aprendizaje inapropiado del endpoint cuando los paquetes son recibidos en un puerto espec\u00edfico desde fuera de la estructura ACI y se destinan hacia un endpoint ubicado en el borde de una bifurcaci\u00f3n cuando se ha habilitado Disable Remote Endpoint Learning. Esto puede resultar en que se cree una entrada Remote (XR) para el endpoint afectado que se volver\u00e1 obsoleta si el endpoint migra a un puerto o switch de bifurcaci\u00f3n. Esto resulta en un tr\u00e1fico que no alcanza el endpoint afectado hasta que la entrada remota pueda ser reaprendida por otro mecanismo."
}
],
"id": "CVE-2019-1977",
"lastModified": "2024-11-21T04:37:48.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-30T09:15:20.553",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nexus-aci-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nexus-aci-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-371"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-371"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-12 14:59
Modified
2024-11-21 02:23
Severity ?
Summary
The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=39280 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1032561 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1032562 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=39280 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032561 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032562 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 4.1\(2\)e1\(1f\) | |
| cisco | nexus_4001i | - | |
| cisco | nx-os | 7.2\(0\)zn\(99.67\) | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_31128pq | * | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3264q | - | |
| cisco | nexus_3524 | - | |
| cisco | nexus_3548 | - | |
| cisco | nx-os | 6.0\(2\)n2\(2\) | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | 6.2\(12\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nexus_1000v | - | |
| cisco | mds_9000_nx-os | 6.2\(11\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BC749257-E3FB-4831-8B50-CBB82A6AF162",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_4001i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB68FC53-5CD6-445F-9BB5-1F3724D92A4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)zn\\(99.67\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B09770FE-CD69-401E-8DC3-5DBBFB14B698",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E262B017-866F-4C82-895B-F92B8D49E469",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4750621F-E7C5-4E6A-BC5F-232E75A454E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "57892CBB-8C95-4E56-90F8-B77BBBDC03FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E705638-8D0A-40D6-9A51-4FDB6C03F71E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:mds_9000_nx-os:6.2\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D75C2A6F-BB85-41D4-8ADF-6EAF1CD2091D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182."
},
{
"lang": "es",
"value": "La implementaci\u00f3n Banner (tambi\u00e9n conocida como MOTD) en Cisco NX-OS 4.1(2)E1(1f) en los dispositivos Nexus 4000, 5.2(1)SV3(2.1) en los dispositivos Nexus 1000V, 6.0(2)N2(2) en los dispositivos Nexus 5000, 6.2(11) en los dispositivos MDS 9000, 6.2(12) en los dispositivos Nexus 7000, 7.0(3) en los dispositivos Nexus 9000, y 7.2(0)ZN(99.67) en los dispositivos Nexus 3000 permite a atacantes remotos causar una denegaci\u00f3n de servicio (reconfiguraci\u00f3n del proceso de inicio de sesi\u00f3n) a trav\u00e9s de una solicitud de sesi\u00f3n de terminal no especificada durante el montaje de la sesi\u00f3n TELNET, tambi\u00e9n conocida como Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, y CSCuu77182."
}
],
"id": "CVE-2015-0775",
"lastModified": "2024-11-21T02:23:41.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-12T14:59:02.770",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39280"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032561"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032562"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-28 17:15
Modified
2024-10-17 15:03
Severity ?
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.
The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(13\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1C26E0A3-7641-4DDF-9882-F04F297C8D07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8397775-5A75-4710-9044-B56E1CEE20A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE8EFEE8-FC8D-480C-917E-24C3B8D56E29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "876304F4-4CE5-45B8-ADF5-2523319D05BB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9C0219-7EDC-40FD-A66B-24A92993F692",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23DFF0E-725B-4CCB-96A3-378600513CC5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C71319A9-5B95-410A-BDDB-C47639B8E464",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B573EF4-2ABE-4ABE-A8D6-D8E14AD29E73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7482F9FB-CA6A-4CA2-B6FB-FD0DCDF603ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6487A95B-0D04-4ABA-B491-8A935694AFD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "018DEE0B-F3BC-4D3F-B2E4-2FF40203E65F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506B07C-EB3B-4034-A348-1EEAD09CC5E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "122E24C3-1411-46DA-92F1-635BC0784559",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2E84307-41BC-4F85-BC9A-FF02178765F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55A31452-5B60-4273-BA38-8FA684DED953",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3FCA39-927B-4C89-A58B-E6859ED8176A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180yc2-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7543DCD-5ED0-4400-9326-9714AB84E012",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37DA56C5-FDD0-4CC3-9DDF-8F1BBE94B003",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7B464B3-DE25-4980-ABC3-10D7C79C12E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "365A5FB4-3DCE-48D7-8917-636E94389576",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9332d-gx2b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50FE8720-EA9D-47CF-9CDB-CC09FBDD008C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90DB9E2B-74F6-4C62-AEE1-3FF109A963EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "961B0A51-15B4-45FF-BEAE-05667D76F418",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A29C323C-6731-4CDA-B364-C1C8B8E60510",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9348d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D100815-C171-46F4-B675-64E20D8C4FD0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "214472EB-424C-48B7-8EF3-7B679A5042BF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D5229B-AFB2-4B28-95BB-563DBC346982",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D32D88D4-EABA-4A3A-B300-374AA89525E3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD002B70-A630-4A5D-B63C-356AC7B8280C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9364d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F0AC2DC-234F-48BA-BCC8-DE82C293C273",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "462BC5C0-61C9-4CC6-AF3F-7A366C98F2DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67F94470-7815-4ADD-9FF9-BD74BA46454F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09F0CD1D-A71B-413B-9150-E462CA206BAC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2788A2-79DC-4A28-BD88-52EC86697C99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5747442-90B1-4932-8189-A70B39E45843",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA21C9E7-30B9-4FC7-8031-2C27CE9C1AB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EED2E16-D0D7-4B53-A05F-595E120B1C25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E78D1F67-9BD7-467A-9D7A-37F54B3B51BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2A181E6-0EE6-40F2-B04A-2C12DF67D278",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-sc-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "159A9622-2240-46E6-BD4B-62D652422758",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-sup-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EA01EFB-8458-42B9-81C9-35E1E02FF42F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-sup-a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "360B9A25-5272-487A-AF1A-CE2FDFD6F23C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-sup-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3291743D-1F0C-4A66-99F9-946196F5CB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-sup-b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADE8708-95D4-4D30-85ED-BE870410F3B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9400-16w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21686E9C-D51F-4016-BFF5-F076144C7CE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9400-22l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2BBE1C-4820-4A68-83F4-734E0DA4738B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9400-8d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28CC31E4-5C1B-4FD1-9F86-670BAEA47774",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE867E4-9EE8-4A06-A51B-627C228EF0A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1734D373-CA79-447E-96A7-EDA4D3F9C924",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97284yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F7DE85-9CD5-4A3D-859A-4B3479DACBF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3000_series:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0742F63F-1945-47AA-943C-14959B23C21C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F4E8EE4-031D-47D3-A12E-EE5F792172EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D14D4B4E-120E-4607-A4F1-447C7BF3052E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15702ACB-29F3-412D-8805-E107E0729E35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B34855-D8D2-4114-80D2-A4D159C62458",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32A532C0-B0E3-484A-B356-88970E7D0248",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C84D24C-2256-42AF-898A-221EBE9FE1E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43913A0E-50D5-47DD-94D8-DD3391633619",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3500_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B72E8456-A9BD-447B-8F33-4BEB052A82D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_aci_mode:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57BC5903-1316-4FFF-BE52-2F6D63549590",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_standalone:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4755F890-634B-4B25-AF08-C34F13429FA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA62800-F5DC-48DA-8C81-D684EA8EBB9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "532CE4B0-A3C9-4613-AAAF-727817D06FB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24CA1A59-2681-4507-AC74-53BD481099B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB9FDE8-8533-4F65-BF32-4066D042B2F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA5389A-8AD1-476E-983A-54DF573C30F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B1A8F1-45B1-4E64-A254-7191FA93CB6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2FFD26-8255-4351-8594-29D2AEFC06EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61E10975-B47E-4F4D-8096-AEC7B7733612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C70911ED-371A-4EB6-8DDD-DCE3A21FDBAE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16C64136-89C2-443C-AF7B-BED81D3DE25A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "182000E0-8204-4D8B-B7DE-B191AFE12E28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC208BC-7E19-48C6-A20E-A79A51B7362C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "084D0191-563B-4FF0-B589-F35DA118E1C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DB6FC5-762A-4F16-AE8C-69330EFCF640",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "968390BC-B430-4903-B614-13104BFAE635",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAD21E-59EE-4CCE-8F1E-621D2EA50905",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02C3CE6D-BD54-48B1-A188-8E53DA001424",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "498991F7-39D6-428C-8C7D-DD8DC72A0346",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B90D36-5124-4669-8462-4EAF35B0F53D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6EB963-E0F2-4A02-8765-AB2064BE19E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEAAF99B-5406-4722-81FB-A91CBAC2DF41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93400ld-h1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D2DFCA0-36D8-48BC-B20D-84509EB5FF66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fx3ph:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D68E7FE-BD46-4245-8DEE-1AD32159E045",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-h1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2EC055-B309-4F1F-A646-FA47AE344D27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D6DB7F-C025-4971-9615-73393ED61078",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "737C724A-B6CD-4FF7-96E0-EBBF645D660E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7067AEC7-DFC8-4437-9338-C5165D9A8F36",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71D4CF15-B293-4403-A1A9-96AD3933BAEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBCC1515-2DBE-4DF2-8E83-29A869170F36",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7282AAFF-ED18-4992-AC12-D953C35EC328",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "360409CC-4172-4878-A76B-EA1C1F8C7A79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D5D5E2-B40B-475D-9EF3-8441016E37E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73F59A4B-AE92-4533-8EDC-D1DD850309FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "492A2C86-DD38-466B-9965-77629A73814F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB7AA46-4018-4925-963E-719E1037F759",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B04484DA-AA59-4833-916E-6A8C96D34F0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D07B5399-44C7-468D-9D57-BB5B5E26CE50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B76FB64F-16F0-4B0B-B304-B46258D434BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E128053-834B-4DD5-A517-D14B4FC2B56F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "163743A1-09E7-4EC5-8ECA-79E4B9CE173B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE340E4C-DC48-4FC8-921B-EE304DB5AE0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C367BBE0-D71F-4CB5-B50E-72B033E73FE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85E1D224-4751-4233-A127-A041068C804A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD31B075-01B1-429E-83F4-B999356A0EB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9800_34-port_100g_and_14-port_400g_line_card:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D3B28C3-114D-41EE-8295-AFA9932C9EAA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9800_36-port_400g_line_card:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC134D3-9AA0-44A4-9CBD-410A3A9C5886",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3284D16F-3275-4F8D-8AE4-D413DE19C4FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.\u0026nbsp;\r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el int\u00e9rprete de Python del software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado y con pocos privilegios escape del entorno limitado de Python y obtenga acceso no autorizado al sistema operativo subyacente del dispositivo. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad manipulando funciones espec\u00edficas dentro del int\u00e9rprete de Python. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante escape del entorno limitado de Python y ejecute comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario autenticado. Nota: Un atacante debe estar autenticado con privilegios de ejecuci\u00f3n de Python para aprovechar estas vulnerabilidades. Para obtener m\u00e1s informaci\u00f3n sobre los privilegios de ejecuci\u00f3n de Python, consulte la documentaci\u00f3n espec\u00edfica del producto, como la secci\u00f3n de la Gu\u00eda de programaci\u00f3n de NX-OS de la serie Cisco Nexus 9000."
}
],
"id": "CVE-2024-20284",
"lastModified": "2024-10-17T15:03:07.253",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-28T17:15:06.893",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Product"
],
"url": "https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-693"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-25 21:15
Modified
2024-11-21 04:23
Severity ?
Summary
A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AB556839-151C-492E-B4C3-C024276D5AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(1\\)s5:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C0438A-0275-49B1-91BF-437917F3A4BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0\\)bd\\(0.20\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F66360CD-CCCF-4DE7-86F1-996175B4503C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3016_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59C91269-1657-4181-9B95-BDF85BFFFCD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3048_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF530AE3-F80B-40EC-9259-4771EEAD431D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3064_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77E6A0BD-102F-40C6-BD9A-1986D6F58212",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3064-t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7A2723-6526-430C-BD39-9E32B1F37DBB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_31108pc-v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D71782-16F9-41C9-BC10-BC514FD26129",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_31108tc-v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E769CD-8F81-40AE-A071-84FAF92AF5C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_31128pq_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB914738-4557-4EC3-8A18-810862877C72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132c-z_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7A4072-9F8B-4374-9F8A-B660220765FA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "092FC6ED-9F53-41FF-9E0F-997D84B6DE3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132q-v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A288C8F3-AD77-46CC-BAD2-D8FC186D6CC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132q-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C735F2C0-DC4D-45DE-8BA9-439BAE5CFD67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3164q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7187F85E-FEBE-4D55-AC48-E92F05734169",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEA0B58-FE79-4A33-B812-51CDE327A235",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172pq-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8030D5E-1BF4-485C-AFB7-B8DB48E0B91A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172tq_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FB3414-3C5F-4827-B4F2-CF30EC31E0C9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172tq-32t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45B4711C-322E-4B7B-8810-04BA8249B8BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172tq-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE63209-E1F9-4933-8729-E350ADE42793",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3232c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0C6AB3-480D-46F6-BE72-0B0010EC34CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3264c-e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9329DC07-0B6F-467C-AAA0-527D97E956B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3264q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C944B9-9492-45AA-9A4E-9CD6C996AF4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3408-s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC2930-4A1A-4916-912F-953440AA009A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_34180yc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2125C9A-7524-408C-B92E-91162FD4D72F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_34200yc-sm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87F885B6-7049-4152-B74C-6444137B4662",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3432d-s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B24EC0B3-E3FC-4908-AC7E-2E3DE073DC06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3464c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9FFFDC6-BE3D-4E2D-B6F2-FD191DE4F9B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3524_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "502C8ADB-7EF2-4AC5-ACF0-AEA1ADA7A6BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3524-x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7ED5FBF-F5DF-4788-8683-E328D86E8733",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3524-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "186CB256-39AE-4D5A-B3FB-891A17785176",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3548_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B0DAE9A-F2D3-49C3-8488-A3A03C1CEB57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3548-x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "029F0A5A-43E4-4F3A-98A3-81E924CBE700",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3548-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD53F341-AE7D-4E45-9746-DAC32FE9F570",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5548p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3A80F37-C04C-43A5-AC12-E15BAB8545F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5548up_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "725A7AC7-8B75-47BC-8D99-701250E0ABE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5596t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E8B8C6-29B2-402E-A722-1E95C01E14AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5596up_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A39FB96C-94E1-4686-82A7-E0A6D88A5A08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_56128p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E154FCCB-A379-4384-8B72-7D373BFEEFE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5624q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2326C6-C523-4BE2-B577-D64091AB92CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5648q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "060E7CD9-E906-437A-87B6-3AE0551E1DCB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5672up_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFAC471F-41AF-43A7-8661-DFA140DEC066",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5696q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA530485-D6C8-4D5A-87A2-547DA8E74722",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_6001_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E00C558-9656-451C-A179-17B1762666C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_6004_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A738F9-41CD-4A6A-8975-4C434FBCF55D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_10-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432F828F-1F41-4C7A-B1B2-ADDCC1F0EE5A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B22B3865-30E9-4B5A-A37D-DC33F1150FFE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_18-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06B2FD68-C1DB-4AC6-B255-417C5D14D18B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "459A7F11-52BF-4AD6-B495-4C4D6C050493",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_4-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "743ECD7B-DE3B-436C-BE6C-D5280719D970",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEACA55F-4335-4478-B608-EB92EE1D6C6D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_9-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBBB6BF-92A3-48CB-A57C-7476C0355175",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7700_10-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "317A834E-D1A8-47E0-ACEA-FA85984F8753",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ABB175-81BE-4C46-BD2D-70016508BE22",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7700_18-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76CCA110-974F-419A-A716-E90B9DB5375E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71F93299-A715-4E97-87FE-B1E248EA98BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7700_2-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "148FAB7B-164C-458D-B287-61FC73C53D25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7700_6-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7EDE35C-3B05-4359-9336-915567A867EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3AD807-5A0F-4DF5-9A7A-748205F409E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el Software Cisco NX-OS y el Software Cisco IOS XE, podr\u00eda permitir que un atacante local autenticado con credenciales v\u00e1lidas de administrador o nivel de privilegio 15 cargue una imagen de servicio virtual y omita la comprobaci\u00f3n de firma en un dispositivo afectado. La vulnerabilidad es debido a una comprobaci\u00f3n de firma inapropiada durante la instalaci\u00f3n de una imagen de Open Virtual Appliance (OVA). Un atacante local autenticado podr\u00eda explotar esta vulnerabilidad y cargar una imagen OVA maliciosa y sin firmar en un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante llevar a cabo la ejecuci\u00f3n de c\u00f3digo en una imagen OVA de software dise\u00f1ada."
}
],
"id": "CVE-2019-12662",
"lastModified": "2024-11-21T04:23:18.110",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-25T21:15:11.203",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4112 | - | |
| cisco | firepower_4115 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4125 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4145 | - | |
| cisco | firepower_4150 | - | |
| cisco | firepower_9300 | - | |
| cisco | nx-os | 6.0\(2\)a3\(1\) | |
| cisco | nx-os | 6.0\(2\)a3\(2\) | |
| cisco | nx-os | 6.0\(2\)a3\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(1\) | |
| cisco | nx-os | 6.0\(2\)a4\(2\) | |
| cisco | nx-os | 6.0\(2\)a4\(3\) | |
| cisco | nx-os | 6.0\(2\)a4\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(5\) | |
| cisco | nx-os | 6.0\(2\)a4\(6\) | |
| cisco | nx-os | 6.0\(2\)a6\(1\) | |
| cisco | nx-os | 6.0\(2\)a6\(1a\) | |
| cisco | nx-os | 6.0\(2\)a6\(2\) | |
| cisco | nx-os | 6.0\(2\)a6\(2a\) | |
| cisco | nx-os | 6.0\(2\)a6\(3\) | |
| cisco | nx-os | 6.0\(2\)a6\(3a\) | |
| cisco | nx-os | 6.0\(2\)a6\(4\) | |
| cisco | nx-os | 6.0\(2\)a6\(4a\) | |
| cisco | nx-os | 6.0\(2\)a6\(5\) | |
| cisco | nx-os | 6.0\(2\)a6\(5a\) | |
| cisco | nx-os | 6.0\(2\)a6\(5b\) | |
| cisco | nx-os | 6.0\(2\)a6\(6\) | |
| cisco | nx-os | 6.0\(2\)a6\(7\) | |
| cisco | nx-os | 6.0\(2\)a6\(8\) | |
| cisco | nx-os | 6.0\(2\)a7\(1\) | |
| cisco | nx-os | 6.0\(2\)a7\(1a\) | |
| cisco | nx-os | 6.0\(2\)a7\(2\) | |
| cisco | nx-os | 6.0\(2\)a7\(2a\) | |
| cisco | nx-os | 6.0\(2\)a8 | |
| cisco | nx-os | 6.0\(2\)a8\(1\) | |
| cisco | nx-os | 6.0\(2\)a8\(2\) | |
| cisco | nx-os | 6.0\(2\)a8\(3\) | |
| cisco | nx-os | 6.0\(2\)a8\(4\) | |
| cisco | nx-os | 6.0\(2\)a8\(4a\) | |
| cisco | nx-os | 6.0\(2\)a8\(5\) | |
| cisco | nx-os | 6.0\(2\)a8\(6\) | |
| cisco | nx-os | 6.0\(2\)a8\(6.213\) | |
| cisco | nx-os | 6.0\(2\)a8\(7\) | |
| cisco | nx-os | 6.0\(2\)a8\(7a\) | |
| cisco | nx-os | 6.0\(2\)a8\(7b\) | |
| cisco | nx-os | 6.0\(2\)a8\(8\) | |
| cisco | nx-os | 6.0\(2\)a8\(9\) | |
| cisco | nx-os | 6.0\(2\)a8\(9.7\) | |
| cisco | nx-os | 6.0\(2\)a8\(10\) | |
| cisco | nx-os | 6.0\(2\)a8\(10a\) | |
| cisco | nx-os | 6.0\(2\)a8\(11\) | |
| cisco | nx-os | 6.0\(2\)a8\(11a\) | |
| cisco | nx-os | 6.0\(2\)a8\(11b\) | |
| cisco | nx-os | 6.0\(2\)u2\(1\) | |
| cisco | nx-os | 6.0\(2\)u2\(2\) | |
| cisco | nx-os | 6.0\(2\)u2\(3\) | |
| cisco | nx-os | 6.0\(2\)u2\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(5\) | |
| cisco | nx-os | 6.0\(2\)u2\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(1\) | |
| cisco | nx-os | 6.0\(2\)u3\(2\) | |
| cisco | nx-os | 6.0\(2\)u3\(3\) | |
| cisco | nx-os | 6.0\(2\)u3\(4\) | |
| cisco | nx-os | 6.0\(2\)u3\(5\) | |
| cisco | nx-os | 6.0\(2\)u3\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(7\) | |
| cisco | nx-os | 6.0\(2\)u3\(8\) | |
| cisco | nx-os | 6.0\(2\)u3\(9\) | |
| cisco | nx-os | 6.0\(2\)u4\(1\) | |
| cisco | nx-os | 6.0\(2\)u4\(2\) | |
| cisco | nx-os | 6.0\(2\)u4\(3\) | |
| cisco | nx-os | 6.0\(2\)u4\(4\) | |
| cisco | nx-os | 6.0\(2\)u5\(1\) | |
| cisco | nx-os | 6.0\(2\)u5\(2\) | |
| cisco | nx-os | 6.0\(2\)u5\(3\) | |
| cisco | nx-os | 6.0\(2\)u5\(4\) | |
| cisco | nx-os | 6.0\(2\)u6 | |
| cisco | nx-os | 6.0\(2\)u6\(0.46\) | |
| cisco | nx-os | 6.0\(2\)u6\(1\) | |
| cisco | nx-os | 6.0\(2\)u6\(1a\) | |
| cisco | nx-os | 6.0\(2\)u6\(2\) | |
| cisco | nx-os | 6.0\(2\)u6\(2a\) | |
| cisco | nx-os | 6.0\(2\)u6\(3\) | |
| cisco | nx-os | 6.0\(2\)u6\(3a\) | |
| cisco | nx-os | 6.0\(2\)u6\(4\) | |
| cisco | nx-os | 6.0\(2\)u6\(4a\) | |
| cisco | nx-os | 6.0\(2\)u6\(5\) | |
| cisco | nx-os | 6.0\(2\)u6\(5a\) | |
| cisco | nx-os | 6.0\(2\)u6\(5b\) | |
| cisco | nx-os | 6.0\(2\)u6\(5c\) | |
| cisco | nx-os | 6.0\(2\)u6\(6\) | |
| cisco | nx-os | 6.0\(2\)u6\(7\) | |
| cisco | nx-os | 6.0\(2\)u6\(8\) | |
| cisco | nx-os | 6.0\(2\)u6\(9\) | |
| cisco | nx-os | 6.0\(2\)u6\(10\) | |
| cisco | nx-os | 6.0\(2\)u6\(10a\) | |
| cisco | nx-os | 6.2\(2\) | |
| cisco | nx-os | 6.2\(2a\) | |
| cisco | nx-os | 6.2\(3\) | |
| cisco | nx-os | 6.2\(3n\) | |
| cisco | nx-os | 6.2\(5\) | |
| cisco | nx-os | 6.2\(5a\) | |
| cisco | nx-os | 6.2\(6\) | |
| cisco | nx-os | 6.2\(6a\) | |
| cisco | nx-os | 6.2\(6b\) | |
| cisco | nx-os | 6.2\(7\) | |
| cisco | nx-os | 6.2\(8\) | |
| cisco | nx-os | 6.2\(8a\) | |
| cisco | nx-os | 6.2\(8b\) | |
| cisco | nx-os | 6.2\(10\) | |
| cisco | nx-os | 6.2\(11b\) | |
| cisco | nx-os | 6.2\(12\) | |
| cisco | nx-os | 6.2\(14\) | |
| cisco | nx-os | 6.2\(14a\) | |
| cisco | nx-os | 6.2\(14b\) | |
| cisco | nx-os | 6.2\(16\) | |
| cisco | nx-os | 6.2\(18\) | |
| cisco | nx-os | 6.2\(20\) | |
| cisco | nx-os | 6.2\(20a\) | |
| cisco | nx-os | 6.2\(22\) | |
| cisco | nx-os | 6.2\(24\) | |
| cisco | nx-os | 6.2\(25\) | |
| cisco | nx-os | 6.2\(27\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)f1 | |
| cisco | nx-os | 7.0\(3\)f2 | |
| cisco | nx-os | 7.0\(3\)f3 | |
| cisco | nx-os | 7.0\(3\)f3\(1\) | |
| cisco | nx-os | 7.0\(3\)f3\(2\) | |
| cisco | nx-os | 7.0\(3\)f3\(3\) | |
| cisco | nx-os | 7.0\(3\)f3\(3a\) | |
| cisco | nx-os | 7.0\(3\)f3\(3b\) | |
| cisco | nx-os | 7.0\(3\)f3\(3c\) | |
| cisco | nx-os | 7.0\(3\)f3\(4\) | |
| cisco | nx-os | 7.0\(3\)f3\(5\) | |
| cisco | nx-os | 7.0\(3\)i2\(1\) | |
| cisco | nx-os | 7.0\(3\)i2\(1a\) | |
| cisco | nx-os | 7.0\(3\)i2\(2\) | |
| cisco | nx-os | 7.0\(3\)i2\(2a\) | |
| cisco | nx-os | 7.0\(3\)i2\(2b\) | |
| cisco | nx-os | 7.0\(3\)i2\(2c\) | |
| cisco | nx-os | 7.0\(3\)i2\(2d\) | |
| cisco | nx-os | 7.0\(3\)i2\(2e\) | |
| cisco | nx-os | 7.0\(3\)i2\(2r\) | |
| cisco | nx-os | 7.0\(3\)i2\(2s\) | |
| cisco | nx-os | 7.0\(3\)i2\(2v\) | |
| cisco | nx-os | 7.0\(3\)i2\(2w\) | |
| cisco | nx-os | 7.0\(3\)i2\(2x\) | |
| cisco | nx-os | 7.0\(3\)i2\(2y\) | |
| cisco | nx-os | 7.0\(3\)i3\(1\) | |
| cisco | nx-os | 7.0\(3\)i4\(1\) | |
| cisco | nx-os | 7.0\(3\)i4\(1t\) | |
| cisco | nx-os | 7.0\(3\)i4\(2\) | |
| cisco | nx-os | 7.0\(3\)i4\(3\) | |
| cisco | nx-os | 7.0\(3\)i4\(4\) | |
| cisco | nx-os | 7.0\(3\)i4\(5\) | |
| cisco | nx-os | 7.0\(3\)i4\(6\) | |
| cisco | nx-os | 7.0\(3\)i4\(6t\) | |
| cisco | nx-os | 7.0\(3\)i4\(7\) | |
| cisco | nx-os | 7.0\(3\)i4\(8\) | |
| cisco | nx-os | 7.0\(3\)i4\(8a\) | |
| cisco | nx-os | 7.0\(3\)i4\(8b\) | |
| cisco | nx-os | 7.0\(3\)i4\(8z\) | |
| cisco | nx-os | 7.0\(3\)i4\(9\) | |
| cisco | nx-os | 7.0\(3\)i5 | |
| cisco | nx-os | 7.0\(3\)i5\(1\) | |
| cisco | nx-os | 7.0\(3\)i5\(2\) | |
| cisco | nx-os | 7.0\(3\)i5\(3\) | |
| cisco | nx-os | 7.0\(3\)i5\(3a\) | |
| cisco | nx-os | 7.0\(3\)i5\(3b\) | |
| cisco | nx-os | 7.0\(3\)i6\(1\) | |
| cisco | nx-os | 7.0\(3\)i6\(2\) | |
| cisco | nx-os | 7.0\(3\)i7 | |
| cisco | nx-os | 7.0\(3\)i7\(1\) | |
| cisco | nx-os | 7.0\(3\)i7\(2\) | |
| cisco | nx-os | 7.0\(3\)i7\(3\) | |
| cisco | nx-os | 7.0\(3\)i7\(3z\) | |
| cisco | nx-os | 7.0\(3\)i7\(4\) | |
| cisco | nx-os | 7.0\(3\)i7\(5\) | |
| cisco | nx-os | 7.0\(3\)i7\(5a\) | |
| cisco | nx-os | 7.0\(3\)i7\(6\) | |
| cisco | nx-os | 7.0\(3\)i7\(6z\) | |
| cisco | nx-os | 7.0\(3\)i7\(7\) | |
| cisco | nx-os | 7.0\(3\)i7\(8\) | |
| cisco | nx-os | 7.0\(3\)ia7\(1\) | |
| cisco | nx-os | 7.0\(3\)ia7\(2\) | |
| cisco | nx-os | 7.0\(3\)ic4\(4\) | |
| cisco | nx-os | 7.0\(3\)im3\(1\) | |
| cisco | nx-os | 7.0\(3\)im3\(2\) | |
| cisco | nx-os | 7.0\(3\)im3\(2a\) | |
| cisco | nx-os | 7.0\(3\)im3\(2b\) | |
| cisco | nx-os | 7.0\(3\)im3\(3\) | |
| cisco | nx-os | 7.0\(3\)im7\(2\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1a\) | |
| cisco | nx-os | 7.0\(5\)n1\(1\) | |
| cisco | nx-os | 7.0\(5\)n1\(1a\) | |
| cisco | nx-os | 7.0\(6\)n1\(1\) | |
| cisco | nx-os | 7.0\(6\)n1\(2s\) | |
| cisco | nx-os | 7.0\(6\)n1\(3s\) | |
| cisco | nx-os | 7.0\(6\)n1\(4s\) | |
| cisco | nx-os | 7.0\(7\)n1\(1\) | |
| cisco | nx-os | 7.0\(7\)n1\(1a\) | |
| cisco | nx-os | 7.0\(7\)n1\(1b\) | |
| cisco | nx-os | 7.0\(8\)n1\(1\) | |
| cisco | nx-os | 7.0\(8\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1\) | |
| cisco | nx-os | 7.1\(0\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1b\) | |
| cisco | nx-os | 7.1\(0.1\) | |
| cisco | nx-os | 7.1\(1\)n1\(1\) | |
| cisco | nx-os | 7.1\(1\)n1\(1a\) | |
| cisco | nx-os | 7.1\(2\)n1\(1\) | |
| cisco | nx-os | 7.1\(2\)n1\(1a\) | |
| cisco | nx-os | 7.1\(3\)n1\(1\) | |
| cisco | nx-os | 7.1\(3\)n1\(2\) | |
| cisco | nx-os | 7.1\(3\)n1\(2a\) | |
| cisco | nx-os | 7.1\(3\)n1\(3\) | |
| cisco | nx-os | 7.1\(3\)n1\(4\) | |
| cisco | nx-os | 7.1\(3\)n1\(5\) | |
| cisco | nx-os | 7.1\(4\)n1\(1\) | |
| cisco | nx-os | 7.1\(4\)n1\(1a\) | |
| cisco | nx-os | 7.1\(4\)n1\(1c\) | |
| cisco | nx-os | 7.1\(4\)n1\(1d\) | |
| cisco | nx-os | 7.1\(5\)n1\(1\) | |
| cisco | nx-os | 7.1\(5\)n1\(1b\) | |
| cisco | nx-os | 7.2\(0\)d1\(1\) | |
| cisco | nx-os | 7.2\(0\)n1\(1\) | |
| cisco | nx-os | 7.2\(1\)d\(1\) | |
| cisco | nx-os | 7.2\(1\)n1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(2\) | |
| cisco | nx-os | 7.2\(2\)d1\(3\) | |
| cisco | nx-os | 7.2\(2\)d1\(4\) | |
| cisco | nx-os | 7.3\(0\)d1\(1\) | |
| cisco | nx-os | 7.3\(0\)dx\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1a\) | |
| cisco | nx-os | 7.3\(0\)n1\(1b\) | |
| cisco | nx-os | 7.3\(1\)d1\(1\) | |
| cisco | nx-os | 7.3\(1\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1d\) | |
| cisco | nx-os | 7.3\(2\)d1\(2\) | |
| cisco | nx-os | 7.3\(2\)d1\(3\) | |
| cisco | nx-os | 7.3\(2\)d1\(3a\) | |
| cisco | nx-os | 7.3\(2\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)n1\(1b\) | |
| cisco | nx-os | 7.3\(2\)n1\(1c\) | |
| cisco | nx-os | 7.3\(3\)d1\(1\) | |
| cisco | nx-os | 7.3\(3\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)d1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1a\) | |
| cisco | nx-os | 7.3\(5\)d1\(1\) | |
| cisco | nx-os | 7.3\(5\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1a\) | |
| cisco | nx-os | 7.3\(7\)n1\(1\) | |
| cisco | nx-os | 7.3\(7\)n1\(1a\) | |
| cisco | nx-os | 7.3\(7\)n1\(1b\) | |
| cisco | nx-os | 8.0\(1\) | |
| cisco | nx-os | 8.1\(1\) | |
| cisco | nx-os | 8.1\(1a\) | |
| cisco | nx-os | 8.1\(1b\) | |
| cisco | nx-os | 8.1\(2\) | |
| cisco | nx-os | 8.1\(2a\) | |
| cisco | nx-os | 8.2\(1\) | |
| cisco | nx-os | 8.2\(2\) | |
| cisco | nx-os | 8.2\(3\) | |
| cisco | nx-os | 8.2\(4\) | |
| cisco | nx-os | 8.2\(5\) | |
| cisco | nx-os | 8.3\(1\) | |
| cisco | nx-os | 8.3\(2\) | |
| cisco | nx-os | 8.4\(1\) | |
| cisco | nx-os | 8.4\(1a\) | |
| cisco | nx-os | 9.2\(1\) | |
| cisco | nx-os | 9.2\(2\) | |
| cisco | nx-os | 9.2\(2t\) | |
| cisco | nx-os | 9.2\(2v\) | |
| cisco | nx-os | 9.2\(3\) | |
| cisco | nx-os | 9.2\(3y\) | |
| cisco | nx-os | 9.3\(1\) | |
| cisco | nx-os | 9.3\(1z\) | |
| cisco | nx-os | 9.3\(2\) | |
| cisco | nx-os | 9.3\(3\) | |
| cisco | mds_9100 | - | |
| cisco | mds_9200 | - | |
| cisco | mds_9500 | - | |
| cisco | mds_9700 | - | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_3064-t | - | |
| cisco | nexus_31108pc-v | - | |
| cisco | nexus_31108tc-v | - | |
| cisco | nexus_31128pq | - | |
| cisco | nexus_3132c-z | - | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3132q-v | - | |
| cisco | nexus_3132q-xl | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3172pq-xl | - | |
| cisco | nexus_3172tq | - | |
| cisco | nexus_3172tq-32t | - | |
| cisco | nexus_3172tq-xl | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3264c-e | - | |
| cisco | nexus_3264q | - | |
| cisco | nexus_3408-s | - | |
| cisco | nexus_34180yc | - | |
| cisco | nexus_3432d-s | - | |
| cisco | nexus_3464c | - | |
| cisco | nexus_3524 | - | |
| cisco | nexus_3524-x | - | |
| cisco | nexus_3524-xl | - | |
| cisco | nexus_3548 | - | |
| cisco | nexus_3548-x | - | |
| cisco | nexus_3548-xl | - | |
| cisco | nexus_36180yc-r | - | |
| cisco | nexus_3636c-r | - | |
| cisco | nexus_5548p | - | |
| cisco | nexus_5548up | - | |
| cisco | nexus_5596t | - | |
| cisco | nexus_5596up | - | |
| cisco | nexus_56128p | - | |
| cisco | nexus_5624q | - | |
| cisco | nexus_5648q | - | |
| cisco | nexus_5672up | - | |
| cisco | nexus_5696q | - | |
| cisco | nexus_6001 | - | |
| cisco | nexus_6004 | - | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nexus_9000v | - | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92300yc | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_92348gc-x | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93108tc-fx | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180lc-ex | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93180yc-fx | - | |
| cisco | nexus_93216tc-fx2 | - | |
| cisco | nexus_93240yc-fx2 | - | |
| cisco | nexus_9332c | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_93360yc-fx2 | - | |
| cisco | nexus_9336c-fx2 | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9348gc-fxp | - | |
| cisco | nexus_9364c | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6300 | - | |
| cisco | ucs_6324 | - | |
| cisco | ucs_64108 | - | |
| cisco | ucs_6454 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5581E60-8144-4630-9545-8DC0B7AD44A1",
"versionEndExcluding": "1.1.4.179",
"versionStartIncluding": "1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA77B46-C30C-4427-9401-6500B6221ACE",
"versionEndExcluding": "2.0.1.153",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AECBA131-0D2F-466D-847B-60F72199C90E",
"versionEndExcluding": "2.1.1.86",
"versionStartIncluding": "2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3A7CA3B-47C2-4721-B8A9-14C2C02969E0",
"versionEndExcluding": "2.2.1.70",
"versionStartIncluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
"matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AF658ED7-F77C-405B-B06A-74B46FBDAD98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4F0FDDF2-912C-4900-B0B7-20AF5D2F1B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7295EC54-FA19-4658-8510-3C072804D9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B31E39D5-147B-4965-ACB6-34F1244143F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3D672928-6AE8-488B-A2A5-257074BAB2D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C928C35-4E24-4DBE-ADEA-D449B88ECB6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E64D8992-CA79-4ADF-BF3B-A76E944EC740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "11A35378-54EB-422F-B0DD-211B214803D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1E46D326-665C-4DB7-89A0-0F1B987D4A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "73B9FE4E-0C82-4511-9A4A-DCBFEB93DE87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BB8F0200-7BCA-49E9-98E0-D825630D77FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "61FCA143-FDAB-472D-B9E1-F7CB4041BBE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "61F736DD-44FE-4A20-AF89-4B29725608A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8844860D-427F-4B01-980A-59B082F26034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CCA96B43-0793-4784-A971-DD442EBFF6BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B13305C9-008F-488A-ADC7-0724AFB313DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "50DFAF49-0688-4A5A-9023-E2543164D89C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46376F5C-2CF0-46F1-ADCF-870065A24D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5EB6C0E3-9B92-4768-93BB-8B8626EB164A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F4EA572E-5F4F-45F1-B7A1-346F723C2BDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6EA3CBB-EAF7-4837-96AF-0258220C4A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5E6FB730-84CD-496D-9140-BC9375548D14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BD712B88-298A-4488-A053-67CB45190F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4ED5F397-D3E6-4A4A-BF38-6B295A6AB9BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "11D98EBD-9D82-492E-A3A6-62D95404D5C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "56D91C38-76AB-47F5-BDDE-E940D87C34F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF78015A-5C28-4FD2-915E-EC343201A9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8:*:*:*:*:*:*:*",
"matchCriteriaId": "9DCBF1FE-C124-4DBA-B127-D484D5C9110C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31308B18-062C-4DB8-9241-F15661C06398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED17D340-9C18-4B1E-BA15-CAE2ADAAD38E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "310856A9-CA62-4C1A-A4C9-B6EECC36F496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3D295366-662E-4C8E-9758-3DB801E0ABA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F09360A9-3FB1-465F-977E-643942D01FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6A97A6BE-A27A-4D53-AB63-2A2631F20EAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3F034BF4-31E6-46FB-B082-EA22FFE51AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(6.213\\):*:*:*:*:*:*:*",
"matchCriteriaId": "17B9D603-75C0-4241-BD4B-3C891A2C5BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "063BB311-EC8D-43E5-9B9D-56C96121EB9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "003AAC03-306E-4D12-B4C7-7ECA4ED88884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DAA33-3841-4C14-A137-93E1810CC866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ACD5B480-2780-48EB-B361-4EF4833D97E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B0500999-E48F-4FE1-9B92-C1E179651CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "98CFE9BB-7BFE-4782-B602-2C6A1392693F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "629488D4-D8A4-4152-A4D3-E951F199C6DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2D8F0A63-8229-46E8-94A6-CDBB1E8F91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FAD3C773-0B71-4FF2-9DCD-2875CFDE3308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B07F6A0D-82C3-4C2C-9715-3D07083E6F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "03901678-2CCB-4ED5-AF04-D8469BF12804",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "618861BD-8FEE-4EF8-BFFB-A5BCBA8EA3EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6459DD6B-6DC1-4C14-A8E7-4503ED5F69BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA600413-FC70-4776-99DF-180C96D4FD24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ECC9066F-3082-48A0-BA52-9ED9420EA47A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "78611E25-E33E-4C88-A681-97B5A2A01B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "780B04ED-412E-441F-8717-D8F9257F5699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FC6A3647-2AF0-4D45-BCC9-24618B43ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AD2AABBD-8680-4615-A4E2-B607CB1B0979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "693F444B-FA34-489C-BB45-E9185DE47816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "13669043-3F12-4439-812F-6DE35F70B159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58A8BDE0-2F73-4E0C-B73A-918DB3352067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5CC4DC15-3045-4CE3-A7B5-4E6ED35BF51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "625BE6B1-12A7-4A8A-A816-E82C026E0457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4EAC2920-462B-44F0-8E93-7875C2F74592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35957A41-D8F2-4BC1-986B-C3E271327D64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "10BFAE68-01C5-4EF8-8B86-F470092E9034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6D02FC11-EB21-45CD-A070-89C4862240BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8C67AE59-380A-402B-9B2A-F595E001637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4301927C-7A6D-4DA9-9470-9182E7FB234A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C71ED401-6786-4AAE-A98F-BE4732256A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E2B5EC76-A4A7-41C0-9F37-5EC85FD1EB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "66BC7FC9-1167-41C5-9B0E-7D68400F3C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6EB46CC-2939-4326-8CB9-504D7C7EF05E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6:*:*:*:*:*:*:*",
"matchCriteriaId": "0CDB1D59-C964-4D30-B55E-08E68562300C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(0.46\\):*:*:*:*:*:*:*",
"matchCriteriaId": "62C7EA58-2F17-41B2-8955-CADE8B7D2FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8845147E-D3B1-41B9-BBD2-77B2823F3AD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8F7B2F23-F532-40D2-884E-D86785B33296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1FC4F349-9E1C-4DD8-BC07-6CB67053BCDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D498C133-AA11-49C4-B065-F27CE776D318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "08032AAC-F094-4717-A56F-89289FBD1F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C5ADD4D3-206C-4609-AB2A-F6945D56627B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "07645F73-AC79-4BB8-A98E-1740F7D6EC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9DC56869-4665-49D1-89F2-8ED97727BD94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "147D1A4A-6404-47E3-B1A6-4C001C8DD9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1162691A-6C92-448A-8F1B-2DEFB623F1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "57524BA3-CF08-4F0F-95C9-F1417B4B83E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0E214C2-24CF-43EC-BC27-2E6AA77254DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB0D74A0-C4B2-46EC-A9FF-562A997E3150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "817A45B4-7C79-4D1A-B889-18A937CF8361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "155F3CB7-A85B-4897-A4E2-F485FDF44AD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9D34CAB5-0832-45B1-B13F-49B763AFB74F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C0DB182-F37A-4230-BD6F-461C3195FAF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "065A0E6C-E0BD-4BD1-97EB-723EC4BDFA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2FDE8EF9-47CF-451D-9570-3D369D74D44F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "55A760CE-5E63-4A6B-8DA3-A473BC3900E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C857C0F-B023-4CF7-9916-6735C40425F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(3n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD503699-A02E-4A62-827F-0906C94448EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D4C558C0-ECA4-408D-A5DF-2A175E48EAE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C4947F0C-B1F5-4BA0-A6F0-F08C25554E68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0E738E86-B75F-48BF-9E76-C7DD470F3688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(6a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "11E66F3E-9482-4F30-8480-F036F3C68B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "68C6090F-0B05-46F0-8A67-928FE1C36D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "07863B2B-D780-4641-BADE-A5AFFAD95E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FBD345BD-83EF-4913-A0F3-74E52AD76BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46B2B97B-DDB7-4208-BF1A-D10C8A075A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "317C8BE8-84DA-43D5-AE93-7E7DCDE6883E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED7B1216-4C4F-4A23-9474-23876649ABF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(11b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CF349FDA-DFEC-45AA-A236-F0C8D0B3AD83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "57892CBB-8C95-4E56-90F8-B77BBBDC03FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A555382D-9D35-4931-B3B0-DD4D956AB7AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(14a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "65CCE422-71DB-4500-AC91-9FB4DD5924A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(14b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C37B944B-CFB6-41F6-B4ED-049BEB3732E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "985752BE-AC65-47BC-97F5-36C2E44E55D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(18\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BEC60C3C-8689-47EC-B944-F0FB9D38E4F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(20\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C6A61F7E-9929-48F5-85BA-72E744AF30B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(20a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA24A851-F051-41A8-A33E-7296AD199306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52E6911E-3DD8-4FCC-A1B5-613098B25337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(24\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FEA235F0-95C4-471A-BBD6-EDB723E6E7CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(25\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0B86774A-900E-4A02-B671-C13C18965358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(27\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D23ADF50-748F-4795-B564-6D934B95F8D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD613D8F-099C-43A1-BD29-A98250E1334A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "576B74DF-9527-4931-B1A3-8FEE1DB1AD99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f1:*:*:*:*:*:*:*",
"matchCriteriaId": "26AAAA6C-70FB-4562-AE8B-1BCB9A0DDA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4243B6B-7DC5-46D9-A918-5D2BD74561F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3:*:*:*:*:*:*:*",
"matchCriteriaId": "1BFF2221-DCA4-4217-8199-76EFC43DD639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5DD2941-AD1E-4C13-8DAA-C5524B96AAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "45A37F82-44B3-426C-A344-9054599BB426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "907A3DEC-27F8-4D0A-9EE4-4681B6D9BADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "53378B5F-4A5B-425D-B8BE-455FAF924551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F2CB77FE-97B4-439F-BED0-59688252E87D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A8F6C744-6501-4FAD-AF4F-12D3EA8F5BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "076216C6-C115-4C7C-A9E3-46A3986DA2AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A819AE96-3933-4AD2-AF30-36E199393E01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C8C0FF6-E9E5-4191-8C21-E8CB3F6BF7D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D2BA7EF9-FDA1-4A2D-88B2-67042367C90C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A2FBF6CB-DE31-453D-BF47-89D0766D3020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "046E260B-F842-41BA-914B-ACD7B71AB62F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AAF537FC-B681-4F52-9324-9A4AC29651AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6B2E736-F9D2-453A-9998-38800CC875F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3E8CEAC9-1C53-46A6-A18A-2A970D587C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "851E1B4E-40C4-4639-8FC6-C9DEC6FB2744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C24518B-D2D5-471A-BB19-B839792607D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8D93FA53-ADC0-4031-B693-84111E1EEDC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2v\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2B3E4490-6DD8-44BE-A681-105F526AE6E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2w\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E02F54C2-C551-4FC4-A6FF-737CFD465D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2x\\):*:*:*:*:*:*:*",
"matchCriteriaId": "77C98C47-688B-404B-A6CD-96AD5C0FD7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2y\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3D20DDF8-145B-443D-8D92-404F574929F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DBAC49A1-91FC-4D55-BD74-42C918CCFDC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4142F873-0492-4ACC-88F9-3A243128D0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CAEFC7FE-718E-4544-A86B-3243C2C14EDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A9CD31FC-C2D0-4B29-90D5-7C3CB218DF9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "30A500F4-1899-4F96-98E3-9330146A7963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE52C974-3930-4AC9-907B-8E6B325D6A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FAD07DE9-5C98-4A63-A741-8E69E9F125D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F0DA113F-3706-4FF3-88F9-5D3CD48F8CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5D1D8118-6E39-44B5-ABD7-B7ED3A80766D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6A35B6DA-BF07-4579-8D6A-65CD8E052482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF0B3DB8-8121-4FDC-8A11-42AB619101EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "70830AB5-C86B-4726-A982-6F104910153E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8z\\):*:*:*:*:*:*:*",
"matchCriteriaId": "87EB3AE2-8A92-4B16-8A22-A0F5B55D12E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0904B27-2FA3-4B8D-9706-98B0376B5FC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B7B5DE-1177-466F-B6AD-9641EAC0E113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B1D86994-83EE-4D09-B79A-70CB22C077C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1BEB5BAE-0BB6-4201-9229-47DE631AAF3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "654694A7-394C-4843-9197-91FC00445E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1798EAC2-026C-4757-860F-D7417A2BA881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD83DA54-DF65-4837-90AD-837F75412E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "00953B63-7DBB-4A67-B41D-321C2ECDE79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "83B2E7F6-9641-4B55-8B7D-6B0E020DD4A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEBF467-C2E2-4ED9-8E8A-02E062E734D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C9388C2C-75F4-487F-A7D8-4E17FD39A166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80B54786-DA2A-4E2D-9835-6A7939931928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7688EC58-4647-4A08-9E86-A71EA7C41B88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3z\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6E7DA901-990A-4388-9B72-943E77269B4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5AD2254-158D-4BEE-B36C-242813F4BA37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4480D800-595F-44CB-85ED-7E17A34A5BEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF7AB4C3-54E0-4445-974C-4AE337B7B7DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AD015889-3893-4781-B18D-6125A9B6CE39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6z\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4E355839-76C1-4D48-9892-53EEADD2B629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "89541F84-0C10-4757-8D25-80FC4464EC23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "371AEAF3-39CA-4837-BA5A-D80826933C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ia7\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C474B035-BFDC-4617-9285-D10C970342A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ia7\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D9D9DD45-8C38-4753-9168-0E5BF96146DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ic4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "259F3DCA-D218-4CF1-9CB4-23ECB070719F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C55F18EF-F751-400F-88DD-76ADD2B60BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AE1D0444-6A5E-4252-B761-28FEFAEE8BAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "578691EB-19D3-4B75-9783-B6D4F0FE1CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C89EAEB-1944-4082-B1AF-CEAC39BE762A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD8BA29C-7F6E-492A-8EB1-A2D6391C5120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im7\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "32EB01A2-9A00-4EFF-80F0-D192C79B1489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63949081-E2F3-4EB4-BABC-270AAB19EE78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58292522-F486-410D-AD99-DFD6EC0AA9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A462729A-720F-4180-96DD-713A70CEF494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BEB59A4B-3FCA-47F9-A4DB-D2B8ABAFB54D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A07ACF87-C694-41DB-B4BD-23CE72E32EED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C83C312B-0B0E-4A02-A9EE-F864EFBE60CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(2s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "832DE1DB-0D1C-4C24-8E2D-D182205C94B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(3s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BD36EDD5-4408-4BD0-A75A-AFFD5BF44D38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(4s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0FBFB9B-703D-42F8-93BA-969AB7284106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E47E0A4D-4033-43A8-9A50-E1A2BD7B419C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4C95519E-7536-4EF7-8222-D4089500F826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "71F56568-57E6-4C1C-AC8A-D96E097E449E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F631EAC6-1D33-485E-9E00-8572FA015C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "25CEAE9E-DD9B-41E2-BC39-3332F428B489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DE199525-4C2D-48C2-A76C-BD14BF2851F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E3644F66-F964-4D50-A6E0-EE8784490BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "72AD166D-7CBF-4A4D-A376-907DDA1BB504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FC9BC24B-BEB3-4D55-93C8-8334B8BC0BC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A20D72B-E2C6-47B6-A54D-FA435F29D7F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6C801D4A-E604-49CA-8D14-13622E85C563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "77D9EEFA-D652-45D2-8AF5-8A72825E7ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EC78BEB7-47D1-4544-BC40-AB5D73B93D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AEB91EC-E548-4C53-920F-C4871BC464B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0282F963-2C1F-44F7-A0D0-4929685051AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A1F519D0-64BC-4862-8894-4F6C248253C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94A247A8-E918-4757-9ADE-251B027CD307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "195CD630-4949-4B52-B9FF-94F3DEFB47AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "225E5070-B635-4752-B771-0E721C96C2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9103A92E-C9F3-401B-AE30-66466210ADED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9E5CD729-234E-43C0-A6A3-A3E0983A6605",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A30E576-56F8-4EBA-AADE-C70655DE6E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74415A0A-A3F4-43BB-B609-B6641771D655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B5ED7424-EB12-4C21-97C8-082156716C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "16359104-2DB6-41D6-97A8-8CA1C3AB5688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6BF973CD-3315-4D86-8F89-05DC97C736AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E485E99D-F421-487D-86E7-A2D119623D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)d\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2622260B-F77B-4510-9B9D-078B994BBE64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94AA886F-7BD1-4699-B1D3-E495EFCA2812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2768DEF1-3DFA-4683-9D8D-C5915D8E7365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3CD05045-E867-4B7E-ACE4-7B6EA69971AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF9B10D1-29C0-4B16-813A-B535C4C64E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "84551391-3A13-42EC-855F-FBB3453F65D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7FD733DD-EC40-48EC-A8A6-AE09657EEFC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)dx\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "18CE33FF-6C81-4B38-8C47-6DEBD4D4223C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "569B3CE7-CA06-4636-8043-7ED7635195A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "41A683FE-68AF-43E4-B846-2E82ACDD5E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C8B149C-D842-496A-BE21-41920F95139C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A7B0A8C-ED8F-411C-843F-B801CBBBB6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8D72F0B8-D229-4995-A053-62FA6591DCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FADC755B-3AB3-43D6-8495-1FABCBD548E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "42D84BD8-D76B-422E-9E46-4A667A981FAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "03607526-7F9E-43F5-94ED-3ED0B4D29DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8890C4B8-2E5C-46D6-80DE-6B5256FA1CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F8A3FFE-D017-43F7-B481-AF25B8B2BE6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D8025943-EA09-47E6-9109-7DAF078F8F26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1A727000-44CC-461C-A7D6-0B9A99CB974A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "105B6601-D756-4B76-9554-5B6E027A5E8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "98FC292D-27D3-40CF-98C5-AF47686FC134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0EE35B51-2D13-4A8B-BFF5-0596DBDCD261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C23B353-3500-4FA4-90CE-624A29B1048F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69FE85C9-A0AC-4FD4-A6EE-F0868B69503B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9B1340D1-8EE8-484F-979A-AB9E34D35EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29002523-6405-4198-A5E5-630A4B661767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AF1257BF-D534-4899-937F-DCBD033A7D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "86E5CF27-5661-41DF-B339-740718760AC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6AE0D110-D8D7-4D50-A599-618A5120EDD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9ACD2D0D-7A38-4FCD-9E24-5588BACF8DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "586E9024-C983-4CFF-9A3F-A39256E09910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B2B7951C-8376-49C3-BF50-E6B65909A739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C83E090-7C99-465A-A477-C2949B137720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AB556839-151C-492E-B4C3-C024276D5AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3A8D89C0-8C65-487B-9F2D-FFE31AE5BBCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "409A92B8-F9A5-401E-B77F-177C48B22F23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "298709C4-69BF-48BA-A317-4251B5461A0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0EF15089-A16E-47CC-AB52-78AB85F681BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3FB0B238-4F3A-4569-89B0-ED80533D87C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CF90B861-F48B-45DF-ACB8-F91030106181",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CAB301FC-988F-4FC3-A097-E926E541F098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6CFA19E0-0121-4422-83AF-94039520A0F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "03201B37-841C-432F-8643-352833381373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6B8E31F-6B33-43E0-9585-5736D54FE876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3C828C0E-99E6-4DEF-9EB3-672DEB61F479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2636B1F1-8C40-44A4-B96B-C84EC244685E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0A868C7-1060-4A48-819E-013F435F08D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD96C7AE-EECC-43F4-9132-1E7F8047C701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1D43B9D6-0991-4370-9369-C0A1EDBF6627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6EB58108-78E4-4208-A549-C86B37422828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2v\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46427F06-FAB1-4AB8-A6BF-3EE10608B4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5FB6ADC7-97AC-4DD8-8F1B-448A63D8BE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(3y\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AA0623C0-E021-4DA0-926A-4466DDBC0BA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A589031-946F-4016-AFC9-92FB033420D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(1z\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F62AE0F2-812F-450E-BE9D-01A3AD15028E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20FF2A5A-CB80-4F58-856D-724AACB0864C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9FF50BFC-2DB3-4954-BC59-8B3D27D418E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B25B92ED-37C0-4653-9C5E-B4C13C46464C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2374E02D-46FE-477F-A74D-49E72149E6EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C44335D8-8A78-486C-A325-9691FA4C3271",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F21A73-278B-4CEC-A887-E4FB53C6AA94",
"versionEndExcluding": "3.2\\(3o\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00B4CC8B-AA85-43E5-962A-0F0E003D95FF",
"versionEndExcluding": "4.0\\(4i\\)",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB2E352F-4A19-4612-970B-12978D869A09",
"versionEndExcluding": "4.1\\(1c\\)",
"versionStartIncluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC04D48B-8B2F-45E1-A445-A87E92E790B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el componente Cisco Fabric Services de Cisco FXOS Software y Cisco NX-OS Software, podr\u00eda permitir a un atacante no autenticado causar bloqueos en el proceso, lo que podr\u00eda resultar en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. El vector de ataque es dependiente de la configuraci\u00f3n y podr\u00eda ser remoto o adyacente. Para obtener m\u00e1s informaci\u00f3n sobre el vector de ataque, consulte la secci\u00f3n Detalles de este aviso. La vulnerabilidad es debido a un manejo insuficiente de errores cuando el software afectado analiza los mensajes de Cisco Fabric Services. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de mensajes maliciosos de Cisco Fabric Services hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una recarga de un dispositivo afectado, lo que podr\u00eda resultar en una condici\u00f3n DoS"
}
],
"id": "CVE-2020-3517",
"lastModified": "2024-11-21T05:31:14.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-27T16:15:12.550",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-20 21:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow. The vulnerability is due to incorrect input validation in the authentication module of the NX-API subsystem. An attacker could exploit this vulnerability by sending a crafted HTTP or HTTPS packet to the management interface of an affected system with the NX-API feature enabled. An exploit could allow the attacker to execute arbitrary code as root. Note: NX-API is disabled by default. This vulnerability affects: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd45804, CSCve02322, CSCve02412.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/104512 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-bo | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104512 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-bo | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D75479AD-9847-497C-9438-AA82D91B6F71",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA88A05D-8084-42F8-B41F-CBFBEE26DD31",
"versionEndExcluding": "7.3\\(2\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B16DD0F7-0DF2-4423-B0AA-04C3BBDEA757",
"versionEndExcluding": "8.1\\(1\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F363BEDD-A8AC-4FB6-87DC-708F97F8375E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E40D9097-C95A-4813-9DEE-89CA75820524",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34CF5006-23A1-4B93-8AC6-D97ABB0C2F15",
"versionEndExcluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAEED288-9710-4758-8F6A-50BB6CF8338F",
"versionEndExcluding": "7.0\\(3\\)i7\\(1\\)",
"versionStartIncluding": "7.0\\(3\\)i5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEBF467-C2E2-4ED9-8E8A-02E062E734D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34CF5006-23A1-4B93-8AC6-D97ABB0C2F15",
"versionEndExcluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAEED288-9710-4758-8F6A-50BB6CF8338F",
"versionEndExcluding": "7.0\\(3\\)i7\\(1\\)",
"versionStartIncluding": "7.0\\(3\\)i5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEBF467-C2E2-4ED9-8E8A-02E062E734D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC6D08-C547-44A3-AC77-A63DB58E4889",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D4C48-4D01-4761-B2D8-F16E90F78560",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5FF890-017A-4F2B-9253-8149FA484066",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "991285C8-2BD5-4C84-8DA0-4C500B519267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02DD5791-E4D3-475C-84B0-E642ACFC5EB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF918D59-4D57-4C18-9FF5-AE6636F24484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE85C54-276F-462E-808A-23D3E54D31BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02DD5791-E4D3-475C-84B0-E642ACFC5EB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE83F96D-A5FC-43F4-AA3A-87EDD0AB4EA4",
"versionEndExcluding": "8.1\\(1\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "258F95C6-34C6-489D-95E0-5E90DAA518CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF1AF20-C6CE-4956-8129-FA68E3B03E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F363BEDD-A8AC-4FB6-87DC-708F97F8375E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E40D9097-C95A-4813-9DEE-89CA75820524",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow. The vulnerability is due to incorrect input validation in the authentication module of the NX-API subsystem. An attacker could exploit this vulnerability by sending a crafted HTTP or HTTPS packet to the management interface of an affected system with the NX-API feature enabled. An exploit could allow the attacker to execute arbitrary code as root. Note: NX-API is disabled by default. This vulnerability affects: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd45804, CSCve02322, CSCve02412."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la caracter\u00edstica NX-API del software Cisco NX-OS podr\u00eda permitir que un atacante remoto no autenticado manipule un paquete en la interfaz de gesti\u00f3n de un sistema afectado, lo que provoca un desbordamiento de b\u00fafer. Esta vulnerabilidad se debe a la validaci\u00f3n incorrecta de entradas en el m\u00f3dulo de autenticaci\u00f3n del subsistema NX-API. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un paquete HTTP o HTTPS manipulado a la interfaz de gesti\u00f3n de un sistema afectado que tenga la caracter\u00edstica NX-API habilitada. Un exploit con \u00e9xito podr\u00eda permitir que el atacante ejecute c\u00f3digo arbitrario como root. Nota: NX-API est\u00e1 deshabilitado por defecto. Esta vulnerabilidad afecta a: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches en modo NX-OS independiente y los m\u00f3dulos Line Cards y Fabric de Nexus 9500 R-Series. Cisco Bug IDs: CSCvd45804, CSCve02322, CSCve02412."
}
],
"id": "CVE-2018-0301",
"lastModified": "2024-11-21T03:37:55.867",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-20T21:29:00.483",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104512"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-bo"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-bo"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-24 20:15
Modified
2024-11-21 05:43
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. This vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a crafted LLDP packet on the adjacent subnet to an affected device. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C64CC640-B37D-4064-8946-B8CCCDE1A6EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E8983275-20C6-487E-A265-3836F06AB226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CBCA0A4F-D475-405C-B9A7-EBB0A816B9C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(1e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA0E0039-23E1-425B-8B2C-DFE2C185CC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(2j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C3FB2AC-934D-4F12-9E9B-EA5F0731DA4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(2m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BACE91F5-EC9B-4486-80F1-CFC3DA570B9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(3f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C60E5B9-10AB-4A69-B28D-0D526756E6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(3i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "979FEE23-2C28-4212-9DA5-10A0EAFE1668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(3k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9B610400-181F-4621-B27B-18C2609990DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(3n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4585B70C-E162-42FA-9CB8-42C1F34017AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(3o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EFC3F541-E417-4FC1-8C35-5B162F35F4F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(4g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "627482D8-0464-4B96-B36A-25D151F1525E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(4h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "788E6471-F000-45A7-9829-71F7AE5ED1B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(4o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BCD04718-6743-40A1-9115-A172D1C37835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(4q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0277D6FD-2A73-45E9-ADA3-64998B7E4668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CAA00485-725D-467C-9152-DF325507E248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(1o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7D7ED5D0-12BD-483C-902B-CF1AE23611E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(1r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "582C120A-DFA9-40F8-875A-C7875D9D93F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(1s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "040EFFE2-EE24-46EA-B77B-7FDCCF66923D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4FB814B0-24AE-4C62-9CCE-5D572D0FC0A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(2i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "92FAEF9F-724D-43E9-8916-BEF64A9B8F9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(3f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EA448665-A433-4C40-940D-1165C6A2777F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(4e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "061AC794-EDA5-4166-85D1-EA827685C0F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(4f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FFE372D3-4978-4C78-AE1A-14E29ED00D46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(4g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1A11D005-53E4-4575-8EAC-86F9DDB62FF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(4i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "952CC9AA-D03C-44F5-8600-78C1E20D0F9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(4l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74F6CC3C-BFCB-4CD6-830E-6A2C29EB0923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(4m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C27C3B5E-AD72-4A32-BE7B-885AE8DFB480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A2C5F386-C135-4AED-9F96-388E324F09BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "669CF375-763C-4B83-8291-85F7CE8297F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(1m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9188E945-D4A9-47A7-8588-302762510C2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "36A00C1F-7270-4E2F-8420-8567336AD1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "22EE58D9-D1BF-41BD-B331-A3472D38B1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(2i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58B28302-6700-4B2C-9531-6BECA5113D70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(2j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C470740F-386B-472E-AD18-D8954AD5BE78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E34C017B-E9C3-48B8-AB7E-0A8C6CD8788B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(3e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED0CF9B2-356D-45C5-BFCD-94155E1A2F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(3h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2478A831-330D-4526-8A2C-DC8C0F6973ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(3m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EAB57FD7-4350-4BFD-A6CF-EDA674AD31BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(1g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "71B4FF76-FBC5-4742-B784-90AFBE8E2767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "28328D72-D898-48C4-B7A9-D97E321C9D99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1569E0F4-33D1-408D-88DC-26822447F325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF454C26-1558-405A-B99C-ADF7A9E91B69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CA86F8E0-58FB-4CA5-9541-E9D55BED533D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F031ABAD-3D20-4374-ABBE-24D5C01BE910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(2i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F227E127-08EE-4A86-956C-BBBDB49925A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(2j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0CD7AC4-58DD-4795-AB15-EFA214111B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(2k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "64581189-9370-487A-9196-D0421CB3636E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0BEE5B22-F9D3-4EAA-A552-7F0271080632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74DB471F-43AF-4E94-99B0-7D38CB3F5943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9217FBFE-2708-440A-90F9-0562C159DE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5BA5F46C-3172-4509-856F-703E0B517E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E07DC9A1-E4BA-474C-96C2-0B73704628AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "027DCF27-E201-4713-A1AC-526C6CA04343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40B05631-0319-4AFA-867A-2AECEAD449CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "771CD71E-4F24-4ACC-8D86-11429379093B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "906C7861-3266-445E-BBAB-64B757229A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "782E194A-E91E-4C72-A86A-5BD2B9CE19BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4CE062A4-FD32-41E5-A5B2-06BED72140E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52016BB9-A37D-4F3A-BEB4-77CF84193652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CE8D042D-35C6-4BDF-9CD7-9125B19DC415",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "50F91C27-4625-4CCD-B2EB-7F34F286AB2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F65D3CE3-CA53-4A13-AD86-E59196B586FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EC4633AD-6CBA-4E7B-BC9D-DCCBE1F2C7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "04B6FAA5-D3CF-4463-9DE9-6F472DC78B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(2k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A1A8E4CF-2EF7-45E8-A4FE-5BEA54617D71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(3g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B0A7F045-BE20-4B1D-8A0D-38A651B77EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(3h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E8DB4683-C8B2-4013-85C5-A1B5F01790B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(3j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF031A0E-9C92-4931-8433-EAF9F9BA0DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E66B8A3B-AE6E-4876-9C14-54B24F91229C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "57B9178C-DD7F-4FE4-BC24-7025F90A4E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(1n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A5288A19-E08E-4748-A6F8-C095746D8B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(1o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4DBC06D8-E9B3-4400-A7E5-7EE6A3B8C9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46C5D5D2-B2B9-4A9A-84D5-6F04E3F8694F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FDFA97CC-F9AD-42A8-8FBE-D986E729336C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "49DCFBB0-E1DA-4F4D-877A-BC6075775EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4E02BE71-98EB-494D-A808-42A3B2A0A72A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6B74C309-446F-4EAC-939E-43BC8167FE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0EA38368-8EE4-4480-9A9A-D12992108475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(3j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BFCAE710-1789-4D3A-AC2E-E6A523037172",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(3p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2E7A6830-C15E-4690-8C1A-5044A3B01C13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(3r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69051EB0-D60F-4E30-8939-088E50422A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(3s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5135CDF-5991-4CC9-9C4C-CC0DADEA8C5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(3t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "00DF4FCE-1B71-4A28-989C-AE4C5F2B3343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(4f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6049CBB-7445-4A77-867B-5D59DF0C9332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(4p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58BE5188-775E-42A9-BCCF-0DBACDDFC045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(4q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "762B4A37-3D8C-4172-A8FF-14F470CBDBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(4r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C9BCF174-6D01-4C1A-AF7F-B91EDD16E010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94E4F174-8F51-41AF-82C7-0CA577753191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "353FD814-0812-4B90-B8F0-D372E85CF40B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "71AF6628-3E98-4D66-B4A9-9EA16519719A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E52B312E-9C91-40F7-BACB-1550D6632477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "746D1151-BEC2-4404-A7CF-651D8BFA3412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52CE3E73-8EC6-49D1-837F-2FBFDD51802C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.0\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B774106E-DC00-4F79-A5F9-390483A9FBEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.0\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "26676350-6635-4B97-8A1E-250E06A177CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.0\\(2k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA426885-C1FB-4DB5-900A-7C7882956BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.0\\(2n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AA5C1581-9C53-4093-BBCA-67F57CE24C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D548C85A-F98B-49BF-A6C3-ADEB60124822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "970718D9-4789-414B-8ED2-FBF914B4047C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C45D91E-5AA4-46B4-9A87-75480AC04732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "973B7EE9-6B18-4D1D-8DEE-3C43D0CEB89C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "32083CFE-1DAE-4BE2-AFB9-B2806F809191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B0D61DA2-28B2-49E5-8739-38113455BD09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2E20496D-D83C-4CD3-B1A3-EEE0D165F609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2u\\):*:*:*:*:*:*:*",
"matchCriteriaId": "71425F24-4C89-49C1-9B5E-68FAFE04F89C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2v\\):*:*:*:*:*:*:*",
"matchCriteriaId": "310CF610-34E9-45F2-B01A-76DDEC40A040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09A32C04-1467-4564-A18E-EF2AAEF64244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(1m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED378075-D761-4D0D-8852-93616EA2F9BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(2l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C9BD58D-3AE9-49C7-AE94-74878CD109B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(2o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46D16C20-D68E-4118-B8D4-D6A2044DCD32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ABCDA33D-8576-4DF6-90A1-710CA3F78F68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D302931B-4425-40A6-BF7E-97FAB43D0778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CEBC0A74-551B-4BD1-A59A-80C119362D60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F36E0CC9-7DD7-439B-B83F-F96DEF5B2A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F50E84B-7CAC-4832-96C5-9885F0F9DFC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DEB8A917-6F49-4636-AF8C-8C18BAACE661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(4d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "79ECC89F-7F84-42E0-AF0F-4C9A609131E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(4e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A9AC0D9-D8D4-480F-B1B7-84D17AF4ABC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(5d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "28A0A2C2-6E9F-4A08-9ED8-6FD4E8203053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(5e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FCE26439-5B15-48F4-8E02-CC45A76297A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(5f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F8744322-4D27-44BB-9573-BDEC9E8F6B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(6i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "83C1841C-9D9B-4A22-9080-724BC75A004E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(7f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3E54C78E-93FE-4E22-A37A-25D07AF7C7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(7k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED709475-D435-492E-A295-3F3202CB6CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(8d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20DBADBC-106E-4D0D-B6F1-F5859AD84DE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(9b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B226BA8E-FC1E-44FF-9A91-837F355E53B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(9f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1BA59F5B-43FE-4051-9D27-F83A7A39141E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(9h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3883FD9C-0BCB-4865-81B6-854C8C4EC7DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(41d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3A52F12E-8EAD-40B8-BB6D-54FAD8718AD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.0\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B4F75D6B-D48A-4B5E-A1DF-EEBFEBFE6073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.0\\(2c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FB1B81AF-FC0F-42B6-98C0-BEC432C7BAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.0\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "87C5BB7A-3B2B-4AE3-A626-04FD1BB1E9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDEB393A-9687-4E52-9837-B2C9E8F22D58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7E1BE98A-95AE-4D11-B427-68D25FE60720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CD61CB15-1955-4A81-9F8E-02F207094260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "455F4A6C-428C-494F-B70C-A891B83EBEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "322088F6-DF10-4C58-92F3-0FFBF469A6B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20BFA5E5-0ECC-4A1F-A936-1F325A810334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7ECA1140-9DE0-4BC9-A381-A8DCB5BEA4A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F5FCA86-82A3-4540-B827-BD752D9E0465",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6B8DE7D4-EFEC-487B-8250-251F9EA36BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2u\\):*:*:*:*:*:*:*",
"matchCriteriaId": "83EA47AA-6F3B-4A48-81A0-2CA8D6696B27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2w\\):*:*:*:*:*:*:*",
"matchCriteriaId": "89662D5F-AEEC-4DEB-AB8B-6A95D0A4B1D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2x\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40D5076C-6C6F-44F9-91D7-D8F2FEB21310",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D8BA2854-BE27-45F8-AF6E-CF6C474CF15B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8296DD01-9CE0-4734-97A1-43250AD87453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "77FC6FCC-9C86-43CB-A008-82E5C3E5B791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AD71858-CA76-4BE3-8B4F-626959F6A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "38F4C42B-D975-46B5-8A18-1D6F72A294F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(3j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7E6354B7-3CBA-4E09-93F6-B49717B2A78E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(3l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C693C8FA-3324-4439-B177-6FAE387DB23D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(3n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "949C0F31-77ED-49CC-870D-70104AA908A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(3q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "007BDA28-37AD-4F37-B351-C3BE0B8418F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(4i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9563DBDC-D2C0-4C7C-A246-EC95DC4581CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(4k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09CF92FC-B053-4234-830F-683E06807545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(4o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "61DF8B69-D0B7-455F-A50E-5930948BED49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(4p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "724603DA-06C9-4E64-B495-A90AD9BF31E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(5k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D1255013-E3BC-4048-BD50-4641C0048FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.0\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ABBAFC12-85C7-4FD1-B46E-D8268D00DEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.0\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8F988380-7BAE-4E9C-B1E2-D3F7389E2FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.0\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95A5C1D4-EAE5-4E3F-AFCC-96B1ECDA91EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. This vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a crafted LLDP packet on the adjacent subnet to an affected device. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el establecimiento de la conexi\u00f3n VLAN de la infraestructura de estructura de Cisco Nexus 9000 Series Fabric Switches en Application Centric Infrastructure (ACI) Mode podr\u00eda permitir que un atacante adyacente no autenticado omitir las comprobaciones de seguridad y conectar un servidor no autorizado a la VLAN de infraestructura.\u0026#xa0;Esta vulnerabilidad es debido a requisitos de seguridad insuficientes durante la fase de configuraci\u00f3n del Link Layer Discovery Protocol (LLDP) de la VLAN de infraestructura.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete LLDP dise\u00f1ado en la subred adyacente a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante conectar un servidor no autorizado a la infraestructura VLAN, que tiene muchos privilegios.\u0026#xa0;Con una conexi\u00f3n a la infraestructura VLAN, el atacante puede llevar a cabo conexiones no autorizadas a los servicios Cisco Application Policy Infrastructure Controller (APIC) o unirse a otros endpoints del host"
}
],
"id": "CVE-2021-1228",
"lastModified": "2024-11-21T05:43:52.683",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-24T20:15:12.613",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-unauth-access-5PWzDx2w"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-unauth-access-5PWzDx2w"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-24 20:15
Modified
2024-11-21 05:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0BEE5B22-F9D3-4EAA-A552-7F0271080632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74DB471F-43AF-4E94-99B0-7D38CB3F5943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9217FBFE-2708-440A-90F9-0562C159DE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5BA5F46C-3172-4509-856F-703E0B517E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E07DC9A1-E4BA-474C-96C2-0B73704628AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "027DCF27-E201-4713-A1AC-526C6CA04343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40B05631-0319-4AFA-867A-2AECEAD449CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "771CD71E-4F24-4ACC-8D86-11429379093B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "906C7861-3266-445E-BBAB-64B757229A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "782E194A-E91E-4C72-A86A-5BD2B9CE19BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4CE062A4-FD32-41E5-A5B2-06BED72140E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52016BB9-A37D-4F3A-BEB4-77CF84193652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CE8D042D-35C6-4BDF-9CD7-9125B19DC415",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "50F91C27-4625-4CCD-B2EB-7F34F286AB2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F65D3CE3-CA53-4A13-AD86-E59196B586FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EC4633AD-6CBA-4E7B-BC9D-DCCBE1F2C7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "04B6FAA5-D3CF-4463-9DE9-6F472DC78B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(2k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A1A8E4CF-2EF7-45E8-A4FE-5BEA54617D71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(3g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B0A7F045-BE20-4B1D-8A0D-38A651B77EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(3h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E8DB4683-C8B2-4013-85C5-A1B5F01790B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(3j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF031A0E-9C92-4931-8433-EAF9F9BA0DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E66B8A3B-AE6E-4876-9C14-54B24F91229C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "57B9178C-DD7F-4FE4-BC24-7025F90A4E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(1n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A5288A19-E08E-4748-A6F8-C095746D8B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(1o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4DBC06D8-E9B3-4400-A7E5-7EE6A3B8C9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46C5D5D2-B2B9-4A9A-84D5-6F04E3F8694F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FDFA97CC-F9AD-42A8-8FBE-D986E729336C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "49DCFBB0-E1DA-4F4D-877A-BC6075775EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4E02BE71-98EB-494D-A808-42A3B2A0A72A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6B74C309-446F-4EAC-939E-43BC8167FE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0EA38368-8EE4-4480-9A9A-D12992108475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(3j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BFCAE710-1789-4D3A-AC2E-E6A523037172",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(3p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2E7A6830-C15E-4690-8C1A-5044A3B01C13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(3r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69051EB0-D60F-4E30-8939-088E50422A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(3s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5135CDF-5991-4CC9-9C4C-CC0DADEA8C5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(3t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "00DF4FCE-1B71-4A28-989C-AE4C5F2B3343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(4f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6049CBB-7445-4A77-867B-5D59DF0C9332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(4p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58BE5188-775E-42A9-BCCF-0DBACDDFC045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(4q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "762B4A37-3D8C-4172-A8FF-14F470CBDBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(4r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C9BCF174-6D01-4C1A-AF7F-B91EDD16E010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94E4F174-8F51-41AF-82C7-0CA577753191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "353FD814-0812-4B90-B8F0-D372E85CF40B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "71AF6628-3E98-4D66-B4A9-9EA16519719A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E52B312E-9C91-40F7-BACB-1550D6632477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "746D1151-BEC2-4404-A7CF-651D8BFA3412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52CE3E73-8EC6-49D1-837F-2FBFDD51802C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.0\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B774106E-DC00-4F79-A5F9-390483A9FBEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.0\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "26676350-6635-4B97-8A1E-250E06A177CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.0\\(2k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA426885-C1FB-4DB5-900A-7C7882956BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.0\\(2n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AA5C1581-9C53-4093-BBCA-67F57CE24C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D548C85A-F98B-49BF-A6C3-ADEB60124822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "970718D9-4789-414B-8ED2-FBF914B4047C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C45D91E-5AA4-46B4-9A87-75480AC04732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "973B7EE9-6B18-4D1D-8DEE-3C43D0CEB89C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "32083CFE-1DAE-4BE2-AFB9-B2806F809191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B0D61DA2-28B2-49E5-8739-38113455BD09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2E20496D-D83C-4CD3-B1A3-EEE0D165F609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2u\\):*:*:*:*:*:*:*",
"matchCriteriaId": "71425F24-4C89-49C1-9B5E-68FAFE04F89C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2v\\):*:*:*:*:*:*:*",
"matchCriteriaId": "310CF610-34E9-45F2-B01A-76DDEC40A040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09A32C04-1467-4564-A18E-EF2AAEF64244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(1m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED378075-D761-4D0D-8852-93616EA2F9BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(2l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C9BD58D-3AE9-49C7-AE94-74878CD109B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(2o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46D16C20-D68E-4118-B8D4-D6A2044DCD32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ABCDA33D-8576-4DF6-90A1-710CA3F78F68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D302931B-4425-40A6-BF7E-97FAB43D0778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CEBC0A74-551B-4BD1-A59A-80C119362D60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F36E0CC9-7DD7-439B-B83F-F96DEF5B2A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F50E84B-7CAC-4832-96C5-9885F0F9DFC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DEB8A917-6F49-4636-AF8C-8C18BAACE661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(4d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "79ECC89F-7F84-42E0-AF0F-4C9A609131E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(4e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A9AC0D9-D8D4-480F-B1B7-84D17AF4ABC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(5d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "28A0A2C2-6E9F-4A08-9ED8-6FD4E8203053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(5e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FCE26439-5B15-48F4-8E02-CC45A76297A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(5f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F8744322-4D27-44BB-9573-BDEC9E8F6B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(6i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "83C1841C-9D9B-4A22-9080-724BC75A004E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(7f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3E54C78E-93FE-4E22-A37A-25D07AF7C7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(7k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED709475-D435-492E-A295-3F3202CB6CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(8d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20DBADBC-106E-4D0D-B6F1-F5859AD84DE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(9b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B226BA8E-FC1E-44FF-9A91-837F355E53B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(9f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1BA59F5B-43FE-4051-9D27-F83A7A39141E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(9h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3883FD9C-0BCB-4865-81B6-854C8C4EC7DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(41d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3A52F12E-8EAD-40B8-BB6D-54FAD8718AD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.0\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B4F75D6B-D48A-4B5E-A1DF-EEBFEBFE6073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.0\\(2c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FB1B81AF-FC0F-42B6-98C0-BEC432C7BAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.0\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "87C5BB7A-3B2B-4AE3-A626-04FD1BB1E9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDEB393A-9687-4E52-9837-B2C9E8F22D58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7E1BE98A-95AE-4D11-B427-68D25FE60720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CD61CB15-1955-4A81-9F8E-02F207094260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "455F4A6C-428C-494F-B70C-A891B83EBEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "322088F6-DF10-4C58-92F3-0FFBF469A6B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20BFA5E5-0ECC-4A1F-A936-1F325A810334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7ECA1140-9DE0-4BC9-A381-A8DCB5BEA4A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F5FCA86-82A3-4540-B827-BD752D9E0465",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6B8DE7D4-EFEC-487B-8250-251F9EA36BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2u\\):*:*:*:*:*:*:*",
"matchCriteriaId": "83EA47AA-6F3B-4A48-81A0-2CA8D6696B27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2w\\):*:*:*:*:*:*:*",
"matchCriteriaId": "89662D5F-AEEC-4DEB-AB8B-6A95D0A4B1D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2x\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40D5076C-6C6F-44F9-91D7-D8F2FEB21310",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D8BA2854-BE27-45F8-AF6E-CF6C474CF15B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8296DD01-9CE0-4734-97A1-43250AD87453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "77FC6FCC-9C86-43CB-A008-82E5C3E5B791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AD71858-CA76-4BE3-8B4F-626959F6A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "38F4C42B-D975-46B5-8A18-1D6F72A294F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58277DB8-BBC7-4639-8967-FCBAB029641E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer."
},
{
"lang": "es",
"value": "Una vulnerabilidad con el protocolo Border Gateway Protocol (BGP) para Cisco Nexus 9000 Series Fabric Switches en modo Application Centric Infrastructure (ACI) podr\u00eda permitir a un atacante remoto no autenticado causar la ca\u00edda de un proceso de enrutamiento, lo que podr\u00eda conllevar a una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;Esta vulnerabilidad es debido a un problema con la instalaci\u00f3n de rutas tras recibir una actualizaci\u00f3n de BGP.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una actualizaci\u00f3n de BGP dise\u00f1ada a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el proceso de enrutamiento se bloquee, lo que podr\u00eda hacer que el dispositivo se recargue.\u0026#xa0;Esta vulnerabilidad se aplica tanto a Internal BGP (IBGP) como a External BGP (EBGP).\u0026#xa0;Nota: La implementaci\u00f3n de Cisco de BGP acepta tr\u00e1fico BGP entrante solo de peers configurados expl\u00edcitamente.\u0026#xa0;Para explotar esta vulnerabilidad, un atacante necesitar\u00eda enviar un mensaje de actualizaci\u00f3n de BGP espec\u00edfico mediante una conexi\u00f3n TCP establecida que parece provenir de un peer de BGP confiable"
}
],
"id": "CVE-2021-1230",
"lastModified": "2024-11-21T05:43:53.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-24T20:15:12.817",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-233"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 19:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108365 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108365 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D14AF388-8D72-45DF-A268-4ACE8472F65C",
"versionEndExcluding": "8.3\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B25B92ED-37C0-4653-9C5E-B4C13C46464C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2374E02D-46FE-477F-A74D-49E72149E6EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C44335D8-8A78-486C-A325-9691FA4C3271",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8A47D2-CF7D-4306-A78E-B4423575C6A9",
"versionEndExcluding": "7.0\\(3\\)i7\\(6\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE",
"versionEndExcluding": "6.0\\(2\\)a8\\(11\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F404A62-E7A6-4C2E-884C-2D7E4E58A6C7",
"versionEndExcluding": "7.0\\(3\\)i7\\(6\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9588B23A-8C0E-4734-AFF6-254F8A2C8AA1",
"versionEndExcluding": "7.3\\(4\\)n1\\(1\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFC8699E-81C0-4374-B827-71B3916B910D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "870F4379-68F6-4B34-B99B-107DFE0DBD63",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A58223F-3B15-420B-A6D4-841451CF0380",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E30AB8D6-3F3F-43A3-B7E9-ABD5D3052FA8",
"versionEndExcluding": "6.2\\(22\\)",
"versionStartIncluding": "6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3411F8C2-D65A-46CF-9563-0A9866462491",
"versionEndExcluding": "7.3\\(3\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02E6779A-5759-4A83-B884-1B47FC124A22",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68D9CBC8-EB36-4EA5-B2F8-555137C8A86C",
"versionEndExcluding": "4.0\\(2a\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "054D8EB2-97A3-4725-9DFF-27A4D231D90A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10CB3B6F-3CEE-4992-85F4-C448A20D7EA8",
"versionEndIncluding": "5.2\\(1\\)sv5\\(1.1\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "882D7344-E38B-4F44-8CDE-1CCA827F28BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4832A094-92DB-402F-AF05-34B3A7C7CA0E",
"versionEndIncluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:hyper-v:*:*",
"matchCriteriaId": "69E1B4D2-4200-4C05-9E64-57A18823AF38",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59B48D7E-BD70-4971-B508-1DAD4841C5CE",
"versionEndExcluding": "5.2\\(1\\)sv3\\(4.1a\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "30E0EDCF-CF41-4DEA-85E6-C39F49B03F31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del software NX-OS de Cisco, podr\u00eda permitir a un atacante local autorizado ejecutar comandos arbitrarios con privilegios elevados en el sistema operativo subyacente de un dispositivo afectado. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de los argumentos pasados a ciertos comandos de la CLI. Un atacante podr\u00eda explotar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios elevados. Un atacante requiere credenciales de usuario v\u00e1lidas para explotar esta vulnerabilidad."
}
],
"id": "CVE-2019-1735",
"lastModified": "2024-11-21T04:37:12.613",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T19:29:00.633",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108365"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system of an attached line card with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system of an attached line card with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108393 | Broken Link, Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-linecardinj-1769 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108393 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-linecardinj-1769 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8A47D2-CF7D-4306-A78E-B4423575C6A9",
"versionEndExcluding": "7.0\\(3\\)i7\\(6\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24CA1A59-2681-4507-AC74-53BD481099B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAD21E-59EE-4CCE-8F1E-621D2EA50905",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6EB963-E0F2-4A02-8765-AB2064BE19E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE867E4-9EE8-4A06-A51B-627C228EF0A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1734D373-CA79-447E-96A7-EDA4D3F9C924",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2163BE9A-89E8-4585-9AD5-A1C764533F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "569B5384-B93C-4FEF-88E7-3155ACE94F4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E7646FC-74C9-4188-9FDB-2C91D8D559D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system of an attached line card with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system of an attached line card with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del programa NX-OS de Cisco podr\u00eda permitir a un atacante local autenticado con credenciales de administrador realizar comandos arbitrarios en el sistema operativo Linux subyacente de una tarjeta de l\u00ednea adjunta con el nivel de privilegio de ra\u00edz. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos pasados ??a un comando CLI espec\u00edfico en el dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo Linux subyacente de una tarjeta de l\u00ednea adjunta con privilegios elevados. Un atacante necesitar\u00eda credenciales de administrador v\u00e1lidas para aprovechar esta vulnerabilidad."
}
],
"id": "CVE-2019-1769",
"lastModified": "2024-11-21T04:37:20.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T20:29:00.760",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108393"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-linecardinj-1769"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-linecardinj-1769"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-25 19:15
Modified
2024-11-21 05:44
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in one or more leaf switches being removed from the fabric. This vulnerability is due to mishandling of ingress TCP traffic to a specific port. An attacker could exploit this vulnerability by sending a stream of TCP packets to a specific port on a Switched Virtual Interface (SVI) configured on the device. A successful exploit could allow the attacker to cause a specific packet queue to queue network buffers but never process them, leading to an eventual queue wedge. This could cause control plane traffic to be dropped, resulting in a denial of service (DoS) condition where the leaf switches are unavailable. Note: This vulnerability requires a manual intervention to power-cycle the device to recover.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 13.2\(3n\) | |
| cisco | nx-os | 14.2\(4i\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CEBC0A74-551B-4BD1-A59A-80C119362D60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(4i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9563DBDC-D2C0-4C7C-A246-EC95DC4581CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in one or more leaf switches being removed from the fabric. This vulnerability is due to mishandling of ingress TCP traffic to a specific port. An attacker could exploit this vulnerability by sending a stream of TCP packets to a specific port on a Switched Virtual Interface (SVI) configured on the device. A successful exploit could allow the attacker to cause a specific packet queue to queue network buffers but never process them, leading to an eventual queue wedge. This could cause control plane traffic to be dropped, resulting in a denial of service (DoS) condition where the leaf switches are unavailable. Note: This vulnerability requires a manual intervention to power-cycle the device to recover."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco Nexus 9000 Series Fabric Switches en el Modo Application Centric Infrastructure (ACI), podr\u00eda permitir a un atacante remoto no autenticado causar un acu\u00f1amiento de queues en un switch de hoja, que podr\u00eda resultar en una ca\u00edda del tr\u00e1fico cr\u00edtico del plano de control en el dispositivo. Esto podr\u00eda dar lugar a que uno o m\u00e1s switches de hoja sean eliminados de la estructura. Esta vulnerabilidad es debido a un manejo inapropiado del tr\u00e1fico TCP de entrada a un puerto espec\u00edfico. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un flujo de paquetes TCP a un puerto espec\u00edfico en una Switched Virtual Interface configurada en el dispositivo. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que una queue de paquetes espec\u00edfica ponga en queue los b\u00faferes de red pero nunca los procese, conllevando a un eventual acu\u00f1amiento de queues. Esto podr\u00eda causar que el tr\u00e1fico del plano de control se caiga, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) donde los switches de la hoja no est\u00e1n disponibles. Nota: Esta vulnerabilidad requiere una intervenci\u00f3n manual para apagar el dispositivo y recuperarlo."
}
],
"id": "CVE-2021-1523",
"lastModified": "2024-11-21T05:44:32.577",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-25T19:15:07.217",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-queue-wedge-cLDDEfKF"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-queue-wedge-cLDDEfKF"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-772"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-772"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected device. Note: This vulnerability requires that any feature license is uploaded to the device. The vulnerability does not require that the license be used. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve51693, CSCve91634, CSCve91659, CSCve91663.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-execution | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-execution | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B10C9143-9E1F-4DA3-924B-68D48B4F2D37",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0\\)bd\\(0.20\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F66360CD-CCCF-4DE7-86F1-996175B4503C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0.59\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE02C4C6-1DDE-4EAE-BF67-CB8B120E6C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AB556839-151C-492E-B4C3-C024276D5AB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "310856A9-CA62-4C1A-A4C9-B6EECC36F496",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC6D08-C547-44A3-AC77-A63DB58E4889",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D4C48-4D01-4761-B2D8-F16E90F78560",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B10C9143-9E1F-4DA3-924B-68D48B4F2D37",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_2148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5BBD7E-7638-4725-B01E-37B0056521EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2224tp_ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6A29A1-C498-4F98-81B6-F920AB038507",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232pp_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A0F8DD-8150-45EB-8C0E-636C11C258A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232tm-e_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8DC1FE-89A4-4E8D-917C-A888F2475FDC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232tm_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8717918-2908-470C-BD41-6B466AF539F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248pq_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "572DBF51-E334-444B-B548-2539740E1D0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248tp-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8D3949-D212-4212-A651-07A631964448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248tp_ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2291E9C8-3816-49E6-843E-292686F5B6CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B10C9143-9E1F-4DA3-924B-68D48B4F2D37",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94B175E7-9D1F-421B-8618-6CBB60C2001F",
"versionEndExcluding": "5.2\\(1\\)sv3\\(3.15\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E705638-8D0A-40D6-9A51-4FDB6C03F71E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1110-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE05F763-D4C8-4221-B023-65E8115A9598",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1110-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC197AB-2E75-4F53-B06A-96C64155952C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF9FDEBE-726A-4F78-AB82-D7BA6A7A8032",
"versionEndExcluding": "8.1\\(1a\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22E6B85A-3988-4EC5-B788-9664772CE64E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E81D2CC1-376A-4D87-88EA-6E1831741EC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected device. Note: This vulnerability requires that any feature license is uploaded to the device. The vulnerability does not require that the license be used. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve51693, CSCve91634, CSCve91659, CSCve91663."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el analizador de la interfaz de l\u00ednea de comandos del software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado realice un ataque de inyecci\u00f3n de comandos en un dispositivo afectado. La vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente de algunos argumentos de comandos. Un atacante podr\u00eda explotar esta vulnerabilidad inyectando argumentos de comando maliciosos en una comando de interfaz de l\u00ednea de comandos vulnerable. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante ejecute comandos arbitrarios con privilegios root en el dispositivo afectado. Nota: esta vulnerabilidad requiere que se suba al dispositivo cualquier licencia de caracter\u00edsticas. La vulnerabilidad no requiere que se emplee la licencia. Esta vulnerabilidad afecta a MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches en modo NX-OS independiente y los m\u00f3dulos Line Cards y Fabric de Nexus 9500 R-Series. Cisco Bug IDs: CSCve51693, CSCve91634, CSCve91659, CSCve91663."
}
],
"id": "CVE-2018-0306",
"lastModified": "2024-11-21T03:37:56.550",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-21T11:29:00.523",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-execution"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-execution"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-28 17:15
Modified
2024-10-22 14:44
Severity ?
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.
The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(13\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1C26E0A3-7641-4DDF-9882-F04F297C8D07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8397775-5A75-4710-9044-B56E1CEE20A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE8EFEE8-FC8D-480C-917E-24C3B8D56E29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "876304F4-4CE5-45B8-ADF5-2523319D05BB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9C0219-7EDC-40FD-A66B-24A92993F692",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23DFF0E-725B-4CCB-96A3-378600513CC5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C71319A9-5B95-410A-BDDB-C47639B8E464",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B573EF4-2ABE-4ABE-A8D6-D8E14AD29E73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7482F9FB-CA6A-4CA2-B6FB-FD0DCDF603ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6487A95B-0D04-4ABA-B491-8A935694AFD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "018DEE0B-F3BC-4D3F-B2E4-2FF40203E65F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506B07C-EB3B-4034-A348-1EEAD09CC5E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "122E24C3-1411-46DA-92F1-635BC0784559",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2E84307-41BC-4F85-BC9A-FF02178765F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55A31452-5B60-4273-BA38-8FA684DED953",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3FCA39-927B-4C89-A58B-E6859ED8176A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180yc2-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7543DCD-5ED0-4400-9326-9714AB84E012",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37DA56C5-FDD0-4CC3-9DDF-8F1BBE94B003",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7B464B3-DE25-4980-ABC3-10D7C79C12E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "365A5FB4-3DCE-48D7-8917-636E94389576",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9332d-gx2b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50FE8720-EA9D-47CF-9CDB-CC09FBDD008C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90DB9E2B-74F6-4C62-AEE1-3FF109A963EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "961B0A51-15B4-45FF-BEAE-05667D76F418",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A29C323C-6731-4CDA-B364-C1C8B8E60510",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9348d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D100815-C171-46F4-B675-64E20D8C4FD0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "214472EB-424C-48B7-8EF3-7B679A5042BF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D5229B-AFB2-4B28-95BB-563DBC346982",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D32D88D4-EABA-4A3A-B300-374AA89525E3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD002B70-A630-4A5D-B63C-356AC7B8280C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9364d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F0AC2DC-234F-48BA-BCC8-DE82C293C273",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "462BC5C0-61C9-4CC6-AF3F-7A366C98F2DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67F94470-7815-4ADD-9FF9-BD74BA46454F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09F0CD1D-A71B-413B-9150-E462CA206BAC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2788A2-79DC-4A28-BD88-52EC86697C99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5747442-90B1-4932-8189-A70B39E45843",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA21C9E7-30B9-4FC7-8031-2C27CE9C1AB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EED2E16-D0D7-4B53-A05F-595E120B1C25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E78D1F67-9BD7-467A-9D7A-37F54B3B51BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2A181E6-0EE6-40F2-B04A-2C12DF67D278",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-sc-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "159A9622-2240-46E6-BD4B-62D652422758",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-sup-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EA01EFB-8458-42B9-81C9-35E1E02FF42F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-sup-a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "360B9A25-5272-487A-AF1A-CE2FDFD6F23C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-sup-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3291743D-1F0C-4A66-99F9-946196F5CB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-sup-b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADE8708-95D4-4D30-85ED-BE870410F3B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9400-16w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21686E9C-D51F-4016-BFF5-F076144C7CE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9400-22l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2BBE1C-4820-4A68-83F4-734E0DA4738B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9400-8d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28CC31E4-5C1B-4FD1-9F86-670BAEA47774",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE867E4-9EE8-4A06-A51B-627C228EF0A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1734D373-CA79-447E-96A7-EDA4D3F9C924",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97284yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F7DE85-9CD5-4A3D-859A-4B3479DACBF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3000_series:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0742F63F-1945-47AA-943C-14959B23C21C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F4E8EE4-031D-47D3-A12E-EE5F792172EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D14D4B4E-120E-4607-A4F1-447C7BF3052E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15702ACB-29F3-412D-8805-E107E0729E35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B34855-D8D2-4114-80D2-A4D159C62458",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32A532C0-B0E3-484A-B356-88970E7D0248",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C84D24C-2256-42AF-898A-221EBE9FE1E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43913A0E-50D5-47DD-94D8-DD3391633619",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3500_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B72E8456-A9BD-447B-8F33-4BEB052A82D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_aci_mode:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57BC5903-1316-4FFF-BE52-2F6D63549590",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_standalone:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4755F890-634B-4B25-AF08-C34F13429FA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA62800-F5DC-48DA-8C81-D684EA8EBB9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "532CE4B0-A3C9-4613-AAAF-727817D06FB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24CA1A59-2681-4507-AC74-53BD481099B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB9FDE8-8533-4F65-BF32-4066D042B2F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA5389A-8AD1-476E-983A-54DF573C30F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B1A8F1-45B1-4E64-A254-7191FA93CB6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2FFD26-8255-4351-8594-29D2AEFC06EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61E10975-B47E-4F4D-8096-AEC7B7733612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C70911ED-371A-4EB6-8DDD-DCE3A21FDBAE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16C64136-89C2-443C-AF7B-BED81D3DE25A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "182000E0-8204-4D8B-B7DE-B191AFE12E28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC208BC-7E19-48C6-A20E-A79A51B7362C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "084D0191-563B-4FF0-B589-F35DA118E1C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DB6FC5-762A-4F16-AE8C-69330EFCF640",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "968390BC-B430-4903-B614-13104BFAE635",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAD21E-59EE-4CCE-8F1E-621D2EA50905",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02C3CE6D-BD54-48B1-A188-8E53DA001424",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "498991F7-39D6-428C-8C7D-DD8DC72A0346",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B90D36-5124-4669-8462-4EAF35B0F53D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6EB963-E0F2-4A02-8765-AB2064BE19E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEAAF99B-5406-4722-81FB-A91CBAC2DF41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93400ld-h1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D2DFCA0-36D8-48BC-B20D-84509EB5FF66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fx3ph:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D68E7FE-BD46-4245-8DEE-1AD32159E045",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-h1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2EC055-B309-4F1F-A646-FA47AE344D27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D6DB7F-C025-4971-9615-73393ED61078",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "737C724A-B6CD-4FF7-96E0-EBBF645D660E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7067AEC7-DFC8-4437-9338-C5165D9A8F36",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71D4CF15-B293-4403-A1A9-96AD3933BAEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBCC1515-2DBE-4DF2-8E83-29A869170F36",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7282AAFF-ED18-4992-AC12-D953C35EC328",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "360409CC-4172-4878-A76B-EA1C1F8C7A79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D5D5E2-B40B-475D-9EF3-8441016E37E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73F59A4B-AE92-4533-8EDC-D1DD850309FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "492A2C86-DD38-466B-9965-77629A73814F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB7AA46-4018-4925-963E-719E1037F759",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B04484DA-AA59-4833-916E-6A8C96D34F0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D07B5399-44C7-468D-9D57-BB5B5E26CE50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B76FB64F-16F0-4B0B-B304-B46258D434BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E128053-834B-4DD5-A517-D14B4FC2B56F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "163743A1-09E7-4EC5-8ECA-79E4B9CE173B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE340E4C-DC48-4FC8-921B-EE304DB5AE0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C367BBE0-D71F-4CB5-B50E-72B033E73FE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85E1D224-4751-4233-A127-A041068C804A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD31B075-01B1-429E-83F4-B999356A0EB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9800_34-port_100g_and_14-port_400g_line_card:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D3B28C3-114D-41EE-8295-AFA9932C9EAA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9800_36-port_400g_line_card:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC134D3-9AA0-44A4-9CBD-410A3A9C5886",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3284D16F-3275-4F8D-8AE4-D413DE19C4FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.\u0026nbsp;\r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el int\u00e9rprete de Python del software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado y con pocos privilegios escape del entorno limitado de Python y obtenga acceso no autorizado al sistema operativo subyacente del dispositivo. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad manipulando funciones espec\u00edficas dentro del int\u00e9rprete de Python. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante escape del entorno limitado de Python y ejecute comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario autenticado. Nota: Un atacante debe estar autenticado con privilegios de ejecuci\u00f3n de Python para aprovechar estas vulnerabilidades. Para obtener m\u00e1s informaci\u00f3n sobre los privilegios de ejecuci\u00f3n de Python, consulte la documentaci\u00f3n espec\u00edfica del producto, como la secci\u00f3n de la Gu\u00eda de programaci\u00f3n de NX-OS de la serie Cisco Nexus 9000."
}
],
"id": "CVE-2024-20286",
"lastModified": "2024-10-22T14:44:16.063",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-28T17:15:08.400",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Product"
],
"url": "https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-693"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper error handling when processing inbound PIM6 packets. An attacker could exploit this vulnerability by sending multiple crafted PIM6 packets to an affected device. A successful exploit could allow the attacker to cause the PIM6 application to leak system memory. Over time, this memory leak could cause the PIM6 application to stop processing legitimate PIM6 traffic, leading to a DoS condition on the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA35D4AA-24B3-428E-84ED-804EF941E9A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper error handling when processing inbound PIM6 packets. An attacker could exploit this vulnerability by sending multiple crafted PIM6 packets to an affected device. A successful exploit could allow the attacker to cause the PIM6 application to leak system memory. Over time, this memory leak could cause the PIM6 application to stop processing legitimate PIM6 traffic, leading to a DoS condition on the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad Protocol Independent Multicast (PIM) para redes IPv6 (PIM6) de Cisco NX-OS Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a un manejo inapropiado de errores al procesar paquetes PIM6 entrantes. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de varios paquetes PIM6 dise\u00f1ados hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que la aplicaci\u00f3n PIM6 filtre memoria del sistema. Con el tiempo, esta p\u00e9rdida de memoria podr\u00eda causar que la aplicaci\u00f3n PIM6 dejara de procesar el tr\u00e1fico PIM6 leg\u00edtimo, conllevando a una condici\u00f3n de DoS en el dispositivo afectado"
}
],
"id": "CVE-2020-3338",
"lastModified": "2024-11-21T05:30:49.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-27T16:15:11.940",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the Call Home feature of Cisco NX-OS Software could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of specific Call Home configuration parameters when the software is configured for transport method HTTP. An attacker could exploit this vulnerability by modifying parameters within the Call Home configuration on an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying OS.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA35D4AA-24B3-428E-84ED-804EF941E9A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9134:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB00911-C0B0-4A4E-A0B9-413EC9D9C25A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Call Home feature of Cisco NX-OS Software could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of specific Call Home configuration parameters when the software is configured for transport method HTTP. An attacker could exploit this vulnerability by modifying parameters within the Call Home configuration on an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying OS."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad Call Home de Cisco NX-OS Software, podr\u00eda permitir a un atacante remoto autenticado inyectar comandos arbitrarios que podr\u00edan ser ejecutados con privilegios root en el sistema operativo (SO) subyacente. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de entrada de los par\u00e1metros de configuraci\u00f3n espec\u00edficos de Call Home cuando el software est\u00e1 configurado para el m\u00e9todo de transporte HTTP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante la modificaci\u00f3n de par\u00e1metros dentro de la configuraci\u00f3n de Call Home en un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente"
}
],
"id": "CVE-2020-3454",
"lastModified": "2024-11-21T05:31:06.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-27T16:15:12.410",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-callhome-cmdinj-zkxzSCY"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-callhome-cmdinj-zkxzSCY"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 17:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108397 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108397 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFCC3C2-3483-4BD0-AF71-23574D0849B1",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF06D835-FBE6-4866-B410-C2F66AEF68CD",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D14D4B4E-120E-4607-A4F1-447C7BF3052E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15702ACB-29F3-412D-8805-E107E0729E35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32A532C0-B0E3-484A-B356-88970E7D0248",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43913A0E-50D5-47DD-94D8-DD3391633619",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32DEA700-FD52-4AFE-9E32-21808F184033",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account."
},
{
"lang": "es",
"value": "na vulnerabilidad en la implementaci\u00f3n Bash Shell para el software NX-OS de Cisco, podr\u00eda permitir a un atacante local autentificado omitir el conjunto de comandos limitados del Guest Shell y ejecutar comandos en el nivel de privilegio de un usuario administrador de la red fuera del Guest Shell. El atacante necesita autenticarse con credenciales de dispositivo de administrador v\u00e1lidas. La vulnerabilidad es debido a la implementaci\u00f3n inapropiada de un comando de la CLI que permite que se invoque inapropiadamente un comando Bash en la CLI del Guest Shell. Un atacante podr\u00eda explotar esta vulnerabilidad autentific\u00e1ndose en el dispositivo e introduciendo un comando creado en el indicador del Guest Shell. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante enviar comandos que deber\u00edan ser restringidos para una cuenta de Guest Shell."
}
],
"id": "CVE-2019-1730",
"lastModified": "2024-11-21T04:37:11.850",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T17:29:01.717",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108397"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-20 21:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device. The vulnerability is due to incorrect RBAC privilege assignment for certain CLI commands. An attacker could exploit this vulnerability by authenticating to a device as a nonadministrative user and executing specific commands from the CLI. An exploit could allow the attacker to run commands that should be restricted to administrative users. These commands could modify the configuration or boot image on the device. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd77904.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/104520 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104520 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D75479AD-9847-497C-9438-AA82D91B6F71",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(0.395\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0B836C06-16D8-4E1E-B607-F0EB31D87118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0.112\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "BEB52480-4F01-42DD-AC30-2ABCEA105F4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C899EF-A64F-4FD8-851C-1D4E2929BAF4",
"versionEndExcluding": "7.0\\(3\\)i7\\(1\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C90753E4-EDC5-49F6-A7E0-C96BEFDE877A",
"versionEndExcluding": "7.0\\(3\\)i7\\(2\\)",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC6D08-C547-44A3-AC77-A63DB58E4889",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D4C48-4D01-4761-B2D8-F16E90F78560",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D75479AD-9847-497C-9438-AA82D91B6F71",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD29D4BF-16C4-4F4B-A53A-0FF473BFBC12",
"versionEndExcluding": "8.1\\(1\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device. The vulnerability is due to incorrect RBAC privilege assignment for certain CLI commands. An attacker could exploit this vulnerability by authenticating to a device as a nonadministrative user and executing specific commands from the CLI. An exploit could allow the attacker to run commands that should be restricted to administrative users. These commands could modify the configuration or boot image on the device. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd77904."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el control de acceso basado en roles (RBAC) del software Cisco NX-OS podr\u00eda permitir que un atacante remoto autenticado ejecute comandos de la interfaz de l\u00ednea de comandos que deber\u00edan estar restringidos para un usuario no administrativo. El atacante necesitar\u00eda tener credenciales de usuario v\u00e1lidas para el dispositivo. La vulnerabilidad se debe a una asignaci\u00f3n de privilegios RBAC incorrecta a ciertos comandos de la interfaz de l\u00ednea de comandos. Un atacante podr\u00eda explotar esta vulnerabilidad autentic\u00e1ndose en un dispositivo como usuario no administrativo y ejecutando comandos espec\u00edficos desde la interfaz de l\u00ednea de comandos. Su explotaci\u00f3n podr\u00eda permitir que el atacante ejecute comandos que deber\u00edan estar restringidos a los usuarios administrativos. Estos comandos podr\u00edan modificar la configuraci\u00f3n o cargar im\u00e1genes en el dispositivo. esta vulnerabilidad afecta a MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches en modo NX-OS independiente y los m\u00f3dulos Line Cards y Fabric de Nexus 9500 R-Series. Cisco Bug IDs: CSCvd77904."
}
],
"id": "CVE-2018-0293",
"lastModified": "2024-11-21T03:37:54.813",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-20T21:29:00.343",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104520"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104520"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-31 18:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to the targeted device. A successful exploit may lead to a buffer overflow condition that could either cause a DoS condition or allow the attacker to execute arbitrary code with root privileges. Note: This vulnerability cannot be exploited by transit traffic through the device; the crafted packet must be targeted to a directly connected interface. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI mode if they are running a Cisco Nexus 9000 Series ACI Mode Switch Software release prior to 13.2(7f) or any 14.x release.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93108tc-fx | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180lc-ex | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93180yc-fx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336c-fx2 | - | |
| cisco | nexus_9336pq | - | |
| cisco | nexus_9348gc-fxp | - | |
| cisco | nexus_9364c | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nx-os | * | |
| cisco | nexus_93240yc-fx2 | - | |
| cisco | nexus_9332c | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE0577E5-76EB-49BD-82D3-CFB7A11C3A29",
"versionEndExcluding": "13.2\\(7f\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26F76B6B-58CD-4FF5-9DFC-601377014C9F",
"versionEndIncluding": "14.1\\(2g\\)",
"versionStartIncluding": "14.0\\(1h\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26F76B6B-58CD-4FF5-9DFC-601377014C9F",
"versionEndIncluding": "14.1\\(2g\\)",
"versionStartIncluding": "14.0\\(1h\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to the targeted device. A successful exploit may lead to a buffer overflow condition that could either cause a DoS condition or allow the attacker to execute arbitrary code with root privileges. Note: This vulnerability cannot be exploited by transit traffic through the device; the crafted packet must be targeted to a directly connected interface. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI mode if they are running a Cisco Nexus 9000 Series ACI Mode Switch Software release prior to 13.2(7f) or any 14.x release."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el subsistema de protocolo de descubrimiento de capa de enlace (LLDP) del software de cambio de modo de infraestructura centrada en aplicaciones (ACI) de Cisco Nexus serie 9000 podr\u00eda permitir que un atacante adyacente no autenticado cause una condici\u00f3n de denegaci\u00f3n de servicio (DoS) o ejecute c\u00f3digo arbitrario con privilegios de root . La vulnerabilidad se debe a una validaci\u00f3n de entrada incorrecta de ciertos campos de tipo, longitud, valor (TLV) del encabezado de trama LLDP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete LLDP dise\u00f1ado al dispositivo de destino. Una explotaci\u00f3n con \u00e9xito puede conducir a una condici\u00f3n de desbordamiento del b\u00fafer que podr\u00eda causar una condici\u00f3n DoS o permitir al atacante ejecutar c\u00f3digo arbitrario con privilegios de root. Nota: Esta vulnerabilidad no puede ser explotada por el tr\u00e1fico de tr\u00e1nsito a trav\u00e9s del dispositivo; el paquete especialmente dise\u00f1ado debe estar dirigido a una interfaz conectada directamente. Esta vulnerabilidad afecta a los conmutadores Fabric Cisco Nexus serie 9000 en modo ACI si est\u00e1n ejecutando una versi\u00f3n del software del conmutador de modo Cisco Nexus serie 9000 ACI anterior a 13.2 (7f) o cualquier versi\u00f3n 14.x."
}
],
"id": "CVE-2019-1901",
"lastModified": "2024-11-21T04:37:39.023",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-31T18:15:11.050",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190731-nxos-bo"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190731-nxos-bo"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) condition due to the BGP session being down. The vulnerability is due to incorrect parsing of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause the BGP peer connections to reset, which could lead to BGP route instability and impact traffic. The incoming BGP MVPN update message is valid but is parsed incorrectly by the NX-OS device, which could send a corrupted BGP update to the configured BGP peer. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA35D4AA-24B3-428E-84ED-804EF941E9A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) condition due to the BGP session being down. The vulnerability is due to incorrect parsing of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause the BGP peer connections to reset, which could lead to BGP route instability and impact traffic. The incoming BGP MVPN update message is valid but is parsed incorrectly by the NX-OS device, which could send a corrupted BGP update to the configured BGP peer. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de Border Gateway Protocol (BGP) Multicast VPN (MVPN) de Cisco NX-OS Software, podr\u00eda permitir a un atacante remoto no autenticado causar que una sesi\u00f3n de BGP se reinicie repetidamente, conllevando a una condici\u00f3n de denegaci\u00f3n de servicio (DoS) parcial debido a la sesi\u00f3n de BGP est\u00e1 inactiva. La vulnerabilidad es debido al an\u00e1lisis incorrecto de un tipo espec\u00edfico de mensaje de actualizaci\u00f3n de BGP MVPN. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de este mensaje de actualizaci\u00f3n de BGP MVPN hacia un dispositivo objetivo. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que las conexiones entre peers de BGP se restablezcan, lo que podr\u00eda conllevar a una inestabilidad en la ruta de BGP e impactar el tr\u00e1fico. El mensaje de actualizaci\u00f3n de BGP MVPN entrante es v\u00e1lido pero es analizado incorrectamente por el dispositivo NX-OS, lo que podr\u00eda enviar una actualizaci\u00f3n de BGP corrupta hacia el peer BGP configurado. Nota: La implementaci\u00f3n de Cisco de BGP acepta tr\u00e1fico BGP entrante solo de peers configurados expl\u00edcitamente. Para explotar esta vulnerabilidad, un atacante debe enviar un mensaje de actualizaci\u00f3n de BGP MVPN espec\u00edfico por medio de una conexi\u00f3n TCP establecida que parece provenir de un peer BGP confiable. Para hacerlo, el atacante debe obtener informaci\u00f3n sobre los peers BGP en la red confiable del sistema afectado"
}
],
"id": "CVE-2020-3398",
"lastModified": "2024-11-21T05:30:57.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-27T16:15:12.253",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:31
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDB194AF-51E8-4379-B416-34049BF03754",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
"matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA35D4AA-24B3-428E-84ED-804EF941E9A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B25B92ED-37C0-4653-9C5E-B4C13C46464C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2374E02D-46FE-477F-A74D-49E72149E6EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C44335D8-8A78-486C-A325-9691FA4C3271",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1000_virtual_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF29010C-8712-4464-A233-14CF024AA6DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E705638-8D0A-40D6-9A51-4FDB6C03F71E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00B4CC8B-AA85-43E5-962A-0F0E003D95FF",
"versionEndExcluding": "4.0\\(4i\\)",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC04D48B-8B2F-45E1-A445-A87E92E790B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de administraci\u00f3n local (local-mgmt) de Cisco UCS Manager Software, podr\u00eda permitir a un atacante local autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a un manejo inapropiado de los par\u00e1metros de comando de la CLI. Un atacante podr\u00eda explotar esta vulnerabilidad mediante la ejecuci\u00f3n de comandos espec\u00edficos en la CLI local-mgmt en un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que los procesos internos del sistema presenten un fallo para finalizar apropiadamente, lo que podr\u00eda resultar en una acumulaci\u00f3n de procesos atascados y conllevar a una lentitud en el acceso a la CLI de UCS Manager y la Interfaz de Usuario web. Un ataque sostenido puede resultar en un reinicio de los procesos internos de UCS Manager y una p\u00e9rdida temporal de acceso a la CLI de UCS Manager y la Interfaz de Usuario web"
}
],
"id": "CVE-2020-3504",
"lastModified": "2024-11-21T05:31:12.453",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-27T16:15:12.487",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-664"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-03 10:59
Modified
2024-11-21 02:30
Severity ?
Summary
The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=39583 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1032775 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=39583 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032775 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 7.2\(0\)zz\(99.3\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nx-os | 7.2\(0\)zz\(99.1\) | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3524 | - | |
| cisco | nexus_3548 | - | |
| cisco | nx-os | 6.2\(11b\) | |
| cisco | mds_9100 | - | |
| cisco | mds_9140 | * | |
| cisco | mds_9500 | - | |
| cisco | mds_9700 | - | |
| cisco | nx-os | 9.1\(1\)sv1\(3.1.8\) | |
| cisco | nexus_1000v | - | |
| cisco | nx-os | 7.2\(0\)zz\(99.1\) | |
| cisco | nexus_5548p | - | |
| cisco | nexus_5548up | - | |
| cisco | nexus_5596t | - | |
| cisco | nexus_5596up | - | |
| cisco | nexus_56128p | - | |
| cisco | nexus_5624q | - | |
| cisco | nexus_5648q | - | |
| cisco | nexus_5672up | - | |
| cisco | nexus_5696q | - | |
| cisco | nx-os | 6.2\(12\) | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | 4.1\(2\)e1\(1\) | |
| cisco | nexus_4001i | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)zz\\(99.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DDE99C10-B3DF-4BF1-B3D5-01CA37F16132",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)zz\\(99.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6E2E6964-B258-42D4-8181-BB4765B58AE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(11b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CF349FDA-DFEC-45AA-A236-F0C8D0B3AD83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9140:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A90F0A06-A634-4BD0-A477-90BD3384B7D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2374E02D-46FE-477F-A74D-49E72149E6EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C44335D8-8A78-486C-A325-9691FA4C3271",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.1\\(1\\)sv1\\(3.1.8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0B0A63C-1CB7-4A99-9AC0-9748E6261252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E705638-8D0A-40D6-9A51-4FDB6C03F71E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)zz\\(99.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6E2E6964-B258-42D4-8181-BB4765B58AE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "57892CBB-8C95-4E56-90F8-B77BBBDC03FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7AC41532-1F38-4540-8398-7DD66D92D041",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_4001i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB68FC53-5CD6-445F-9BB5-1F3724D92A4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436."
},
{
"lang": "es",
"value": "El analizador sint\u00e1ctico CLI en Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), y 9.1(1)SV1(3.1.8) en los dispositivos Nexus permite a usuarios locales ejecutar comandos del sistema operativo arbitrarios a trav\u00e9s de caracteres manipulados en un nombre de fichero, tambi\u00e9n conocido como Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, y CSCuv08436."
}
],
"id": "CVE-2015-4237",
"lastModified": "2024-11-21T02:30:41.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-03T10:59:03.060",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39583"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032775"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
},
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-18 23:29
Modified
2024-11-21 03:38
Severity ?
Summary
A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause the device to run low on system memory, which could result in a Denial of Service (DoS) condition on an affected system. The vulnerability is due to improper memory management when DHCPv6 packets are received on an interface of the targeted device. An attacker could exploit this vulnerability by sending a high number of malicious DHCPv6 packets to be processed by an affected device. A successful exploit could allow the attacker to cause the system to run low on memory, which could cause an eventual reboot of an affected device. The vulnerability only applies to IPv6 protocol packets and not for IPv4 protocol packets. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI Mode running software version 13.0(1k). The vulnerability can only be exploited when unicast routing is enabled on the Bridge Domain (BD). DHCP and DHCP relay do not have to be configured for the vulnerability to be exploited. Cisco Bug IDs: CSCvg38918.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041348 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041348 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 13.0\(1k\) | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nexus_n9k-c9508-fm-r | - | |
| cisco | nexus_n9k-x9636c-r | - | |
| cisco | nexus_n9k-x9636q-r | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.0\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B774106E-DC00-4F79-A5F9-390483A9FBEE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause the device to run low on system memory, which could result in a Denial of Service (DoS) condition on an affected system. The vulnerability is due to improper memory management when DHCPv6 packets are received on an interface of the targeted device. An attacker could exploit this vulnerability by sending a high number of malicious DHCPv6 packets to be processed by an affected device. A successful exploit could allow the attacker to cause the system to run low on memory, which could cause an eventual reboot of an affected device. The vulnerability only applies to IPv6 protocol packets and not for IPv4 protocol packets. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI Mode running software version 13.0(1k). The vulnerability can only be exploited when unicast routing is enabled on the Bridge Domain (BD). DHCP and DHCP relay do not have to be configured for the vulnerability to be exploited. Cisco Bug IDs: CSCvg38918."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la caracter\u00edstica DHCPv6 de Cisco Nexus 9000 Series Fabric Switches en modo Application-Centric Infrastructure (ACI) podr\u00eda permitir que un atacante remoto no autenticado provoque que el dispositivo se ejecute en poca memoria del sistema, lo que podr\u00eda resultar en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un sistema afectado. La vulnerabilidad se debe a una gesti\u00f3n incorrecta de memoria cuando se reciben paquetes DHCPv6 en una interfaz del dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un gran n\u00famero de paquetes DHCPv6 maliciosos para que sean procesados por un dispositivo afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante provoque que el sistema se ejecute con poca memoria, lo que podr\u00eda provocar el reinicio de un dispositivo afectado. La vulnerabilidad solo aplica a los paquetes del protocolo IPv6, no a los del protocolo IPv4. Esta vulnerabilidad afecta a Cisco Nexus 9000 Series Fabric Switches en modo ACI que ejecutan la versi\u00f3n 13.0(1k) del software. La vulnerabilidad solo puede ser explotada cuando se habilita el enrutamiento unicast en el BD (Bridge Domain). Los relays DHCP y DHCP no necesitan estar configurados para explotar la vulnerabilidad. Cisco Bug IDs: CSCvg38918."
}
],
"id": "CVE-2018-0372",
"lastModified": "2024-11-21T03:38:05.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-18T23:29:00.727",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041348"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-08-19 18:59
Modified
2024-11-21 02:30
Severity ?
Summary
The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 5.1.3 | |
| cisco | nx-os | 5.3.0 | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "331D99AC-6464-43C8-BBB7-2C04CCF4733A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940BAF6A-B62F-4C63-9756-6882678EA0E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842."
},
{
"lang": "es",
"value": "Vulnerabilidad en la implementaci\u00f3n de la configuraci\u00f3n global en los dispositivos Cisco ASR 9000 con versiones de software 5.1.3 y 5.3.0, causa un cierre de las sesiones vty despu\u00e9s de una operaci\u00f3n commit/end, lo cual permite a usuarios locales causar una denegaci\u00f3n de servicio (creaci\u00f3n de archivo tmp/*config, consumo de memoria y ca\u00edda del dispositivo) a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCut93842."
}
],
"id": "CVE-2015-4277",
"lastModified": "2024-11-21T02:30:45.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-08-19T18:59:00.123",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39939"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1033259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033259"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-26 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. The vulnerability occurs because the BGP MD5 authentication is bypassed if the peer does not have MD5 authentication configured, the NX-OS device does have BGP MD5 authentication configured, and the NX-OS BGP virtual routing and forwarding (VRF) name is configured to be greater than 19 characters. An attacker could exploit this vulnerability by attempting to establish a BGP session with the NX-OS peer. A successful exploit could allow the attacker to establish a BGP session with the NX-OS device without MD5 authentication. The Cisco implementation of the BGP protocol accepts incoming BGP traffic only from explicitly configured peers. To exploit this vulnerability, an attacker must send the malicious packets over a TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the affected system’s trusted network.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD96C7AE-EECC-43F4-9132-1E7F8047C701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1D43B9D6-0991-4370-9369-C0A1EDBF6627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5FB6ADC7-97AC-4DD8-8F1B-448A63D8BE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A589031-946F-4016-AFC9-92FB033420D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. The vulnerability occurs because the BGP MD5 authentication is bypassed if the peer does not have MD5 authentication configured, the NX-OS device does have BGP MD5 authentication configured, and the NX-OS BGP virtual routing and forwarding (VRF) name is configured to be greater than 19 characters. An attacker could exploit this vulnerability by attempting to establish a BGP session with the NX-OS peer. A successful exploit could allow the attacker to establish a BGP session with the NX-OS device without MD5 authentication. The Cisco implementation of the BGP protocol accepts incoming BGP traffic only from explicitly configured peers. To exploit this vulnerability, an attacker must send the malicious packets over a TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the affected system\u0026rsquo;s trusted network."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de la autenticaci\u00f3n de Message Digest 5 (MD5) de Border Gateway Protocol (BG5) en Cisco NX-OS Software, podr\u00eda permitir a un atacante remoto no autenticado omitir la autenticaci\u00f3n MD5 y establecer una conexi\u00f3n BGP con el dispositivo. La vulnerabilidad ocurre porque la autenticaci\u00f3n BGP MD5 es omitida si el peer no tiene la autenticaci\u00f3n MD5 configurada, el dispositivo NX-OS presenta la autenticaci\u00f3n BGP MD5 configurada y el nombre de NX-OS BGP virtual routing and forwarding (VRF) est\u00e1 configurado para ser mayor de 19 caracteres Un atacante podr\u00eda explotar esta vulnerabilidad al intentar establecer una sesi\u00f3n BGP con el peer NX-OS. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante establecer una sesi\u00f3n BGP con el dispositivo NX-OS sin autenticaci\u00f3n MD5. La implementaci\u00f3n de Cisco del protocolo BGP acepta el tr\u00e1fico BGP entrante solo de peers configurados expl\u00edcitamente. Para explotar esta vulnerabilidad, un atacante debe enviar los paquetes maliciosos por medio de una conexi\u00f3n TCP que parece provenir desde un peer BGP de confianza. Para hacerlo, el atacante debe obtener informaci\u00f3n sobre los peers BGP en la red confiable system\u2019s afectada."
}
],
"id": "CVE-2020-3165",
"lastModified": "2024-11-21T05:30:27.747",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-26T17:15:12.673",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-bgpmd5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-bgpmd5"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-26 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. A successful exploit could allow the attacker to populate the ARP table with incorrect entries, which could lead to traffic disruptions.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AB556839-151C-492E-B4C3-C024276D5AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2636B1F1-8C40-44A4-B96B-C84EC244685E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A589031-946F-4016-AFC9-92FB033420D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. A successful exploit could allow the attacker to populate the ARP table with incorrect entries, which could lead to traffic disruptions."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad anycast gateway de Cisco NX-OS Software, podr\u00eda permitir a un atacante adyacente no autenticado causar que un dispositivo aprenda entradas Address Resolution Protocol (ARP) no v\u00e1lidas. Las entradas ARP son para direcciones IP no locales para la subred. La vulnerabilidad es debido a una comprobaci\u00f3n inapropiada de una petici\u00f3n ARP gratuita (GARP) recibida. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete GARP malicioso sobre la subred local para causar que la tabla ARP en el dispositivo se corrompa. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante poblar la tabla ARP con entradas incorrectas, lo que podr\u00eda conllevar a interrupciones del tr\u00e1fico."
}
],
"id": "CVE-2020-3174",
"lastModified": "2024-11-21T05:30:28.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-26T17:15:13.563",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-arp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-arp"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE7BCA11-7B09-43A3-A589-59D48402F564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8ABD8597-BDD8-4280-9743-63561B11A26A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C83E090-7C99-465A-A477-C2949B137720",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.8\\(3.5\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B17D00-490A-42CE-9DBB-EF8D30264546",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B0500999-E48F-4FE1-9B92-C1E179651CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "83B2E7F6-9641-4B55-8B7D-6B0E020DD4A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC6D08-C547-44A3-AC77-A63DB58E4889",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D4C48-4D01-4761-B2D8-F16E90F78560",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B10C9143-9E1F-4DA3-924B-68D48B4F2D37",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_2148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5BBD7E-7638-4725-B01E-37B0056521EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2224tp_ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6A29A1-C498-4F98-81B6-F920AB038507",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232pp_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A0F8DD-8150-45EB-8C0E-636C11C258A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232tm-e_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8DC1FE-89A4-4E8D-917C-A888F2475FDC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232tm_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8717918-2908-470C-BD41-6B466AF539F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248pq_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "572DBF51-E334-444B-B548-2539740E1D0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248tp-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8D3949-D212-4212-A651-07A631964448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248tp_ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2291E9C8-3816-49E6-843E-292686F5B6CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE7BCA11-7B09-43A3-A589-59D48402F564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8ABD8597-BDD8-4280-9743-63561B11A26A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE03EB05-946B-4DCA-82F9-1A3C05AA069A",
"versionEndExcluding": "3.2\\(b\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0246716-64E9-4CCA-9546-A3A40D375E95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5581E60-8144-4630-9545-8DC0B7AD44A1",
"versionEndExcluding": "1.1.4.179",
"versionStartIncluding": "1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA77B46-C30C-4427-9401-6500B6221ACE",
"versionEndExcluding": "2.0.1.153",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0AC7D7-0569-497E-B38E-2758410A750D",
"versionEndExcluding": "2.1.1.86",
"versionStartIncluding": "2.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5712D110-FF7D-4A6A-A592-0245709BC6B3",
"versionEndExcluding": "2.2.1.70",
"versionStartIncluding": "2.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C9BF568-45B6-4087-8DB3-B806159AE075",
"versionEndExcluding": "2.2.2.17",
"versionStartIncluding": "2.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5581E60-8144-4630-9545-8DC0B7AD44A1",
"versionEndExcluding": "1.1.4.179",
"versionStartIncluding": "1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA77B46-C30C-4427-9401-6500B6221ACE",
"versionEndExcluding": "2.0.1.153",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0AC7D7-0569-497E-B38E-2758410A750D",
"versionEndExcluding": "2.1.1.86",
"versionStartIncluding": "2.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5712D110-FF7D-4A6A-A592-0245709BC6B3",
"versionEndExcluding": "2.2.1.70",
"versionStartIncluding": "2.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C9BF568-45B6-4087-8DB3-B806159AE075",
"versionEndExcluding": "2.2.2.17",
"versionStartIncluding": "2.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0574E77C-18C6-4621-B73A-DCDD6D1B5E37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el componente Cisco Fabric Services del software FXOS y Cisco NX-OS podr\u00eda permitir que un atacante remoto no autenticado cree una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad existe debido a que el software afectado no valida suficientemente los paquetes Cisco Fabric Services cuando el software procesa datos del paquete. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un paquete Cisco Fabric Services maliciosamente manipulado a un dispositivo afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante provoque un desbordamiento de b\u00fafer en el dispositivo que podr\u00eda provocar cierres inesperados de procesos y resultar en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches en modo NX-OS independiente, los m\u00f3dulos Line Cards y Fabric de Nexus 9500 R-Series, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557."
}
],
"id": "CVE-2018-0311",
"lastModified": "2024-11-21T03:37:57.213",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-21T11:29:00.663",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-25 19:15
Modified
2024-11-21 06:43
Severity ?
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation of specific values that are within a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, which would cause the affected device to reload, resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:mds_9506_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48D97F08-E133-4ED1-AB36-CB850BB5BDC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:mds_9513_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91D15185-34C9-4E87-8D9D-3C014FE93707",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:mds_9706_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C3B2930-25A0-4B85-8F1D-71A12497109B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:mds_9710_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "564401F2-4F8B-44D4-BECB-DC675D37AABE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:mds_9718_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA2216AC-89A0-4928-95A5-905DCB3A4CD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_1000v_firmware:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B1E1F705-9245-4D59-A0E5-BC1D142B619E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "9A5FFC5B-6F90-4E8F-9AE2-B4DA4C7A144B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3016_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59C91269-1657-4181-9B95-BDF85BFFFCD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3016q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45BEF0CC-1944-43DD-8781-64DF63664412",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3048_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF530AE3-F80B-40EC-9259-4771EEAD431D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3064_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77E6A0BD-102F-40C6-BD9A-1986D6F58212",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3064-32t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDB2DB1-43FD-4A3E-B193-56537FCFFDF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3064-t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7A2723-6526-430C-BD39-9E32B1F37DBB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3064-x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "312E9E2F-A981-4E6B-A06A-CB92514412D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3064t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81213C5C-B1B4-4C6E-9792-99241C7C5034",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F4E8EE4-031D-47D3-A12E-EE5F792172EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3064x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB895948-43AC-4406-B047-158135786440",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35A21858-D261-4662-83D9-3D4E982E009A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3100-v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C86065-AAE1-4DF6-8147-E77FEF42E9EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3100-z_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E62F1F-A7AD-4C42-8E6F-A7FA13E89DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D14D4B4E-120E-4607-A4F1-447C7BF3052E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3100v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A368E506-10CB-4856-8D91-E6C5FD5E29A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15702ACB-29F3-412D-8805-E107E0729E35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_31108pc-v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D71782-16F9-41C9-BC10-BC514FD26129",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_31108pv-v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59CA1EFB-BE3D-4428-B8AF-24C19348DF7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B34855-D8D2-4114-80D2-A4D159C62458",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_31108tc-v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E769CD-8F81-40AE-A071-84FAF92AF5C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_31128pq_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB914738-4557-4EC3-8A18-810862877C72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132c-z_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7A4072-9F8B-4374-9F8A-B660220765FA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "092FC6ED-9F53-41FF-9E0F-997D84B6DE3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132q-v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A288C8F3-AD77-46CC-BAD2-D8FC186D6CC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132q-x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCCF14F6-D286-419C-8C7C-7058C4A7B9C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132q-x\\/3132q-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "555D7772-B0BE-47F9-849E-16D777E66DBB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132q-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C735F2C0-DC4D-45DE-8BA9-439BAE5CFD67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3164q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7187F85E-FEBE-4D55-AC48-E92F05734169",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEA0B58-FE79-4A33-B812-51CDE327A235",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172pq_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9439556B-B1CE-4B6E-8DD3-958BA0ABEA43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172pq-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8030D5E-1BF4-485C-AFB7-B8DB48E0B91A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172pq\\/pq-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F6DCCDB-436F-4406-9EC0-AE9A8DC9CF38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172tq_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FB3414-3C5F-4827-B4F2-CF30EC31E0C9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172tq-32t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45B4711C-322E-4B7B-8810-04BA8249B8BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172tq-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE63209-E1F9-4933-8729-E350ADE42793",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA9CF53-57DB-49EA-9A51-782D1D73D37F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32A532C0-B0E3-484A-B356-88970E7D0248",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3232c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0C6AB3-480D-46F6-BE72-0B0010EC34CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3232c__firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC111A6B-0910-4DC7-8270-A00CE508F1A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3264c-e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9329DC07-0B6F-467C-AAA0-527D97E956B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3264q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C944B9-9492-45AA-9A4E-9CD6C996AF4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3400_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9467B09-285D-453A-808C-0993160F7356",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43913A0E-50D5-47DD-94D8-DD3391633619",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3408-s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC2930-4A1A-4916-912F-953440AA009A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_34180yc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2125C9A-7524-408C-B92E-91162FD4D72F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_34200yc-sm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87F885B6-7049-4152-B74C-6444137B4662",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3432d-s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B24EC0B3-E3FC-4908-AC7E-2E3DE073DC06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3464c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9FFFDC6-BE3D-4E2D-B6F2-FD191DE4F9B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3524_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "502C8ADB-7EF2-4AC5-ACF0-AEA1ADA7A6BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3524-x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7ED5FBF-F5DF-4788-8683-E328D86E8733",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3524-x\\/xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23AE531C-FA97-4480-A29D-FBDA6C131031",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3524-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "186CB256-39AE-4D5A-B3FB-891A17785176",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3548_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B0DAE9A-F2D3-49C3-8488-A3A03C1CEB57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3548-x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "029F0A5A-43E4-4F3A-98A3-81E924CBE700",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3548-x\\/xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B024FA69-6816-4AE2-B440-00BE32813545",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3548-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD53F341-AE7D-4E45-9746-DAC32FE9F570",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_36180yc-r_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F849DEA-05C9-4562-AF6D-620AB5808718",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3636c-r_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36E7A07D-DB48-414B-8615-9A76EB357A99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5548p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3A80F37-C04C-43A5-AC12-E15BAB8545F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5548up_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "725A7AC7-8B75-47BC-8D99-701250E0ABE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5596t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E8B8C6-29B2-402E-A722-1E95C01E14AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5596up_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A39FB96C-94E1-4686-82A7-E0A6D88A5A08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6D031A5-1191-447F-8739-B86C2DA1C0C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "870F4379-68F6-4B34-B99B-107DFE0DBD63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_56128p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E154FCCB-A379-4384-8B72-7D373BFEEFE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5624q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2326C6-C523-4BE2-B577-D64091AB92CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5648q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "060E7CD9-E906-437A-87B6-3AE0551E1DCB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5672up_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFAC471F-41AF-43A7-8661-DFA140DEC066",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5672up-16g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF92DBB-1618-4C8F-8DDE-594A39C007CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5696q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA530485-D6C8-4D5A-87A2-547DA8E74722",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_6000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "946780A2-0E50-4E39-BCBB-C6D853670244",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A58223F-3B15-420B-A6D4-841451CF0380",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_6001_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E00C558-9656-451C-A179-17B1762666C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_6001p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "471630B8-F703-4D50-9919-310A1CE062A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_6001t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93D57620-24E6-464A-8EFA-1E0758698E9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_6004_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A738F9-41CD-4A6A-8975-4C434FBCF55D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_6004x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "039B626B-5120-4592-84C3-CF094A661635",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6004x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F182AD1-6E51-456A-A8F7-8F3B92DBE4D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD95BE95-244C-4CCE-90B7-5CB44B88D1D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_supervisor_1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F20D2F7-19CD-4F7E-ACCA-DB4BBF8A9ED2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_supervisor_2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "438A401D-A22B-45F7-B5A7-696DD40BF1E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_supervisor_2e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E1EF3FB-F7C2-46AB-BFA9-B2AD7AF05150",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7004_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "722715EA-FE17-4CDA-9ABB-DD53015E0DCA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36145717-6348-466D-87B4-B1A19F17BA55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7009_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E88279AE-8C3D-47B3-A1CC-4B3265F28997",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7009:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4831C5F4-AF09-4951-B7AC-9DAF1C7045B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25FC52B8-44F8-464B-A502-41242DE8EEC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BBDCF9-562C-44BA-B709-F91346F6F99F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7018_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "378B32F9-974B-40C3-8F89-6FB9DA73D3A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7018:-:*:*:*:*:*:*:*",
"matchCriteriaId": "276BD181-125C-48EC-984C-29BAE20C21F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7700_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2F075D-5073-4C45-B7DE-06D97B6E8C0B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7700_supervisor_2e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2676CBA2-54D6-4939-B9CF-7A7A29436925",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7700_supervisor_3e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89CA3171-77E1-420C-8C03-814600BA41EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7702_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AC66BB4-40F0-4C7E-8147-63AF441023F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596B885-5312-489B-BBDB-A5374E525DE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7706_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60DDBBA7-B278-46DE-B6C3-5E7E3A5517FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42EC10DA-FE01-4BA3-B49F-B164F697D4BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7710_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D45FA0-A8AA-4C50-A215-E65B3DDEDA0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1655CC-9BD5-4BD5-B113-776E4335D556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7718_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06AF62DC-37B5-49CC-ADAE-4348357BB0D7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA6F9ED-50A1-4D61-BC83-438585646856",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CE431C-3C51-4AC9-8B40-8BF6F2EFBDE2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9000v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A719D3FD-19A6-4A1C-B915-D5E902176D4E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "290D9158-425B-479D-BAEE-90BCA8100FA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "532CE4B0-A3C9-4613-AAAF-727817D06FB4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_92160yc-x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "839495E7-BE14-420C-87E7-7D76AC5B7E0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9221c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80AEFE5C-3AFF-4D55-B707-27F3EF838D4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB9FDE8-8533-4F65-BF32-4066D042B2F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_92300yc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88AEE992-AB83-45FD-8FD6-F5B54BEA1743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_92304qc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D1DEB33-42FE-496F-9141-D59D3EDE34C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_92348gc-x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB3CCD1-EA00-490C-A530-D9E006CF432C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9236c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "782B50FA-AA05-46B6-8D53-7FDCD155A6C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9272q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "232AF611-9C43-471D-AF20-29D7CAC58B45",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B963958-6529-439A-9E2C-85E48D7134C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93108tc-ex_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A72454E-9962-46B1-A627-768D286E5E02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93108tc-ex-24_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26634D87-906D-46B7-B0C3-F022BE9391E1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93108tc-fx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14A54BF7-F77C-48A9-B1E8-8DA907A6A414",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93108tc-fx-24_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19C35D2A-5F7F-463E-84EB-337BCD0BC0C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93108tc-fx3p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "790F2D92-3BA4-48AB-B36C-90D2759926E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93120tx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0F72D8-7DC7-4D67-A67D-E25F5ADFC619",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93128_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A66237F-B283-4E87-86D2-23B100601954",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93128tx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D895676C-9DF9-4583-8292-A9531FBB5FC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9316d-gx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD00C69-57B1-4A28-B956-2088904A2403",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180lc-ex_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F838539C-292F-4906-9965-4B1ED3B40B91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180tc-ex_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A820E7C-7562-4046-8FDE-42678A00C1A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DB6FC5-762A-4F16-AE8C-69330EFCF640",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180yc-ex_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDCD23BF-8FF6-4CE7-AC49-2349DFF6E7F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180yc-ex-24_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22E83C34-42D1-49E6-9792-4D7E97417CCA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180yc-fx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00D49D49-653A-418D-9D9D-F264F10BDC36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180yc-fx-24_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4CEB67A-684A-4E38-9101-3BEA6249FFED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180yc-fx3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAAD9E8-EC29-47F8-AE0C-86F701BFF64D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180yc-fx3s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F379A314-72EB-462A-BEBF-57DC6689A558",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93216tc-fx2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "216DA114-11E1-46C7-9211-2E171B979804",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93240yc-fx2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6DA1CE4-69EA-4B8E-A386-C668D485B65F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9332c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "002E1E29-AB68-4E5E-ACD5-B78D7D0A00D7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9332pq_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CB453B-FDC3-4342-ABEF-9D6A61E531AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93360yc-fx2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21499B21-5A9B-4B78-9514-27E875762DBB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9336c-fx2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B701355-8844-4E94-B03E-1C6E66907335",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9336c-fx2-e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA33865-A0F7-4D41-B5B4-3F763B64D424",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9336pq_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B387062F-0985-4AB8-A878-D9C84EAB7C3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9348gc-fxp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5486749C-C909-4262-A571-C012C3162BB8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93600cd-gx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3B3728-6163-4BCE-AAF8-A748ABA21BB3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9364c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4B08F5-0936-4971-9F63-AC2C34865EBC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9364c-gx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D871E7B4-01EC-404A-B288-2D1A76D87AAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9372px_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8202EFA2-A476-4D52-8380-7EB198765B61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9372px-e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "848ADE0D-EECA-4D66-86C6-62CB6C04777C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9372tx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45BE3F53-E4CA-44E4-88CD-B85A4D382A24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9372tx-e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0C3F0B-85DB-43B0-9409-167206EA7A34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9396px_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62EA73A0-064D-40E9-AE36-65BBF2F3B04B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9396tx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D005D375-ADC8-43C3-9200-35C1D7E2E508",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9500_supervisor_a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8124470-21A4-4E6F-82B9-AA5A84A8DFFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9500_supervisor_a\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE1E9E9-864B-4C73-A2DE-14781706384D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9500_supervisor_b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDA9DC0-57D1-4809-84A5-03F6AA40DF6A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9500_supervisor_b\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30D21355-FFF6-42F4-B7F9-0A7CC81E0240",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9500r_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F742F199-6C15-4A92-99F4-BCCABA1992BB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B04484DA-AA59-4833-916E-6A8C96D34F0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9504_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "627C0AB6-BCF4-473B-B373-CD4B52F08CE3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9508_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5986821B-B90F-4F4E-B8A8-51BD789DDF5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9516_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00A589A2-3162-4938-8BFA-A86463F3E664",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation of specific values that are within a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, which would cause the affected device to reload, resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad Cisco Discovery Protocol del software Cisco FXOS y el software Cisco NX-OS podr\u00eda permitir a un atacante adyacente no autenticado ejecutar c\u00f3digo arbitrario con privilegios de root o causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a una comprobaci\u00f3n de entrada inapropiada de valores espec\u00edficos que son encontrados dentro de un mensaje de Cisco Discovery Protocol. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete malicioso de Cisco Discovery Protocol a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario con privilegios de root o hacer al proceso de Cisco Discovery Protocol bloquearse y reiniciarse varias veces, lo que har\u00eda que el dispositivo afectado sea recargado, resultando en una condici\u00f3n de DoS. Nota: Cisco Discovery Protocol es un protocolo de capa 2. Para aprovechar esta vulnerabilidad, un atacante debe estar en el mismo dominio de difusi\u00f3n que el dispositivo afectado (capa 2 adyacente)."
}
],
"id": "CVE-2022-20824",
"lastModified": "2024-11-21T06:43:37.750",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T19:15:08.217",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220923-0001/"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cdp-dos-ce-wWvPucC9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220923-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cdp-dos-ce-wWvPucC9"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-03 15:29
Modified
2024-11-21 04:36
Severity ?
8.1 (High) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an affected device. The vulnerability is due to insufficient TLS client certificate validations for certificates sent between the various components of an ACI fabric. An attacker who has possession of a certificate that is trusted by the Cisco Manufacturing CA and the corresponding private key could exploit this vulnerability by presenting a valid certificate while attempting to connect to the targeted device. An exploit could allow the attacker to gain full control of all other components within the ACI fabric of an affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 8.3\(0\)sk\(0.39\) | |
| cisco | nx-os | 14.1\(0.90\) | |
| cisco | nexus_9000 | - | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92300yc | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93108tc-fx | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180lc-ex | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93180yc-fx | - | |
| cisco | nexus_93240yc-fx2 | - | |
| cisco | nexus_9332c | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336c-fx2 | - | |
| cisco | nexus_9336pq | - | |
| cisco | nexus_9348gc-fxp | - | |
| cisco | nexus_9364c | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9508 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3\\(0\\)sk\\(0.39\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39E9A017-225B-4FCB-A5AA-8CEA1435A1AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(0.90\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3CCA9D39-6270-4EEC-B3C0-D33877C503A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an affected device. The vulnerability is due to insufficient TLS client certificate validations for certificates sent between the various components of an ACI fabric. An attacker who has possession of a certificate that is trusted by the Cisco Manufacturing CA and the corresponding private key could exploit this vulnerability by presenting a valid certificate while attempting to connect to the targeted device. An exploit could allow the attacker to gain full control of all other components within the ACI fabric of an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de validaci\u00f3n de certificados de Transport Layer Security (TLS) del software Nexus 9000 Series Switch de Cisco en modo Application Centric Infrastructure (ACI), podr\u00eda permitir a un atacante remoto no autenticado realizar una autenticaci\u00f3n no segura del cliente TLS en un dispositivo afectado. La vulnerabilidad es debido a que son insuficientes las validaciones de certificados del cliente TLS para los certificados enviados entre los distintos componentes de un ACI fabric. Un atacante que posea un certificado en el que conf\u00ede Cisco Manufacturing CA y la clave privada correspondiente podr\u00eda explotar esta vulnerabilidad presentando un certificado v\u00e1lido mientras intenta conectarse al dispositivo de destino. Un exploit podr\u00eda permitirle al atacante conseguir el control total de todos los dem\u00e1s componentes dentro del tejido ACI de un dispositivo afectado."
}
],
"id": "CVE-2019-1590",
"lastModified": "2024-11-21T04:36:52.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-03T15:29:00.587",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-insecure-fabric"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-insecure-fabric"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-06 10:59
Modified
2024-11-21 02:46
Severity ?
Summary
Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securityfocus.com/bid/93417 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1036950 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93417 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036950 | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB47B822-A7B9-476C-9E4B-3CE4DFFFC773",
"versionEndExcluding": "6.0\\(2\\)u6\\(7\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "833C6207-758F-400C-B7D5-785EA9ABFB16",
"versionEndExcluding": "7.0\\(3\\)i4\\(1\\)",
"versionStartIncluding": "6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C2141E-5E85-48FF-A943-3738E1BCB66B",
"versionEndExcluding": "7.1\\(4\\)n1\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF84E65C-9C89-4B70-B0A1-1E2D321669B8",
"versionEndExcluding": "7.2\\(2\\)n1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7805FDE-707F-4962-8425-4ADF1BEE18A1",
"versionEndExcluding": "7.3\\(0\\)n1\\(1\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05F23216-2704-48DE-90AD-3D779C1773F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0113ED40-1D88-4F73-AB6B-FA33A4A6F80A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5811A16-161B-4C17-AC71-93CF53A7B2E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "355F2487-B51E-49A6-88B1-DF0BA826B896",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "736C78B5-EE17-432A-9EAE-02543A12C174",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87396D43-398D-4262-B195-9AF90A8E3BF9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2113D681-B5CA-4C89-B072-67778753E885",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3341B59-C9DC-4152-AF41-5CFFE54D877B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE3E3B1-6269-40CF-9C79-87BB2756C25E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E574BDD-0A58-42A5-9046-DF48C2502B3E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E9D6862-7F78-47D2-B273-8EE4EAE216F5",
"versionEndExcluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA46BF2A-EBD2-4209-9BA0-10E91731546B",
"versionEndExcluding": "7.2\\(2\\)d1\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "711D9952-EEDA-443A-9950-DDE17532C8AE",
"versionEndExcluding": "7.3\\(1\\)d1\\(1\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B22B3865-30E9-4B5A-A37D-DC33F1150FFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "459A7F11-52BF-4AD6-B495-4C4D6C050493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEACA55F-4335-4478-B608-EB92EE1D6C6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ABB175-81BE-4C46-BD2D-70016508BE22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71F93299-A715-4E97-87FE-B1E248EA98BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3AD807-5A0F-4DF5-9A7A-748205F409E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07CE8677-C7A8-4C14-A375-B345A3A1F75B",
"versionEndExcluding": "5.2\\(1\\)sv3\\(1.15\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v_for_vmware_vsphere:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFEFE545-DDDC-491C-8F47-DEC79C735873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "833C6207-758F-400C-B7D5-785EA9ABFB16",
"versionEndExcluding": "7.0\\(3\\)i4\\(1\\)",
"versionStartIncluding": "6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB693F6F-3D70-43C1-88F8-B38F22522288",
"versionEndExcluding": "11.1\\(1j\\)",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31BCBC21-1B0A-46D4-AF49-D90DB842147E",
"versionEndExcluding": "6.0\\(2\\)a8\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417."
},
{
"lang": "es",
"value": "Cisco NX-OS 4.0 hasta la versi\u00f3n 7.3 y 11.0 hasta la versi\u00f3n 11.2 en dispositivos 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700 y 9000 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga de dispositivo) aprovechando una relaci\u00f3n entre iguales para enviar un mensaje BGP UPDATE manipulado, vulnerabilidad tambi\u00e9n conocida como Bug IDs CSCuq77105 y CSCux11417."
}
],
"id": "CVE-2016-1454",
"lastModified": "2024-11-21T02:46:28.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-06T10:59:03.913",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93417"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036950"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-24 20:15
Modified
2024-11-21 05:44
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because the software improperly releases resources when it processes certain IPv6 packets that are destined to an affected device. An attacker could exploit this vulnerability by sending multiple crafted IPv6 packets to an affected device. A successful exploit could cause the network stack to run out of available buffers, impairing operations of control plane and management plane protocols and resulting in a DoS condition. Manual intervention would be required to restore normal operations on the affected device. For more information about the impact of this vulnerability, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_computing_system | * | |
| cisco | unified_computing_system | * | |
| cisco | ucs_64108 | - | |
| cisco | ucs_6454 | - | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1a\) | |
| cisco | nx-os | 7.0\(5\)n1\(1\) | |
| cisco | nx-os | 7.0\(5\)n1\(1a\) | |
| cisco | nx-os | 7.0\(6\)n1\(1\) | |
| cisco | nx-os | 7.0\(6\)n1\(2s\) | |
| cisco | nx-os | 7.0\(6\)n1\(3s\) | |
| cisco | nx-os | 7.0\(6\)n1\(4s\) | |
| cisco | nx-os | 7.0\(7\)n1\(1\) | |
| cisco | nx-os | 7.0\(7\)n1\(1a\) | |
| cisco | nx-os | 7.0\(7\)n1\(1b\) | |
| cisco | nx-os | 7.0\(8\)n1\(1\) | |
| cisco | nx-os | 7.0\(8\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1\) | |
| cisco | nx-os | 7.1\(0\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1b\) | |
| cisco | nx-os | 7.1\(1\)n1\(1\) | |
| cisco | nx-os | 7.1\(1\)n1\(1a\) | |
| cisco | nx-os | 7.1\(2\)n1\(1\) | |
| cisco | nx-os | 7.1\(2\)n1\(1a\) | |
| cisco | nx-os | 7.1\(3\)n1\(1\) | |
| cisco | nx-os | 7.1\(3\)n1\(2\) | |
| cisco | nx-os | 7.1\(3\)n1\(2a\) | |
| cisco | nx-os | 7.1\(3\)n1\(3\) | |
| cisco | nx-os | 7.1\(3\)n1\(4\) | |
| cisco | nx-os | 7.1\(3\)n1\(5\) | |
| cisco | nx-os | 7.1\(4\)n1\(1\) | |
| cisco | nx-os | 7.1\(4\)n1\(1a\) | |
| cisco | nx-os | 7.1\(4\)n1\(1c\) | |
| cisco | nx-os | 7.1\(4\)n1\(1d\) | |
| cisco | nx-os | 7.1\(5\)n1\(1\) | |
| cisco | nx-os | 7.1\(5\)n1\(1b\) | |
| cisco | nx-os | 7.2\(0\)n1\(1\) | |
| cisco | nx-os | 7.2\(1\)n1\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1a\) | |
| cisco | nx-os | 7.3\(0\)n1\(1b\) | |
| cisco | nx-os | 7.3\(1\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)n1\(1b\) | |
| cisco | nx-os | 7.3\(2\)n1\(1c\) | |
| cisco | nx-os | 7.3\(3\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1a\) | |
| cisco | nx-os | 7.3\(5\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1a\) | |
| cisco | nx-os | 7.3\(7\)n1\(1\) | |
| cisco | nx-os | 7.3\(7\)n1\(1a\) | |
| cisco | nx-os | 7.3\(7\)n1\(1b\) | |
| cisco | nexus_5548p | - | |
| cisco | nexus_5548up | - | |
| cisco | nexus_5596t | - | |
| cisco | nexus_5596up | - | |
| cisco | nexus_56128p | - | |
| cisco | nexus_5624q | - | |
| cisco | nexus_5648q | - | |
| cisco | nexus_5672up | - | |
| cisco | nexus_5672up-16g | - | |
| cisco | nexus_5696q | - | |
| cisco | nx-os | 6.0\(2\)a3\(1\) | |
| cisco | nx-os | 6.0\(2\)a3\(2\) | |
| cisco | nx-os | 6.0\(2\)a3\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(1\) | |
| cisco | nx-os | 6.0\(2\)a4\(2\) | |
| cisco | nx-os | 6.0\(2\)a4\(3\) | |
| cisco | nx-os | 6.0\(2\)a4\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(5\) | |
| cisco | nx-os | 6.0\(2\)a4\(6\) | |
| cisco | nx-os | 6.0\(2\)a6\(1\) | |
| cisco | nx-os | 6.0\(2\)a6\(1a\) | |
| cisco | nx-os | 6.0\(2\)a6\(2\) | |
| cisco | nx-os | 6.0\(2\)a6\(2a\) | |
| cisco | nx-os | 6.0\(2\)a6\(3\) | |
| cisco | nx-os | 6.0\(2\)a6\(3a\) | |
| cisco | nx-os | 6.0\(2\)a6\(4\) | |
| cisco | nx-os | 6.0\(2\)a6\(4a\) | |
| cisco | nx-os | 6.0\(2\)a6\(5\) | |
| cisco | nx-os | 6.0\(2\)a6\(5a\) | |
| cisco | nx-os | 6.0\(2\)a6\(5b\) | |
| cisco | nx-os | 6.0\(2\)a6\(6\) | |
| cisco | nx-os | 6.0\(2\)a6\(7\) | |
| cisco | nx-os | 6.0\(2\)a6\(8\) | |
| cisco | nx-os | 6.0\(2\)a7\(1\) | |
| cisco | nx-os | 6.0\(2\)a7\(1a\) | |
| cisco | nx-os | 6.0\(2\)a7\(2\) | |
| cisco | nx-os | 6.0\(2\)a7\(2a\) | |
| cisco | nx-os | 6.0\(2\)a8\(1\) | |
| cisco | nx-os | 6.0\(2\)a8\(2\) | |
| cisco | nx-os | 6.0\(2\)a8\(3\) | |
| cisco | nx-os | 6.0\(2\)a8\(4\) | |
| cisco | nx-os | 6.0\(2\)a8\(4a\) | |
| cisco | nx-os | 6.0\(2\)a8\(5\) | |
| cisco | nx-os | 6.0\(2\)a8\(6\) | |
| cisco | nx-os | 6.0\(2\)a8\(7\) | |
| cisco | nx-os | 6.0\(2\)a8\(7a\) | |
| cisco | nx-os | 6.0\(2\)a8\(7b\) | |
| cisco | nx-os | 6.0\(2\)a8\(8\) | |
| cisco | nx-os | 6.0\(2\)a8\(9\) | |
| cisco | nx-os | 6.0\(2\)a8\(10\) | |
| cisco | nx-os | 6.0\(2\)a8\(10a\) | |
| cisco | nx-os | 6.0\(2\)a8\(11\) | |
| cisco | nx-os | 6.0\(2\)a8\(11a\) | |
| cisco | nx-os | 6.0\(2\)a8\(11b\) | |
| cisco | nx-os | 6.0\(2\)u2\(1\) | |
| cisco | nx-os | 6.0\(2\)u2\(2\) | |
| cisco | nx-os | 6.0\(2\)u2\(3\) | |
| cisco | nx-os | 6.0\(2\)u2\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(5\) | |
| cisco | nx-os | 6.0\(2\)u2\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(1\) | |
| cisco | nx-os | 6.0\(2\)u3\(2\) | |
| cisco | nx-os | 6.0\(2\)u3\(3\) | |
| cisco | nx-os | 6.0\(2\)u3\(4\) | |
| cisco | nx-os | 6.0\(2\)u3\(5\) | |
| cisco | nx-os | 6.0\(2\)u3\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(7\) | |
| cisco | nx-os | 6.0\(2\)u3\(8\) | |
| cisco | nx-os | 6.0\(2\)u3\(9\) | |
| cisco | nx-os | 6.0\(2\)u4\(1\) | |
| cisco | nx-os | 6.0\(2\)u4\(2\) | |
| cisco | nx-os | 6.0\(2\)u4\(3\) | |
| cisco | nx-os | 6.0\(2\)u4\(4\) | |
| cisco | nx-os | 6.0\(2\)u5\(1\) | |
| cisco | nx-os | 6.0\(2\)u5\(2\) | |
| cisco | nx-os | 6.0\(2\)u5\(3\) | |
| cisco | nx-os | 6.0\(2\)u5\(4\) | |
| cisco | nx-os | 6.0\(2\)u6\(1\) | |
| cisco | nx-os | 6.0\(2\)u6\(1a\) | |
| cisco | nx-os | 6.0\(2\)u6\(2\) | |
| cisco | nx-os | 6.0\(2\)u6\(2a\) | |
| cisco | nx-os | 6.0\(2\)u6\(3\) | |
| cisco | nx-os | 6.0\(2\)u6\(3a\) | |
| cisco | nx-os | 6.0\(2\)u6\(4\) | |
| cisco | nx-os | 6.0\(2\)u6\(4a\) | |
| cisco | nx-os | 6.0\(2\)u6\(5\) | |
| cisco | nx-os | 6.0\(2\)u6\(5a\) | |
| cisco | nx-os | 6.0\(2\)u6\(5b\) | |
| cisco | nx-os | 6.0\(2\)u6\(5c\) | |
| cisco | nx-os | 6.0\(2\)u6\(6\) | |
| cisco | nx-os | 6.0\(2\)u6\(7\) | |
| cisco | nx-os | 6.0\(2\)u6\(8\) | |
| cisco | nx-os | 6.0\(2\)u6\(9\) | |
| cisco | nx-os | 6.0\(2\)u6\(10\) | |
| cisco | nx-os | 6.0\(2\)u6\(10a\) | |
| cisco | nx-os | 7.0\(3\)f3\(1\) | |
| cisco | nx-os | 7.0\(3\)f3\(2\) | |
| cisco | nx-os | 7.0\(3\)f3\(3\) | |
| cisco | nx-os | 7.0\(3\)f3\(3a\) | |
| cisco | nx-os | 7.0\(3\)f3\(3c\) | |
| cisco | nx-os | 7.0\(3\)f3\(4\) | |
| cisco | nx-os | 7.0\(3\)f3\(5\) | |
| cisco | nx-os | 7.0\(3\)i2\(1\) | |
| cisco | nx-os | 7.0\(3\)i2\(1a\) | |
| cisco | nx-os | 7.0\(3\)i2\(2\) | |
| cisco | nx-os | 7.0\(3\)i2\(2a\) | |
| cisco | nx-os | 7.0\(3\)i2\(2b\) | |
| cisco | nx-os | 7.0\(3\)i2\(2c\) | |
| cisco | nx-os | 7.0\(3\)i2\(2d\) | |
| cisco | nx-os | 7.0\(3\)i2\(2e\) | |
| cisco | nx-os | 7.0\(3\)i2\(2r\) | |
| cisco | nx-os | 7.0\(3\)i2\(2s\) | |
| cisco | nx-os | 7.0\(3\)i2\(2v\) | |
| cisco | nx-os | 7.0\(3\)i2\(2w\) | |
| cisco | nx-os | 7.0\(3\)i2\(2x\) | |
| cisco | nx-os | 7.0\(3\)i2\(2y\) | |
| cisco | nx-os | 7.0\(3\)i2\(3\) | |
| cisco | nx-os | 7.0\(3\)i2\(4\) | |
| cisco | nx-os | 7.0\(3\)i2\(5\) | |
| cisco | nx-os | 7.0\(3\)i3\(1\) | |
| cisco | nx-os | 7.0\(3\)i4\(1\) | |
| cisco | nx-os | 7.0\(3\)i4\(1t\) | |
| cisco | nx-os | 7.0\(3\)i4\(2\) | |
| cisco | nx-os | 7.0\(3\)i4\(3\) | |
| cisco | nx-os | 7.0\(3\)i4\(4\) | |
| cisco | nx-os | 7.0\(3\)i4\(5\) | |
| cisco | nx-os | 7.0\(3\)i4\(6\) | |
| cisco | nx-os | 7.0\(3\)i4\(6t\) | |
| cisco | nx-os | 7.0\(3\)i4\(7\) | |
| cisco | nx-os | 7.0\(3\)i4\(8\) | |
| cisco | nx-os | 7.0\(3\)i4\(8a\) | |
| cisco | nx-os | 7.0\(3\)i4\(8b\) | |
| cisco | nx-os | 7.0\(3\)i4\(8z\) | |
| cisco | nx-os | 7.0\(3\)i4\(9\) | |
| cisco | nx-os | 7.0\(3\)i5\(1\) | |
| cisco | nx-os | 7.0\(3\)i5\(2\) | |
| cisco | nx-os | 7.0\(3\)i5\(3\) | |
| cisco | nx-os | 7.0\(3\)i5\(3a\) | |
| cisco | nx-os | 7.0\(3\)i5\(3b\) | |
| cisco | nx-os | 7.0\(3\)i6\(1\) | |
| cisco | nx-os | 7.0\(3\)i6\(2\) | |
| cisco | nx-os | 7.0\(3\)i7\(1\) | |
| cisco | nx-os | 7.0\(3\)i7\(2\) | |
| cisco | nx-os | 7.0\(3\)i7\(3\) | |
| cisco | nx-os | 7.0\(3\)i7\(3z\) | |
| cisco | nx-os | 7.0\(3\)i7\(4\) | |
| cisco | nx-os | 7.0\(3\)i7\(5\) | |
| cisco | nx-os | 7.0\(3\)i7\(5a\) | |
| cisco | nx-os | 7.0\(3\)i7\(6\) | |
| cisco | nx-os | 7.0\(3\)i7\(6z\) | |
| cisco | nx-os | 7.0\(3\)i7\(7\) | |
| cisco | nx-os | 7.0\(3\)i7\(8\) | |
| cisco | nx-os | 7.0\(3\)ic4\(4\) | |
| cisco | nx-os | 7.0\(3\)im7\(2\) | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3016q | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_3064-32t | - | |
| cisco | nexus_3064-t | - | |
| cisco | nexus_3064-x | - | |
| cisco | nexus_3064t | - | |
| cisco | nexus_3064x | - | |
| cisco | nexus_3100-v | - | |
| cisco | nexus_3100-z | - | |
| cisco | nexus_3100v | - | |
| cisco | nexus_31108pc-v | - | |
| cisco | nexus_31108pv-v | - | |
| cisco | nexus_31108tc-v | - | |
| cisco | nexus_31128pq | - | |
| cisco | nexus_3132c-z | - | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3132q-v | - | |
| cisco | nexus_3132q-x | - | |
| cisco | nexus_3132q-xl | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3172pq | - | |
| cisco | nexus_3172pq-xl | - | |
| cisco | nexus_3172tq | - | |
| cisco | nexus_3172tq-32t | - | |
| cisco | nexus_3172tq-xl | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3264c-e | - | |
| cisco | nexus_3264q | - | |
| cisco | nexus_3408-s | - | |
| cisco | nexus_34180yc | - | |
| cisco | nexus_34200yc-sm | - | |
| cisco | nexus_3432d-s | - | |
| cisco | nexus_3464c | - | |
| cisco | nexus_3524 | - | |
| cisco | nexus_3524-x | - | |
| cisco | nexus_3524-xl | - | |
| cisco | nexus_3548 | - | |
| cisco | nexus_3548-x | - | |
| cisco | nexus_3548-xl | - | |
| cisco | nexus_36180yc-r | - | |
| cisco | nexus_3636c-r | - | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1a\) | |
| cisco | nx-os | 7.0\(5\)n1\(1\) | |
| cisco | nx-os | 7.0\(5\)n1\(1a\) | |
| cisco | nx-os | 7.0\(6\)n1\(1\) | |
| cisco | nx-os | 7.0\(6\)n1\(2s\) | |
| cisco | nx-os | 7.0\(6\)n1\(3s\) | |
| cisco | nx-os | 7.0\(6\)n1\(4s\) | |
| cisco | nx-os | 7.0\(7\)n1\(1\) | |
| cisco | nx-os | 7.0\(7\)n1\(1a\) | |
| cisco | nx-os | 7.0\(7\)n1\(1b\) | |
| cisco | nx-os | 7.0\(8\)n1\(1\) | |
| cisco | nx-os | 7.0\(8\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1\) | |
| cisco | nx-os | 7.1\(0\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1b\) | |
| cisco | nx-os | 7.1\(1\)n1\(1\) | |
| cisco | nx-os | 7.1\(1\)n1\(1a\) | |
| cisco | nx-os | 7.1\(2\)n1\(1\) | |
| cisco | nx-os | 7.1\(2\)n1\(1a\) | |
| cisco | nx-os | 7.1\(3\)n1\(1\) | |
| cisco | nx-os | 7.1\(3\)n1\(2\) | |
| cisco | nx-os | 7.1\(3\)n1\(2a\) | |
| cisco | nx-os | 7.1\(3\)n1\(3\) | |
| cisco | nx-os | 7.1\(3\)n1\(4\) | |
| cisco | nx-os | 7.1\(3\)n1\(5\) | |
| cisco | nx-os | 7.1\(4\)n1\(1\) | |
| cisco | nx-os | 7.1\(4\)n1\(1a\) | |
| cisco | nx-os | 7.1\(4\)n1\(1c\) | |
| cisco | nx-os | 7.1\(4\)n1\(1d\) | |
| cisco | nx-os | 7.1\(5\)n1\(1\) | |
| cisco | nx-os | 7.1\(5\)n1\(1b\) | |
| cisco | nx-os | 7.2\(0\)n1\(1\) | |
| cisco | nx-os | 7.2\(1\)n1\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1a\) | |
| cisco | nx-os | 7.3\(0\)n1\(1b\) | |
| cisco | nx-os | 7.3\(1\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)n1\(1b\) | |
| cisco | nx-os | 7.3\(2\)n1\(1c\) | |
| cisco | nx-os | 7.3\(3\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1a\) | |
| cisco | nx-os | 7.3\(5\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1a\) | |
| cisco | nx-os | 7.3\(7\)n1\(1\) | |
| cisco | nx-os | 7.3\(7\)n1\(1a\) | |
| cisco | nx-os | 7.3\(7\)n1\(1b\) | |
| cisco | nexus_6001 | - | |
| cisco | nexus_6001p | - | |
| cisco | nexus_6001t | - | |
| cisco | nexus_6004 | - | |
| cisco | nexus_6004x | - | |
| cisco | nx-os | 7.2\(0\)d1\(1\) | |
| cisco | nx-os | 7.2\(1\)d1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(2\) | |
| cisco | nx-os | 7.2\(2\)d1\(3\) | |
| cisco | nx-os | 7.2\(2\)d1\(4\) | |
| cisco | nx-os | 7.3\(0\)d1\(1\) | |
| cisco | nx-os | 7.3\(0\)dx\(1\) | |
| cisco | nx-os | 7.3\(1\)d1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1d\) | |
| cisco | nx-os | 7.3\(2\)d1\(2\) | |
| cisco | nx-os | 7.3\(2\)d1\(3\) | |
| cisco | nx-os | 7.3\(2\)d1\(3a\) | |
| cisco | nx-os | 7.3\(3\)d1\(1\) | |
| cisco | nx-os | 7.3\(4\)d1\(1\) | |
| cisco | nx-os | 7.3\(5\)d1\(1\) | |
| cisco | nx-os | 7.3\(6\)d1\(1\) | |
| cisco | nx-os | 8.0\(1\) | |
| cisco | nx-os | 8.1\(1\) | |
| cisco | nx-os | 8.1\(2\) | |
| cisco | nx-os | 8.1\(2a\) | |
| cisco | nx-os | 8.2\(1\) | |
| cisco | nx-os | 8.2\(2\) | |
| cisco | nx-os | 8.2\(3\) | |
| cisco | nx-os | 8.2\(4\) | |
| cisco | nx-os | 8.2\(5\) | |
| cisco | nx-os | 8.3\(1\) | |
| cisco | nx-os | 8.3\(2\) | |
| cisco | nx-os | 8.4\(1\) | |
| cisco | nx-os | 8.4\(2\) | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7004 | - | |
| cisco | nexus_7009 | - | |
| cisco | nexus_7010 | - | |
| cisco | nexus_7018 | - | |
| cisco | nexus_7700 | - | |
| cisco | nexus_7702 | - | |
| cisco | nexus_7706 | - | |
| cisco | nexus_7710 | - | |
| cisco | nexus_7718 | - | |
| cisco | nx-os | 7.0\(3\)f1\(1\) | |
| cisco | nx-os | 7.0\(3\)f2\(1\) | |
| cisco | nx-os | 7.0\(3\)f2\(2\) | |
| cisco | nx-os | 7.0\(3\)f3\(1\) | |
| cisco | nx-os | 7.0\(3\)f3\(3\) | |
| cisco | nx-os | 7.0\(3\)f3\(3a\) | |
| cisco | nx-os | 7.0\(3\)f3\(3c\) | |
| cisco | nx-os | 7.0\(3\)f3\(4\) | |
| cisco | nx-os | 7.0\(3\)f3\(5\) | |
| cisco | nx-os | 7.0\(3\)i2\(1\) | |
| cisco | nx-os | 7.0\(3\)i2\(1a\) | |
| cisco | nx-os | 7.0\(3\)i2\(2\) | |
| cisco | nx-os | 7.0\(3\)i2\(2a\) | |
| cisco | nx-os | 7.0\(3\)i2\(2b\) | |
| cisco | nx-os | 7.0\(3\)i2\(2c\) | |
| cisco | nx-os | 7.0\(3\)i2\(2d\) | |
| cisco | nx-os | 7.0\(3\)i2\(2e\) | |
| cisco | nx-os | 7.0\(3\)i2\(2r\) | |
| cisco | nx-os | 7.0\(3\)i2\(2s\) | |
| cisco | nx-os | 7.0\(3\)i2\(2v\) | |
| cisco | nx-os | 7.0\(3\)i2\(2w\) | |
| cisco | nx-os | 7.0\(3\)i2\(2x\) | |
| cisco | nx-os | 7.0\(3\)i2\(2y\) | |
| cisco | nx-os | 7.0\(3\)i2\(3\) | |
| cisco | nx-os | 7.0\(3\)i2\(4\) | |
| cisco | nx-os | 7.0\(3\)i2\(5\) | |
| cisco | nx-os | 7.0\(3\)i3\(1\) | |
| cisco | nx-os | 7.0\(3\)i4\(1\) | |
| cisco | nx-os | 7.0\(3\)i4\(1t\) | |
| cisco | nx-os | 7.0\(3\)i4\(2\) | |
| cisco | nx-os | 7.0\(3\)i4\(3\) | |
| cisco | nx-os | 7.0\(3\)i4\(4\) | |
| cisco | nx-os | 7.0\(3\)i4\(5\) | |
| cisco | nx-os | 7.0\(3\)i4\(6\) | |
| cisco | nx-os | 7.0\(3\)i4\(6t\) | |
| cisco | nx-os | 7.0\(3\)i4\(7\) | |
| cisco | nx-os | 7.0\(3\)i4\(8\) | |
| cisco | nx-os | 7.0\(3\)i4\(8a\) | |
| cisco | nx-os | 7.0\(3\)i4\(8b\) | |
| cisco | nx-os | 7.0\(3\)i4\(8z\) | |
| cisco | nx-os | 7.0\(3\)i4\(9\) | |
| cisco | nx-os | 7.0\(3\)i5\(1\) | |
| cisco | nx-os | 7.0\(3\)i5\(2\) | |
| cisco | nx-os | 7.0\(3\)i5\(3\) | |
| cisco | nx-os | 7.0\(3\)i5\(3a\) | |
| cisco | nx-os | 7.0\(3\)i5\(3b\) | |
| cisco | nx-os | 7.0\(3\)i6\(1\) | |
| cisco | nx-os | 7.0\(3\)i6\(2\) | |
| cisco | nx-os | 7.0\(3\)i7\(1\) | |
| cisco | nx-os | 7.0\(3\)i7\(2\) | |
| cisco | nx-os | 7.0\(3\)i7\(3\) | |
| cisco | nx-os | 7.0\(3\)i7\(3z\) | |
| cisco | nx-os | 7.0\(3\)i7\(4\) | |
| cisco | nx-os | 7.0\(3\)i7\(5\) | |
| cisco | nx-os | 7.0\(3\)i7\(5a\) | |
| cisco | nx-os | 7.0\(3\)i7\(6\) | |
| cisco | nx-os | 7.0\(3\)i7\(7\) | |
| cisco | nx-os | 7.0\(3\)i7\(8\) | |
| cisco | nx-os | 7.0\(3\)ia7\(1\) | |
| cisco | nx-os | 7.0\(3\)ia7\(2\) | |
| cisco | nx-os | 7.0\(3\)ic4\(4\) | |
| cisco | nx-os | 7.0\(3\)im3\(1\) | |
| cisco | nx-os | 7.0\(3\)im3\(2\) | |
| cisco | nx-os | 7.0\(3\)im3\(2a\) | |
| cisco | nx-os | 7.0\(3\)im3\(2b\) | |
| cisco | nx-os | 7.0\(3\)im3\(3\) | |
| cisco | nexus_9000v | - | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92160yc_switch | - | |
| cisco | nexus_9221c | - | |
| cisco | nexus_92300yc | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_92348gc-x | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93108tc-ex-24 | - | |
| cisco | nexus_93108tc-fx | - | |
| cisco | nexus_93108tc-fx-24 | - | |
| cisco | nexus_93108tc-fx3p | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128 | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9316d-gx | - | |
| cisco | nexus_93180lc-ex | - | |
| cisco | nexus_93180tc-ex | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93180yc-ex-24 | - | |
| cisco | nexus_93180yc-fx | - | |
| cisco | nexus_93180yc-fx-24 | - | |
| cisco | nexus_93180yc-fx3 | - | |
| cisco | nexus_93180yc-fx3s | - | |
| cisco | nexus_93216tc-fx2 | - | |
| cisco | nexus_93240yc-fx2 | - | |
| cisco | nexus_9332c | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_93360yc-fx2 | - | |
| cisco | nexus_9336c-fx2 | - | |
| cisco | nexus_9336c-fx2-e | - | |
| cisco | nexus_9336pq | - | |
| cisco | nexus_9348gc-fxp | - | |
| cisco | nexus_93600cd-gx | - | |
| cisco | nexus_9364c | - | |
| cisco | nexus_9364c-gx | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9500r | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_computing_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CC34964-74FD-4C42-9C0C-4B7DD0C7D439",
"versionEndExcluding": "4.0\\(4k\\)",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_computing_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA70855-5DC0-4240-895B-D3A77F964C63",
"versionEndExcluding": "4.1\\(1e\\)",
"versionStartIncluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC04D48B-8B2F-45E1-A445-A87E92E790B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD613D8F-099C-43A1-BD29-A98250E1334A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "576B74DF-9527-4931-B1A3-8FEE1DB1AD99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63949081-E2F3-4EB4-BABC-270AAB19EE78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58292522-F486-410D-AD99-DFD6EC0AA9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A462729A-720F-4180-96DD-713A70CEF494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BEB59A4B-3FCA-47F9-A4DB-D2B8ABAFB54D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A07ACF87-C694-41DB-B4BD-23CE72E32EED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C83C312B-0B0E-4A02-A9EE-F864EFBE60CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(2s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "832DE1DB-0D1C-4C24-8E2D-D182205C94B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(3s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BD36EDD5-4408-4BD0-A75A-AFFD5BF44D38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(4s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0FBFB9B-703D-42F8-93BA-969AB7284106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E47E0A4D-4033-43A8-9A50-E1A2BD7B419C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4C95519E-7536-4EF7-8222-D4089500F826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "71F56568-57E6-4C1C-AC8A-D96E097E449E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F631EAC6-1D33-485E-9E00-8572FA015C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "25CEAE9E-DD9B-41E2-BC39-3332F428B489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DE199525-4C2D-48C2-A76C-BD14BF2851F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E3644F66-F964-4D50-A6E0-EE8784490BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "72AD166D-7CBF-4A4D-A376-907DDA1BB504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A20D72B-E2C6-47B6-A54D-FA435F29D7F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6C801D4A-E604-49CA-8D14-13622E85C563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "77D9EEFA-D652-45D2-8AF5-8A72825E7ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EC78BEB7-47D1-4544-BC40-AB5D73B93D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AEB91EC-E548-4C53-920F-C4871BC464B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0282F963-2C1F-44F7-A0D0-4929685051AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A1F519D0-64BC-4862-8894-4F6C248253C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94A247A8-E918-4757-9ADE-251B027CD307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "195CD630-4949-4B52-B9FF-94F3DEFB47AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "225E5070-B635-4752-B771-0E721C96C2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9103A92E-C9F3-401B-AE30-66466210ADED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9E5CD729-234E-43C0-A6A3-A3E0983A6605",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A30E576-56F8-4EBA-AADE-C70655DE6E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74415A0A-A3F4-43BB-B609-B6641771D655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B5ED7424-EB12-4C21-97C8-082156716C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "16359104-2DB6-41D6-97A8-8CA1C3AB5688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E485E99D-F421-487D-86E7-A2D119623D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94AA886F-7BD1-4699-B1D3-E495EFCA2812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "569B3CE7-CA06-4636-8043-7ED7635195A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "41A683FE-68AF-43E4-B846-2E82ACDD5E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C8B149C-D842-496A-BE21-41920F95139C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8D72F0B8-D229-4995-A053-62FA6591DCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D8025943-EA09-47E6-9109-7DAF078F8F26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1A727000-44CC-461C-A7D6-0B9A99CB974A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "105B6601-D756-4B76-9554-5B6E027A5E8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0EE35B51-2D13-4A8B-BFF5-0596DBDCD261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69FE85C9-A0AC-4FD4-A6EE-F0868B69503B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9B1340D1-8EE8-484F-979A-AB9E34D35EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AF1257BF-D534-4899-937F-DCBD033A7D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "86E5CF27-5661-41DF-B339-740718760AC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6AE0D110-D8D7-4D50-A599-618A5120EDD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9ACD2D0D-7A38-4FCD-9E24-5588BACF8DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "586E9024-C983-4CFF-9A3F-A39256E09910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B2B7951C-8376-49C3-BF50-E6B65909A739",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AF658ED7-F77C-405B-B06A-74B46FBDAD98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4F0FDDF2-912C-4900-B0B7-20AF5D2F1B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7295EC54-FA19-4658-8510-3C072804D9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B31E39D5-147B-4965-ACB6-34F1244143F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3D672928-6AE8-488B-A2A5-257074BAB2D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C928C35-4E24-4DBE-ADEA-D449B88ECB6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E64D8992-CA79-4ADF-BF3B-A76E944EC740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "11A35378-54EB-422F-B0DD-211B214803D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1E46D326-665C-4DB7-89A0-0F1B987D4A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "73B9FE4E-0C82-4511-9A4A-DCBFEB93DE87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BB8F0200-7BCA-49E9-98E0-D825630D77FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "61FCA143-FDAB-472D-B9E1-F7CB4041BBE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "61F736DD-44FE-4A20-AF89-4B29725608A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8844860D-427F-4B01-980A-59B082F26034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CCA96B43-0793-4784-A971-DD442EBFF6BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B13305C9-008F-488A-ADC7-0724AFB313DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "50DFAF49-0688-4A5A-9023-E2543164D89C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46376F5C-2CF0-46F1-ADCF-870065A24D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5EB6C0E3-9B92-4768-93BB-8B8626EB164A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F4EA572E-5F4F-45F1-B7A1-346F723C2BDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6EA3CBB-EAF7-4837-96AF-0258220C4A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5E6FB730-84CD-496D-9140-BC9375548D14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BD712B88-298A-4488-A053-67CB45190F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4ED5F397-D3E6-4A4A-BF38-6B295A6AB9BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "11D98EBD-9D82-492E-A3A6-62D95404D5C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "56D91C38-76AB-47F5-BDDE-E940D87C34F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF78015A-5C28-4FD2-915E-EC343201A9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31308B18-062C-4DB8-9241-F15661C06398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED17D340-9C18-4B1E-BA15-CAE2ADAAD38E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "310856A9-CA62-4C1A-A4C9-B6EECC36F496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3D295366-662E-4C8E-9758-3DB801E0ABA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F09360A9-3FB1-465F-977E-643942D01FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6A97A6BE-A27A-4D53-AB63-2A2631F20EAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3F034BF4-31E6-46FB-B082-EA22FFE51AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "063BB311-EC8D-43E5-9B9D-56C96121EB9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "003AAC03-306E-4D12-B4C7-7ECA4ED88884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DAA33-3841-4C14-A137-93E1810CC866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ACD5B480-2780-48EB-B361-4EF4833D97E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B0500999-E48F-4FE1-9B92-C1E179651CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "629488D4-D8A4-4152-A4D3-E951F199C6DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2D8F0A63-8229-46E8-94A6-CDBB1E8F91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FAD3C773-0B71-4FF2-9DCD-2875CFDE3308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B07F6A0D-82C3-4C2C-9715-3D07083E6F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "03901678-2CCB-4ED5-AF04-D8469BF12804",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "618861BD-8FEE-4EF8-BFFB-A5BCBA8EA3EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6459DD6B-6DC1-4C14-A8E7-4503ED5F69BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA600413-FC70-4776-99DF-180C96D4FD24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ECC9066F-3082-48A0-BA52-9ED9420EA47A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "78611E25-E33E-4C88-A681-97B5A2A01B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "780B04ED-412E-441F-8717-D8F9257F5699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FC6A3647-2AF0-4D45-BCC9-24618B43ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AD2AABBD-8680-4615-A4E2-B607CB1B0979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "693F444B-FA34-489C-BB45-E9185DE47816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "13669043-3F12-4439-812F-6DE35F70B159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58A8BDE0-2F73-4E0C-B73A-918DB3352067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5CC4DC15-3045-4CE3-A7B5-4E6ED35BF51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "625BE6B1-12A7-4A8A-A816-E82C026E0457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4EAC2920-462B-44F0-8E93-7875C2F74592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35957A41-D8F2-4BC1-986B-C3E271327D64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "10BFAE68-01C5-4EF8-8B86-F470092E9034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6D02FC11-EB21-45CD-A070-89C4862240BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8C67AE59-380A-402B-9B2A-F595E001637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4301927C-7A6D-4DA9-9470-9182E7FB234A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C71ED401-6786-4AAE-A98F-BE4732256A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E2B5EC76-A4A7-41C0-9F37-5EC85FD1EB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "66BC7FC9-1167-41C5-9B0E-7D68400F3C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6EB46CC-2939-4326-8CB9-504D7C7EF05E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8845147E-D3B1-41B9-BBD2-77B2823F3AD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8F7B2F23-F532-40D2-884E-D86785B33296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1FC4F349-9E1C-4DD8-BC07-6CB67053BCDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D498C133-AA11-49C4-B065-F27CE776D318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "08032AAC-F094-4717-A56F-89289FBD1F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C5ADD4D3-206C-4609-AB2A-F6945D56627B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "07645F73-AC79-4BB8-A98E-1740F7D6EC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9DC56869-4665-49D1-89F2-8ED97727BD94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "147D1A4A-6404-47E3-B1A6-4C001C8DD9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1162691A-6C92-448A-8F1B-2DEFB623F1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "57524BA3-CF08-4F0F-95C9-F1417B4B83E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0E214C2-24CF-43EC-BC27-2E6AA77254DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB0D74A0-C4B2-46EC-A9FF-562A997E3150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "817A45B4-7C79-4D1A-B889-18A937CF8361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "155F3CB7-A85B-4897-A4E2-F485FDF44AD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9D34CAB5-0832-45B1-B13F-49B763AFB74F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C0DB182-F37A-4230-BD6F-461C3195FAF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "065A0E6C-E0BD-4BD1-97EB-723EC4BDFA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5DD2941-AD1E-4C13-8DAA-C5524B96AAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "45A37F82-44B3-426C-A344-9054599BB426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "907A3DEC-27F8-4D0A-9EE4-4681B6D9BADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "53378B5F-4A5B-425D-B8BE-455FAF924551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A8F6C744-6501-4FAD-AF4F-12D3EA8F5BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "076216C6-C115-4C7C-A9E3-46A3986DA2AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A819AE96-3933-4AD2-AF30-36E199393E01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C8C0FF6-E9E5-4191-8C21-E8CB3F6BF7D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D2BA7EF9-FDA1-4A2D-88B2-67042367C90C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A2FBF6CB-DE31-453D-BF47-89D0766D3020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "046E260B-F842-41BA-914B-ACD7B71AB62F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AAF537FC-B681-4F52-9324-9A4AC29651AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6B2E736-F9D2-453A-9998-38800CC875F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3E8CEAC9-1C53-46A6-A18A-2A970D587C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "851E1B4E-40C4-4639-8FC6-C9DEC6FB2744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C24518B-D2D5-471A-BB19-B839792607D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8D93FA53-ADC0-4031-B693-84111E1EEDC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2v\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2B3E4490-6DD8-44BE-A681-105F526AE6E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2w\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E02F54C2-C551-4FC4-A6FF-737CFD465D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2x\\):*:*:*:*:*:*:*",
"matchCriteriaId": "77C98C47-688B-404B-A6CD-96AD5C0FD7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2y\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3D20DDF8-145B-443D-8D92-404F574929F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7E5FED85-FDCD-44BE-9C38-53F6EF6212EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED4C8DC0-0DBF-410E-ABC7-53CD5AD04EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6AA776A7-40B3-4104-8F55-1B905D36653A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DBAC49A1-91FC-4D55-BD74-42C918CCFDC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4142F873-0492-4ACC-88F9-3A243128D0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CAEFC7FE-718E-4544-A86B-3243C2C14EDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A9CD31FC-C2D0-4B29-90D5-7C3CB218DF9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "30A500F4-1899-4F96-98E3-9330146A7963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE52C974-3930-4AC9-907B-8E6B325D6A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FAD07DE9-5C98-4A63-A741-8E69E9F125D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F0DA113F-3706-4FF3-88F9-5D3CD48F8CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5D1D8118-6E39-44B5-ABD7-B7ED3A80766D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6A35B6DA-BF07-4579-8D6A-65CD8E052482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF0B3DB8-8121-4FDC-8A11-42AB619101EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "70830AB5-C86B-4726-A982-6F104910153E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8z\\):*:*:*:*:*:*:*",
"matchCriteriaId": "87EB3AE2-8A92-4B16-8A22-A0F5B55D12E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0904B27-2FA3-4B8D-9706-98B0376B5FC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B1D86994-83EE-4D09-B79A-70CB22C077C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1BEB5BAE-0BB6-4201-9229-47DE631AAF3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "654694A7-394C-4843-9197-91FC00445E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1798EAC2-026C-4757-860F-D7417A2BA881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD83DA54-DF65-4837-90AD-837F75412E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "00953B63-7DBB-4A67-B41D-321C2ECDE79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "83B2E7F6-9641-4B55-8B7D-6B0E020DD4A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C9388C2C-75F4-487F-A7D8-4E17FD39A166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80B54786-DA2A-4E2D-9835-6A7939931928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7688EC58-4647-4A08-9E86-A71EA7C41B88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3z\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6E7DA901-990A-4388-9B72-943E77269B4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5AD2254-158D-4BEE-B36C-242813F4BA37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4480D800-595F-44CB-85ED-7E17A34A5BEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF7AB4C3-54E0-4445-974C-4AE337B7B7DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AD015889-3893-4781-B18D-6125A9B6CE39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6z\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4E355839-76C1-4D48-9892-53EEADD2B629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "89541F84-0C10-4757-8D25-80FC4464EC23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "371AEAF3-39CA-4837-BA5A-D80826933C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ic4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "259F3DCA-D218-4CF1-9CB4-23ECB070719F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im7\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "32EB01A2-9A00-4EFF-80F0-D192C79B1489",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F4E8EE4-031D-47D3-A12E-EE5F792172EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D14D4B4E-120E-4607-A4F1-447C7BF3052E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15702ACB-29F3-412D-8805-E107E0729E35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B34855-D8D2-4114-80D2-A4D159C62458",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD613D8F-099C-43A1-BD29-A98250E1334A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "576B74DF-9527-4931-B1A3-8FEE1DB1AD99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63949081-E2F3-4EB4-BABC-270AAB19EE78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58292522-F486-410D-AD99-DFD6EC0AA9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A462729A-720F-4180-96DD-713A70CEF494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BEB59A4B-3FCA-47F9-A4DB-D2B8ABAFB54D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A07ACF87-C694-41DB-B4BD-23CE72E32EED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C83C312B-0B0E-4A02-A9EE-F864EFBE60CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(2s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "832DE1DB-0D1C-4C24-8E2D-D182205C94B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(3s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BD36EDD5-4408-4BD0-A75A-AFFD5BF44D38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(4s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0FBFB9B-703D-42F8-93BA-969AB7284106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E47E0A4D-4033-43A8-9A50-E1A2BD7B419C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4C95519E-7536-4EF7-8222-D4089500F826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "71F56568-57E6-4C1C-AC8A-D96E097E449E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F631EAC6-1D33-485E-9E00-8572FA015C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "25CEAE9E-DD9B-41E2-BC39-3332F428B489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DE199525-4C2D-48C2-A76C-BD14BF2851F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E3644F66-F964-4D50-A6E0-EE8784490BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "72AD166D-7CBF-4A4D-A376-907DDA1BB504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A20D72B-E2C6-47B6-A54D-FA435F29D7F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6C801D4A-E604-49CA-8D14-13622E85C563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "77D9EEFA-D652-45D2-8AF5-8A72825E7ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EC78BEB7-47D1-4544-BC40-AB5D73B93D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AEB91EC-E548-4C53-920F-C4871BC464B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0282F963-2C1F-44F7-A0D0-4929685051AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A1F519D0-64BC-4862-8894-4F6C248253C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94A247A8-E918-4757-9ADE-251B027CD307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "195CD630-4949-4B52-B9FF-94F3DEFB47AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "225E5070-B635-4752-B771-0E721C96C2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9103A92E-C9F3-401B-AE30-66466210ADED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9E5CD729-234E-43C0-A6A3-A3E0983A6605",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A30E576-56F8-4EBA-AADE-C70655DE6E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74415A0A-A3F4-43BB-B609-B6641771D655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B5ED7424-EB12-4C21-97C8-082156716C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "16359104-2DB6-41D6-97A8-8CA1C3AB5688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E485E99D-F421-487D-86E7-A2D119623D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94AA886F-7BD1-4699-B1D3-E495EFCA2812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "569B3CE7-CA06-4636-8043-7ED7635195A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "41A683FE-68AF-43E4-B846-2E82ACDD5E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C8B149C-D842-496A-BE21-41920F95139C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8D72F0B8-D229-4995-A053-62FA6591DCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D8025943-EA09-47E6-9109-7DAF078F8F26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1A727000-44CC-461C-A7D6-0B9A99CB974A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "105B6601-D756-4B76-9554-5B6E027A5E8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0EE35B51-2D13-4A8B-BFF5-0596DBDCD261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69FE85C9-A0AC-4FD4-A6EE-F0868B69503B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9B1340D1-8EE8-484F-979A-AB9E34D35EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AF1257BF-D534-4899-937F-DCBD033A7D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "86E5CF27-5661-41DF-B339-740718760AC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6AE0D110-D8D7-4D50-A599-618A5120EDD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9ACD2D0D-7A38-4FCD-9E24-5588BACF8DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "586E9024-C983-4CFF-9A3F-A39256E09910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B2B7951C-8376-49C3-BF50-E6B65909A739",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F182AD1-6E51-456A-A8F7-8F3B92DBE4D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6BF973CD-3315-4D86-8F89-05DC97C736AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C18A0045-87F3-4782-81C5-0BF615EA9346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2768DEF1-3DFA-4683-9D8D-C5915D8E7365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3CD05045-E867-4B7E-ACE4-7B6EA69971AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF9B10D1-29C0-4B16-813A-B535C4C64E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "84551391-3A13-42EC-855F-FBB3453F65D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7FD733DD-EC40-48EC-A8A6-AE09657EEFC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)dx\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "18CE33FF-6C81-4B38-8C47-6DEBD4D4223C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A7B0A8C-ED8F-411C-843F-B801CBBBB6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FADC755B-3AB3-43D6-8495-1FABCBD548E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "42D84BD8-D76B-422E-9E46-4A667A981FAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "03607526-7F9E-43F5-94ED-3ED0B4D29DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8890C4B8-2E5C-46D6-80DE-6B5256FA1CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F8A3FFE-D017-43F7-B481-AF25B8B2BE6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "98FC292D-27D3-40CF-98C5-AF47686FC134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C23B353-3500-4FA4-90CE-624A29B1048F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29002523-6405-4198-A5E5-630A4B661767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF0DFA7E-9B40-4E82-9EB9-886C79B2D61C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C83E090-7C99-465A-A477-C2949B137720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AB556839-151C-492E-B4C3-C024276D5AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "298709C4-69BF-48BA-A317-4251B5461A0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0EF15089-A16E-47CC-AB52-78AB85F681BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3FB0B238-4F3A-4569-89B0-ED80533D87C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CF90B861-F48B-45DF-ACB8-F91030106181",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CAB301FC-988F-4FC3-A097-E926E541F098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6CFA19E0-0121-4422-83AF-94039520A0F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "03201B37-841C-432F-8643-352833381373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6B8E31F-6B33-43E0-9585-5736D54FE876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3C828C0E-99E6-4DEF-9EB3-672DEB61F479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2636B1F1-8C40-44A4-B96B-C84EC244685E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "411B58EB-2BCD-47CA-AB5A-538BCEAEF75F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36145717-6348-466D-87B4-B1A19F17BA55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7009:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4831C5F4-AF09-4951-B7AC-9DAF1C7045B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BBDCF9-562C-44BA-B709-F91346F6F99F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7018:-:*:*:*:*:*:*:*",
"matchCriteriaId": "276BD181-125C-48EC-984C-29BAE20C21F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596B885-5312-489B-BBDB-A5374E525DE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42EC10DA-FE01-4BA3-B49F-B164F697D4BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1655CC-9BD5-4BD5-B113-776E4335D556",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA6F9ED-50A1-4D61-BC83-438585646856",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "21F43A5A-52A2-4094-8D36-39450B8F0E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "674D15C8-3946-4C2F-9B62-BC6E5BC67673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "990FA11F-5158-4717-B716-C5D6D2D23D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5DD2941-AD1E-4C13-8DAA-C5524B96AAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "907A3DEC-27F8-4D0A-9EE4-4681B6D9BADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "53378B5F-4A5B-425D-B8BE-455FAF924551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A8F6C744-6501-4FAD-AF4F-12D3EA8F5BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "076216C6-C115-4C7C-A9E3-46A3986DA2AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A819AE96-3933-4AD2-AF30-36E199393E01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C8C0FF6-E9E5-4191-8C21-E8CB3F6BF7D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D2BA7EF9-FDA1-4A2D-88B2-67042367C90C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A2FBF6CB-DE31-453D-BF47-89D0766D3020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "046E260B-F842-41BA-914B-ACD7B71AB62F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AAF537FC-B681-4F52-9324-9A4AC29651AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6B2E736-F9D2-453A-9998-38800CC875F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3E8CEAC9-1C53-46A6-A18A-2A970D587C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "851E1B4E-40C4-4639-8FC6-C9DEC6FB2744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C24518B-D2D5-471A-BB19-B839792607D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8D93FA53-ADC0-4031-B693-84111E1EEDC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2v\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2B3E4490-6DD8-44BE-A681-105F526AE6E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2w\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E02F54C2-C551-4FC4-A6FF-737CFD465D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2x\\):*:*:*:*:*:*:*",
"matchCriteriaId": "77C98C47-688B-404B-A6CD-96AD5C0FD7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2y\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3D20DDF8-145B-443D-8D92-404F574929F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7E5FED85-FDCD-44BE-9C38-53F6EF6212EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED4C8DC0-0DBF-410E-ABC7-53CD5AD04EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6AA776A7-40B3-4104-8F55-1B905D36653A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DBAC49A1-91FC-4D55-BD74-42C918CCFDC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4142F873-0492-4ACC-88F9-3A243128D0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CAEFC7FE-718E-4544-A86B-3243C2C14EDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A9CD31FC-C2D0-4B29-90D5-7C3CB218DF9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "30A500F4-1899-4F96-98E3-9330146A7963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE52C974-3930-4AC9-907B-8E6B325D6A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FAD07DE9-5C98-4A63-A741-8E69E9F125D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F0DA113F-3706-4FF3-88F9-5D3CD48F8CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5D1D8118-6E39-44B5-ABD7-B7ED3A80766D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6A35B6DA-BF07-4579-8D6A-65CD8E052482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF0B3DB8-8121-4FDC-8A11-42AB619101EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "70830AB5-C86B-4726-A982-6F104910153E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8z\\):*:*:*:*:*:*:*",
"matchCriteriaId": "87EB3AE2-8A92-4B16-8A22-A0F5B55D12E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0904B27-2FA3-4B8D-9706-98B0376B5FC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B1D86994-83EE-4D09-B79A-70CB22C077C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1BEB5BAE-0BB6-4201-9229-47DE631AAF3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "654694A7-394C-4843-9197-91FC00445E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1798EAC2-026C-4757-860F-D7417A2BA881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD83DA54-DF65-4837-90AD-837F75412E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "00953B63-7DBB-4A67-B41D-321C2ECDE79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "83B2E7F6-9641-4B55-8B7D-6B0E020DD4A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C9388C2C-75F4-487F-A7D8-4E17FD39A166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80B54786-DA2A-4E2D-9835-6A7939931928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7688EC58-4647-4A08-9E86-A71EA7C41B88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3z\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6E7DA901-990A-4388-9B72-943E77269B4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5AD2254-158D-4BEE-B36C-242813F4BA37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4480D800-595F-44CB-85ED-7E17A34A5BEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF7AB4C3-54E0-4445-974C-4AE337B7B7DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AD015889-3893-4781-B18D-6125A9B6CE39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "89541F84-0C10-4757-8D25-80FC4464EC23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "371AEAF3-39CA-4837-BA5A-D80826933C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ia7\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C474B035-BFDC-4617-9285-D10C970342A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ia7\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D9D9DD45-8C38-4753-9168-0E5BF96146DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ic4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "259F3DCA-D218-4CF1-9CB4-23ECB070719F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C55F18EF-F751-400F-88DD-76ADD2B60BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AE1D0444-6A5E-4252-B761-28FEFAEE8BAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "578691EB-19D3-4B75-9783-B6D4F0FE1CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C89EAEB-1944-4082-B1AF-CEAC39BE762A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD8BA29C-7F6E-492A-8EB1-A2D6391C5120",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB9FDE8-8533-4F65-BF32-4066D042B2F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DB6FC5-762A-4F16-AE8C-69330EFCF640",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B04484DA-AA59-4833-916E-6A8C96D34F0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because the software improperly releases resources when it processes certain IPv6 packets that are destined to an affected device. An attacker could exploit this vulnerability by sending multiple crafted IPv6 packets to an affected device. A successful exploit could cause the network stack to run out of available buffers, impairing operations of control plane and management plane protocols and resulting in a DoS condition. Manual intervention would be required to restore normal operations on the affected device. For more information about the impact of this vulnerability, see the Details section of this advisory."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la pila de red del software Cisco NX-OS podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;Esta vulnerabilidad se presenta porque el software libera recursos inapropiadamente cuando procesa determinados paquetes IPv6 que est\u00e1n destinados a un dispositivo afectado.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de varios paquetes IPv6 dise\u00f1ados a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda hacer que la pila de la red se quede sin b\u00faferes disponibles, lo que afectar\u00eda las operaciones del plano de control y los protocolos del plano de gesti\u00f3n y provocar\u00eda una condici\u00f3n DoS.\u0026#xa0;Se necesitar\u00eda una intervenci\u00f3n manual para restaurar las operaciones normales en el dispositivo afectado.\u0026#xa0;Para obtener m\u00e1s informaci\u00f3n sobre el impacto de esta vulnerabilidad, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1387",
"lastModified": "2024-11-21T05:44:14.203",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-24T20:15:13.567",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipv6-netstack-edXPGV7K"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipv6-netstack-edXPGV7K"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "ykramarz@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-03 15:29
Modified
2024-11-21 04:36
Severity ?
Summary
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information. The vulnerability occurs because the affected software does not properly validate user-supplied input. An attacker could exploit this vulnerability by issuing certain commands with filtered query results on the device. This action may cause returned messages to display confidential system information. A successful exploit could allow the attacker to read sensitive information on the device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 8.3\(0\)sk\(0.39\) | |
| cisco | nexus_9000 | - | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92300yc | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93108tc-fx | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180lc-ex | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93180yc-fx | - | |
| cisco | nexus_93240yc-fx2 | - | |
| cisco | nexus_9332c | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336c-fx2 | - | |
| cisco | nexus_9336pq | - | |
| cisco | nexus_9348gc-fxp | - | |
| cisco | nexus_9364c | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9508 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3\\(0\\)sk\\(0.39\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39E9A017-225B-4FCB-A5AA-8CEA1435A1AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information. The vulnerability occurs because the affected software does not properly validate user-supplied input. An attacker could exploit this vulnerability by issuing certain commands with filtered query results on the device. This action may cause returned messages to display confidential system information. A successful exploit could allow the attacker to read sensitive information on the device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en los Nexus 9000 Series Fabric de Cisco en modo Application Centric Infrastructure (ACI), podr\u00eda permitir que un atacante remoto identificado acceda a informaci\u00f3n confidencial. La vulnerabilidad se produce porque el software afectado no comprueba correctamente la entrada suministrada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad al emitir ciertos comandos con resultados de petici\u00f3n filtrados en el dispositivo. Esta acci\u00f3n puede causar que los mensajes devueltos muestren informaci\u00f3n confidencial del sistema. Una operaci\u00f3n \u00e9xito podr\u00eda permitirle al atacante leer informaci\u00f3n confidencial en el dispositivo."
}
],
"id": "CVE-2019-1587",
"lastModified": "2024-11-21T04:36:51.910",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-03T15:29:00.430",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-filter-query"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-filter-query"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-23 20:15
Modified
2024-11-21 07:40
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This vulnerability is due to incorrect error checking when parsing ingress LLDP packets. An attacker could exploit this vulnerability by sending a steady stream of crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause a memory leak, which could result in a denial of service (DoS) condition when the device unexpectedly reloads. Note: This vulnerability cannot be exploited by transit traffic through the device. The crafted LLDP packet must be targeted to a directly connected interface, and the attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). In addition, the attack surface for this vulnerability can be reduced by disabling LLDP on interfaces where it is not required.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(1g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D4C90C63-E006-4101-A737-429B28A5ABD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0235897B-D881-4C22-AEC5-6B0D8552B47B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "77B4432C-D3C1-45DA-8E2B-1282A98D4D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE2846A6-62B3-4035-968C-AA73FFA1EA67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C6DC1C38-8134-4548-9685-03664699B273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(3e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C46E10DB-6CA8-460F-9C6D-48684BDCCEA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(3f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D027C394-ED7D-4302-92B1-F9A2F60C8568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(3g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3914D468-662E-4F82-910F-67800189462E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(4d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6502FEA6-A959-48F3-84E7-6E2180D23956",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(4e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1336D0EA-F391-411D-B140-040E805DF3DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(4f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "60BC734F-D9DB-42B9-82C4-4A23C2A3C14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(5c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F9F5D422-54B8-47F2-96E6-A820E27658DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(5d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F2BBBEDF-6869-4C99-A1D9-1AF53EFA82E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(5e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CBB9500B-84F9-4B35-95C6-26F57BE8145C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:16.0\\(1g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6B68CD3E-700F-43D2-960C-C53A6EE241B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:16.0\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "743AED05-E2D7-4322-8814-C803F0BD6265",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02C3CE6D-BD54-48B1-A188-8E53DA001424",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D6DB7F-C025-4971-9615-73393ED61078",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D5D5E2-B40B-475D-9EF3-8441016E37E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3284D16F-3275-4F8D-8AE4-D413DE19C4FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This vulnerability is due to incorrect error checking when parsing ingress LLDP packets. An attacker could exploit this vulnerability by sending a steady stream of crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause a memory leak, which could result in a denial of service (DoS) condition when the device unexpectedly reloads. Note: This vulnerability cannot be exploited by transit traffic through the device. The crafted LLDP packet must be targeted to a directly connected interface, and the attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). In addition, the attack surface for this vulnerability can be reduced by disabling LLDP on interfaces where it is not required."
}
],
"id": "CVE-2023-20089",
"lastModified": "2024-11-21T07:40:31.967",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-23T20:15:13.557",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-789"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-26 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D19586BF-E7B0-4805-82C9-301648FC237F",
"versionEndExcluding": "2.6.1.187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A19CF844-DCAA-46DD-95FC-1BC200E7DE91",
"versionEndExcluding": "2.7.1.106",
"versionStartIncluding": "2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE704FC9-DFEF-48DD-A0D5-919FAF856C6F",
"versionEndExcluding": "3.2\\(3n\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C79BC0D-B86C-452B-B6CA-F93E938B707F",
"versionEndExcluding": "4.0\\(4g\\)",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "054D8EB2-97A3-4725-9DFF-27A4D231D90A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA35D4AA-24B3-428E-84ED-804EF941E9A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.2\\):*:*:*:*:hyper-v:*:*",
"matchCriteriaId": "8CA8CB21-FCD6-43B6-A1F5-904A08351887",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.2\\):*:*:*:*:vsphere:*:*",
"matchCriteriaId": "B8D38023-2A8F-4A26-AC91-9F76A248872D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E705638-8D0A-40D6-9A51-4FDB6C03F71E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "882D7344-E38B-4F44-8CDE-1CCA827F28BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA35D4AA-24B3-428E-84ED-804EF941E9A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AF1257BF-D534-4899-937F-DCBD033A7D94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA35D4AA-24B3-428E-84ED-804EF941E9A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(0.140\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6AB0B748-003C-471F-A911-9DD3079FA250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(0.146\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8ED46E9E-2851-4154-9862-E24EDB58AA9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i3\\(0.191\\):*:*:*:*:*:*:*",
"matchCriteriaId": "306FA9EB-4D35-456D-9EE3-DA1701E431CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(7.230\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F92C2920-1313-4141-B460-7FE50D092D01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D8BA2854-BE27-45F8-AF6E-CF6C474CF15B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad Cisco Discovery Protocol de Cisco FXOS Software y Cisco NX-OS Software, podr\u00eda permitir a un atacante adyacente no autenticado ejecutar c\u00f3digo arbitrario como root o causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sobre un dispositivo afectado. La vulnerabilidad se presenta debido a encabezados de paquetes de Cisco Discovery Protocol comprobados insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete de Cisco Discovery Protocol dise\u00f1ado para un dispositivo afectado adyacente de Capa 2. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un desbordamiento del b\u00fafer que podr\u00eda permitirle ejecutar c\u00f3digo arbitrario como root o causar una condici\u00f3n de DoS sobre el dispositivo afectado. Nota: Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe estar en el mismo dominio de difusi\u00f3n que el dispositivo afectado (Capa 2 adyacente). Nota: Esta vulnerabilidad es diferente de las siguientes vulnerabilidades de Cisco Discovery Protocol de Cisco FXOS and NX-OS Software que Cisco anunci\u00f3 el 5 de febrero de 2020: Vulnerabilidad de Denegaci\u00f3n de Servicio de Cisco Discovery Protocol de Cisco FXOS, IOS XR y NX-OS Software y Vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota de Cisco Discovery Protocol de Cisco NX-OS Software."
}
],
"id": "CVE-2020-3172",
"lastModified": "2024-11-21T05:30:28.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-26T17:15:13.343",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-24 20:15
Modified
2024-11-21 05:43
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability in ICMP Version 6 (ICMPv6) processing in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a slow system memory leak, which over time could lead to a denial of service (DoS) condition. This vulnerability is due to improper error handling when an IPv6-configured interface receives a specific type of ICMPv6 packet. An attacker could exploit this vulnerability by sending a sustained rate of crafted ICMPv6 packets to a local IPv6 address on a targeted device. A successful exploit could allow the attacker to cause a system memory leak in the ICMPv6 process on the device. As a result, the ICMPv6 process could run out of system memory and stop processing traffic. The device could then drop all ICMPv6 packets, causing traffic instability on the device. Restoring device functionality would require a device reboot.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A10E56A-7137-47B9-A4E1-3CE0CF59CFE4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000_virtual_edge_for_vmware_vsphere:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81A5183A-5509-4179-946C-47967769FEA1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v_switch_for_microsoft_hyper-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9825E54D-DA3D-4A1C-A962-8CB005A4DE50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v_switch_for_vmware_vsphere:-:*:*:*:*:*:*:*",
"matchCriteriaId": "111F9653-1C50-4ACC-ADB2-509DCD68A83B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(3.53\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BD4101B4-5150-41A7-96BC-F5506C513B3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B34855-D8D2-4114-80D2-A4D159C62458",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB9FDE8-8533-4F65-BF32-4066D042B2F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.1\\(2.31\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3EFF4A24-B0A6-4702-9684-041F1A3E91A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB9FDE8-8533-4F65-BF32-4066D042B2F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in ICMP Version 6 (ICMPv6) processing in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a slow system memory leak, which over time could lead to a denial of service (DoS) condition. This vulnerability is due to improper error handling when an IPv6-configured interface receives a specific type of ICMPv6 packet. An attacker could exploit this vulnerability by sending a sustained rate of crafted ICMPv6 packets to a local IPv6 address on a targeted device. A successful exploit could allow the attacker to cause a system memory leak in the ICMPv6 process on the device. As a result, the ICMPv6 process could run out of system memory and stop processing traffic. The device could then drop all ICMPv6 packets, causing traffic instability on the device. Restoring device functionality would require a device reboot."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el procesamiento de ICMP versi\u00f3n 6 (ICMPv6) en el software Cisco NX-OS podr\u00eda permitir a un atacante remoto no autenticado causar una p\u00e9rdida lenta de memoria del sistema, que con el tiempo podr\u00eda conllevar a una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;Esta vulnerabilidad es debido a un manejo inapropiado de errores cuando una interfaz configurada con IPv6 recibe un tipo espec\u00edfico de paquete ICMPv6.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una tasa sostenida de paquetes ICMPv6 dise\u00f1ados a una direcci\u00f3n IPv6 local en un dispositivo de destino.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una p\u00e9rdida de memoria del sistema en el proceso ICMPv6 del dispositivo.\u0026#xa0;Como resultado, el proceso ICMPv6 podr\u00eda quedarse sin memoria del sistema y dejar de procesar el tr\u00e1fico.\u0026#xa0;El dispositivo podr\u00eda eliminar todos los paquetes ICMPv6, lo que provocar\u00eda inestabilidad del tr\u00e1fico en el dispositivo.\u0026#xa0;Restaurar la funcionalidad del dispositivo requerir\u00eda un reinicio del dispositivo"
}
],
"id": "CVE-2021-1229",
"lastModified": "2024-11-21T05:43:52.847",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-24T20:15:12.707",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "ykramarz@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-10 14:15
Modified
2024-12-20 17:40
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
References
Impacted products
{
"cisaActionDue": "2023-10-31",
"cisaExploitAdd": "2023-10-10",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "HTTP/2 Rapid Reset Attack Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5200E35-222B-42E0-83E0-5B702684D992",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3BDC297-F023-4E87-8518-B84CCF9DD6A8",
"versionEndExcluding": "1.57.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D12D5257-7ED2-400F-9EF7-40E0D3650C2B",
"versionEndExcluding": "4.1.100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:envoyproxy:envoy:1.24.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B058776-B5B7-4079-B0AF-23F40926DCEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:envoyproxy:envoy:1.25.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6D565975-EFD9-467C-B6E3-1866A4EF17A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:envoyproxy:envoy:1.26.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6D487271-1B5E-4F16-B0CB-A7B8908935C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:envoyproxy:envoy:1.27.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6ED627-EFB3-4BDD-8ECC-C5947A1470B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4A6F189-6C43-462D-85C9-B0EBDA8A4683",
"versionEndExcluding": "9.4.53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C993C920-85C0-4181-A95E-5D965A670738",
"versionEndExcluding": "10.0.17",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08E79A8E-E12C-498F-AF4F-1AAA7135661E",
"versionEndExcluding": "11.0.17",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F138D800-9A3B-4C76-8A3C-4793083A1517",
"versionEndExcluding": "12.0.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6341DDDA-AD27-4087-9D59-0A212F0037B4",
"versionEndExcluding": "2.7.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
"matchCriteriaId": "328120E4-C031-44B4-9BE5-03B0CDAA066F",
"versionEndExcluding": "1.20.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD9AB15-E5F6-4DBC-9EC7-D0ABA705802A",
"versionEndExcluding": "1.21.3",
"versionStartIncluding": "1.21.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*",
"matchCriteriaId": "D7D2F801-6F65-4705-BCB9-D057EA54A707",
"versionEndExcluding": "0.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*",
"matchCriteriaId": "801F25DA-F38C-4452-8E90-235A3B1A5FF0",
"versionEndExcluding": "0.17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D93F04AD-DF14-48AB-9F13-8B2E491CF42E",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7522C760-7E07-406F-BF50-5656D5723C4F",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A7F605E-EB10-40FB-98D6-7E3A95E310BC",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "783E62F2-F867-48F1-B123-D1227C970674",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8D90B7-A1AF-4EFB-B688-1563D81E5C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6603ED6A-3366-4572-AFCD-B3D4B1EC7606",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88978E38-81D3-4EFE-8525-A300B101FA69",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0510296F-92D7-4388-AE3A-0D9799C2FC4D",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7698D6C-B1F7-43C1-BBA6-88E956356B3D",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A1CC91B-6920-4AF0-9EDD-DD3189E78F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05E452AA-A520-4CBE-8767-147772B69194",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "596FC5D5-7329-4E39-841E-CAE937C02219",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C7A168-F370-441E-8790-73014BCEC39F",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF16FD01-7704-40AB-ACB2-80A883804D22",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1769D69A-CB59-46B1-89B3-FB97DC6DEB9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9167FEC1-2C37-4946-9657-B4E69301FB24",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4B3442-E0C0-48CD-87AD-060E15C9801E",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA85EC1-D91A-49DD-949B-2AF7AC813CA5",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20662BB0-4C3D-4CF0-B068-3555C65DD06C",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "59203EBF-C52A-45A1-B8DF-00E17E3EFB51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EC2324D-EC8B-41DF-88A7-819E53AAD0FC",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B88F9D1-B54B-40C7-A18A-26C4A071D7EC",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8F39403-C259-4D6F-9E9A-53671017EEDB",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "220F2D38-FA82-45EF-B957-7678C9FEDBC1",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C698C1C-A3DD-46E2-B05A-12F2604E7F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "922AA845-530A-4B4B-9976-4CBC30C8A324",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F938EB43-8373-47EB-B269-C6DF058A9244",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1771493E-ACAA-477F-8AB4-25DB12F6AD6E",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E86F3D5-65A4-48CE-A6A2-736BBB88E3F8",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "87670A74-34FE-45DF-A725-25B804C845B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7E422F6-C4C2-43AC-B137-0997B5739030",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC3F710F-DBCB-4976-9719-CF063DA22377",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9B76A1-7C5A-453F-A4ED-F1A81BCEBEB5",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88EDFCD9-775C-48FA-9CDA-2B04DA8D0612",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67DB21AE-DF53-442D-B492-C4ED9A20B105",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9FCBCB-9CE0-49E7-85C8-69E71D211912",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "112DFA85-90AD-478D-BD70-8C7C0C074F1B",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB704A1C-D8B7-48BB-A15A-C14DB591FE4A",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21D51D9F-2840-4DEA-A007-D20111A1745C",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC1D037-74D2-4F92-89AD-C90F6CBF440B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAEF3EA4-7D5A-4B44-9CE3-258AEC745866",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBCE2D1-9D93-415D-AB2C-2060307C305A",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8070B469-8CC4-4D2F-97D7-12D0ABB963C1",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A326597E-725D-45DE-BEF7-2ED92137B253",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B235A78-649B-46C5-B24B-AB485A884654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08B25AAB-A98C-4F89-9131-29E3A8C0ED23",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9B976A-D3AD-4445-BF8A-067C3EBDFBB0",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98D2CE1E-DED0-470A-AA78-C78EF769C38E",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C966FABA-7199-4F0D-AB8C-4590FE9D2FFF",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84D00768-E71B-4FF7-A7BF-F2C8CFBC900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D2ABA3-D4A9-4267-B0DF-7C3BBEEAEB66",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC36311E-BB00-4750-85C8-51F5A2604F07",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A65D357E-4B40-42EC-9AAA-2B6CEF78C401",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EF9865-FE65-4DFB-BF21-62FBCE65FF1C",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBD10E8-6054-408F-9687-B9BF6375CA09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6018B01-048C-43BB-A78D-66910ED60CA9",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A6A5686-5A8B-45D5-9165-BC99D2CCAC47",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D2A121F-5BD2-4263-8ED3-1DDE25B5C306",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A4F7BAD-3EDD-4DE0-AAB7-DE5ACA34DD79",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83794B04-87E2-4CA9-81F5-BB820D0F5395",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC2237-117F-43BD-ADEC-516CF72E04EF",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D4B6F-65CF-48F4-9A07-072DFBCE53D9",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29563719-1AF2-4BB8-8CCA-A0869F87795D",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D24815DD-579A-46D1-B9F2-3BB2C56BC54D",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0A6E7035-3299-474F-8F67-945EA9A059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0360F76D-E75E-4B05-A294-B47012323ED9",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4607BF-41AC-4E84-A110-74E085FF0445",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "441CC945-7CA3-49C0-AE10-94725301E31D",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46BA8E8A-6ED5-4FB2-8BBC-586AA031085A",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "56FB92F7-FF1E-425D-A5AB-9D9FB0BB9450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "969C4F14-F6D6-46D6-B348-FC1463877680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41AD5040-1250-45F5-AB63-63F333D49BCC",
"versionEndIncluding": "1.8.2",
"versionStartIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8257AA59-C14D-4EC1-B22C-DFBB92CBC297",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37DB32BB-F4BA-4FB5-94B1-55C3F06749CF",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFF5007E-761C-4697-8D34-C064DF0ABE8D",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "910441D3-90EF-4375-B007-D51120A60AB2",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "667EB77B-DA13-4BA4-9371-EE3F3A109F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A6F9699-A485-4614-8F38-5A556D31617E",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A90F547-97A2-41EC-9FDF-25F869F0FA38",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E76E1B82-F1DC-4366-B388-DBDF16C586A0",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "660137F4-15A1-42D1-BBAC-99A1D5BB398B",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C446827A-1F71-4FAD-9422-580642D26AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1932D32D-0E4B-4BBD-816F-6D47AB2E2F04",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D47B7691-A95B-45C0-BAB4-27E047F3C379",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD1637D-0E42-4928-867A-BA0FDB6E8462",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A599F90-F66B-4DF0-AD7D-D234F328BD59",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D1B2000-C3FE-4B4C-885A-A5076EB164E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5326759A-AFB0-4A15-B4E9-3C9A2E5DB32A",
"versionEndIncluding": "13.1.5",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57D92D05-C67D-437E-88F3-DCC3F6B0ED2F",
"versionEndIncluding": "14.1.5",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECCB8C30-861E-4E48-A5F5-30EE523C1FB6",
"versionEndIncluding": "15.1.10",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5FEAD2A-3A58-432E-BEBB-6E3FDE24395F",
"versionEndIncluding": "16.1.4",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB23AE6-245E-43D6-B832-933F8259F937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1188B4A9-2684-413C-83D1-E91C75AE0FCF",
"versionEndIncluding": "1.25.2",
"versionStartIncluding": "1.9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3337609D-5291-4A52-BC6A-6A8D4E60EB20",
"versionEndIncluding": "2.4.2",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF0ABD9-EB28-4966-8C31-EED7AFBF1527",
"versionEndIncluding": "3.3.0",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F291CB34-47A4-425A-A200-087CC295AEC8",
"versionEndExcluding": "r29",
"versionStartIncluding": "r25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r29:-:*:*:*:*:*:*",
"matchCriteriaId": "5892B558-EC3A-43FF-A1D5-B2D9F70796F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*",
"matchCriteriaId": "96BF2B19-52C7-4051-BA58-CAE6F912B72F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD26B48-CC80-4FAE-BD3D-78DE4C80C92B",
"versionEndIncluding": "8.5.93",
"versionStartIncluding": "8.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EC20B6-B2AB-41F5-9BF9-D16C1FE67C34",
"versionEndIncluding": "9.0.80",
"versionStartIncluding": "9.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0765CC3D-AB1A-4147-8900-EF4C105321F2",
"versionEndIncluding": "10.1.13",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*",
"matchCriteriaId": "D1AA7FF6-E8E7-4BF6-983E-0A99B0183008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*",
"matchCriteriaId": "57088BDD-A136-45EF-A8A1-2EBF79CEC2CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*",
"matchCriteriaId": "B32D1D7A-A04F-444E-8F45-BB9A9E4B0199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*",
"matchCriteriaId": "2AAD52CE-94F5-4F98-A027-9A7E68818CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*",
"matchCriteriaId": "F1F981F5-035A-4EDD-8A9F-481EE8BC7FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*",
"matchCriteriaId": "03A171AF-2EC8-4422-912C-547CDB58CAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*",
"matchCriteriaId": "538E68C4-0BA4-495F-AEF8-4EF6EE7963CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*",
"matchCriteriaId": "49350A6E-5E1D-45B2-A874-3B8601B3ADCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*",
"matchCriteriaId": "5F50942F-DF54-46C0-8371-9A476DD3EEA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*",
"matchCriteriaId": "D12C2C95-B79F-4AA4-8CE3-99A3EE7991AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*",
"matchCriteriaId": "98792138-DD56-42DF-9612-3BDC65EEC117",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:swiftnio_http\\/2:*:*:*:*:*:swift:*:*",
"matchCriteriaId": "08190072-3880-4EF5-B642-BA053090D95B",
"versionEndExcluding": "1.28.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*",
"matchCriteriaId": "5F4CDEA9-CB47-4881-B096-DA896E2364F3",
"versionEndExcluding": "1.56.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*",
"matchCriteriaId": "E65AF7BC-7DAE-408A-8485-FBED22815F75",
"versionEndIncluding": "1.59.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*",
"matchCriteriaId": "DD868DDF-C889-4F36-B5E6-68B6D9EA48CC",
"versionEndExcluding": "1.58.3",
"versionStartIncluding": "1.58.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:grpc:grpc:1.57.0:-:*:*:*:go:*:*",
"matchCriteriaId": "FBD991E2-DB5A-4AAD-95BA-4B5ACB811C96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4496821E-BD55-4F31-AD9C-A3D66CBBD6BD",
"versionEndExcluding": "6.0.23",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF7ECF6-178D-433C-AA21-BAE9EF248F37",
"versionEndExcluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C3418F4-B8BF-4666-BB39-C188AB01F45C",
"versionEndExcluding": "6.0.23",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1278DD1C-EFA9-4316-AD32-24C1B1FB0CEA",
"versionEndExcluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDFB0FF-0F4A-4B7B-94E8-ED72A8106314",
"versionEndExcluding": "2023-10-08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16A8F269-E07E-402F-BFD5-60F3988A5EAF",
"versionEndExcluding": "17.2.20",
"versionStartIncluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B2B972-69E2-4D21-9A7C-B2AFF1D89EB8",
"versionEndExcluding": "17.4.12",
"versionStartIncluding": "17.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5834D4-F52F-41C0-AA11-C974FFEEA063",
"versionEndExcluding": "17.6.8",
"versionStartIncluding": "17.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2166106F-ACD6-4C7B-B0CC-977B83CC5F73",
"versionEndExcluding": "17.7.5",
"versionStartIncluding": "17.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F",
"versionEndExcluding": "10.0.14393.6351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1",
"versionEndExcluding": "10.0.14393.6351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3",
"versionEndExcluding": "10.0.17763.4974",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F9A643-90C6-489C-98A0-D2739CE72F86",
"versionEndExcluding": "10.0.19044.3570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC",
"versionEndExcluding": "10.0.19045.3570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63",
"versionEndExcluding": "10.0.22000.2538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B",
"versionEndExcluding": "10.0.22621.2428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "C61F0294-5C7E-4DB2-8905-B85D0782F35F",
"versionEndExcluding": "18.18.2",
"versionStartIncluding": "18.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69843DE4-4721-4F0A-A9B7-0F6DF5AAA388",
"versionEndExcluding": "20.8.1",
"versionStartIncluding": "20.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B25279EF-C406-4133-99ED-0492703E0A4E",
"versionEndExcluding": "2023-10-11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FFFF84B-F35C-43DE-959A-A5D10C3AE9F5",
"versionEndExcluding": "2023-10-10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DCE8C89-7C22-48CA-AF22-B34C8AA2CB8C",
"versionEndExcluding": "2023.10.16.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDEB508E-0EBD-4450-9074-983DDF568AB4",
"versionEndExcluding": "3.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93A1A748-6C71-4191-8A16-A93E94E2CDE4",
"versionEndExcluding": "8.1.9",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E4BCAF6-B246-41EC-9EE1-24296BFC4F5A",
"versionEndExcluding": "9.2.3",
"versionStartIncluding": "9.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F70360D-6214-46BA-AF82-6AB01E13E4E9",
"versionEndExcluding": "2.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2DA759E-1AF8-49D3-A3FC-1B426C13CA82",
"versionEndExcluding": "4.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28BE6F7B-AE66-4C8A-AAFA-F1262671E9BF",
"versionEndExcluding": "1.17.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0C8E760-C8D2-483A-BBD4-6A6D292A3874",
"versionEndExcluding": "1.18.3",
"versionStartIncluding": "1.18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0F78BB-6A05-4C97-A8DB-E731B6CC8CC7",
"versionEndExcluding": "1.19.1",
"versionStartIncluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*",
"matchCriteriaId": "050AE218-3871-44D6-94DA-12D84C2093CB",
"versionEndExcluding": "2023-10-10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B36BFFB0-C0EC-4926-A1DB-0B711C846A68",
"versionEndExcluding": "2.10.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "376EAF9B-E994-4268-9704-0A45EA30270F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "F3D08335-C291-4623-B80C-3B14C4D1FA32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21033CEE-CEF5-4B0D-A565-4A6FC764AA6D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:*",
"matchCriteriaId": "FC4C66B1-42C0-495D-AE63-2889DE0BED84",
"versionEndExcluding": "2023-10-11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linkerd:linkerd:*:*:*:*:stable:kubernetes:*:*",
"matchCriteriaId": "8633E263-F066-4DD8-A734-90207207A873",
"versionEndIncluding": "2.12.5",
"versionStartIncluding": "2.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linkerd:linkerd:2.13.0:*:*:*:stable:kubernetes:*:*",
"matchCriteriaId": "34A23BD9-A0F4-4D85-8011-EAC93C29B4E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linkerd:linkerd:2.13.1:*:*:*:stable:kubernetes:*:*",
"matchCriteriaId": "27ED3533-A795-422F-B923-68BE071DC00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linkerd:linkerd:2.14.0:*:*:*:stable:kubernetes:*:*",
"matchCriteriaId": "45F7E352-3208-4188-A5B1-906E00DF9896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linkerd:linkerd:2.14.1:*:*:*:stable:kubernetes:*:*",
"matchCriteriaId": "DF89A8AD-66FE-439A-B732-CAAB304D765B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A400C637-AF18-4BEE-B57C-145261B65DEC",
"versionEndExcluding": "1.26.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:3scale_api_management_platform:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "653A5B08-0D02-4362-A8B1-D00B24C6C6F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0E6B4B-BAA6-474E-A18C-72C9719CEC1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FD736A-8730-446A-BA3A-7B608DB62B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C504B6-3902-46E2-82B7-48AEC9CDD48D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4BE2D6-43C3-4065-A213-5DB1325DC78F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:build_of_optaplanner:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D54F5AE-61EC-4434-9D5F-9394A3979894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE29B9D6-63DC-4779-ACE8-4E51E6A0AF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E37E1B3-6F68-4502-85D6-68333643BDFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5A7736-A403-4617-8790-18E46CB74DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33F13B03-69BF-4A8B-A0A0-7F47FD857461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9393119E-F018-463F-9548-60436F104195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:cost_management:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC45EE1E-2365-42D4-9D55-92FA24E5ED3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:cryostat:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E567CD9F-5A43-4D25-B911-B5D0440698F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68146098-58F8-417E-B165-5182527117C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:fence_agents_remediation_operator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4D6790-63E5-4043-B8BE-B489D649061D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78698F40-0777-4990-822D-02E1B5D0E2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B87C8AD3-8878-4546-86C2-BF411876648C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF03BDE8-602D-4DEE-BA5B-5B20FDF47741",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*",
"matchCriteriaId": "A58966CB-36AF-4E64-AB39-BE3A0753E155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_a-mq_streams:-:*:*:*:*:*:*:*",
"matchCriteriaId": "585BC540-073B-425B-B664-5EA4C00AFED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B453CF7-9AA6-4B94-A003-BF7AE0B82F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD354E32-A8B0-484C-B4C6-9FBCD3430D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72A54BDA-311C-413B-8E4D-388AD65A170A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A305F012-544E-4245-9D69-1C8CD37748B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B40CCE4F-EA2C-453D-BB76-6388767E5C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF93A27E-AA2B-4C2E-9B8D-FE7267847326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B12A3A8-6456-481A-A0C9-524543FCC149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2E7E3C-A507-4AB2-97E5-4944D8775CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:migration_toolkit_for_containers:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E22EBF9-AA0D-4712-9D69-DD97679CE835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:*:*:*:*:*:*:*",
"matchCriteriaId": "941B114C-FBD7-42FF-B1D8-4EA30E99102C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:network_observability_operator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "339CFB34-A795-49F9-BF6D-A00F3A1A4F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:node_healthcheck_operator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D044DBE-6F5A-4C53-828E-7B1A570CACFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:node_maintenance_operator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E23FA47F-B967-44AD-AB76-1BB2CAD3CA5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift:-:*:*:*:*:aws:*:*",
"matchCriteriaId": "65203CA1-5225-4E55-A187-6454C091F532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF8EFFB-5686-4F28-A68F-1A8854E098CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA9B2E2-958B-478D-87D6-E5CDDCD44315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_data_science:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F5FF1E-5DA3-4EC3-B41A-A362BDFC4C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97321212-0E07-4CC2-A917-7B5F61AB9A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_distributed_tracing:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF390236-3259-4C8F-891C-62ACC4386CD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AAA300-691A-4957-8B69-F6888CC971B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45937289-2D64-47CB-A750-5B4F0D4664A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_sandboxed_containers:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B129311C-EB4B-4041-B85C-44D5E53FCAA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1AB54DB-3FB4-41CB-88ED-1400FD22AB85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77675CB7-67D7-44E9-B7FF-D224B3341AA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A76A2BCE-4AAE-46D7-93D6-2EDE0FC83145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*",
"matchCriteriaId": "9C877879-B84B-471C-80CF-0656521CA8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E315FC5C-FF19-43C9-A58A-CF2A5FF13824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20A6B40D-F991-4712-8E30-5FE008505CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1987BDA-0113-4603-B9BE-76647EB043F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:run_once_duration_override_operator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D482A3D2-6E9B-42BA-9926-35E5BDD5F3BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "848C92A9-0677-442B-8D52-A448F2019903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:self_node_remediation_operator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F564701-EDC1-43CF-BB9F-287D6992C6CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12B0CF2B-D1E1-4E20-846E-6F0D873499A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:support_for_spring_boot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8885C2C-7FB8-40CA-BCB9-B48C50BF2499",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:web_terminal:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D88B140-D2A1-4A0A-A2E9-1A3B50C295AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A903C3AD-2D25-45B5-BF4A-A5BEB2286627",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5EBD2A-32A3-46D5-B155-B44DCB7F6902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2792650-851F-4820-B003-06A4BEA092D7",
"versionEndExcluding": "10.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "9F6B63B9-F4C9-4A3F-9310-E0918E1070D1",
"versionEndExcluding": "3.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "E6FF5F80-A991-43D4-B49F-D843E2BC5798",
"versionEndIncluding": "2.414.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*",
"matchCriteriaId": "54D25DA9-12D0-4F14-83E6-C69D0293AAB9",
"versionEndIncluding": "2.427",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E1AFFB9-C717-4727-B0C9-5A0C281710E2",
"versionEndExcluding": "9.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25C85001-E0AB-4B01-8EE7-1D9C77CD956E",
"versionEndExcluding": "1.21.4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:connected_mobile_experiences:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F98F9D27-6659-413F-8F29-4FDB0882AAC5",
"versionEndExcluding": "11.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C98BF315-C563-47C2-BAD1-63347A3D1008",
"versionEndExcluding": "4.1.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_data_gateway:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "705CBA49-21C9-4400-B7B9-71CDF9F97D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2BE0F1-DD16-4876-8EBA-F187BD38B159",
"versionEndExcluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "796B6C58-2140-4105-A2A1-69865A194A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:enterprise_chat_and_email:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEA99DC6-EA03-469F-A8BE-7F96FDF0B333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6560DBF4-AFE6-4672-95DE-74A0B8F4170A",
"versionEndExcluding": "x14.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84785919-796D-41E5-B652-6B5765C81D4A",
"versionEndExcluding": "7.4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92A74A1A-C69F-41E6-86D0-D6BB1C5D0A1E",
"versionEndExcluding": "4.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE7BA33-2AC0-4A85-97AD-6D77F20BA2AD",
"versionEndExcluding": "9.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_cable_provisioning:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FE2F959-1084-48D1-B1F1-8182FC9862DD",
"versionEndExcluding": "7.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC17E6B-D7AB-40D7-AEC5-F5B555AC4D7F",
"versionEndExcluding": "3.10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB6B48E-EA36-40A0-96D0-AF909BEC1147",
"versionEndExcluding": "11.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_dynamic_attributes_connector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBED844-7F94-498C-836D-8593381A9657",
"versionEndExcluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_malware_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C170DBA1-0899-4ECC-9A0D-8FEB1DA1B510",
"versionEndExcluding": "2.19.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "358FA1DC-63D3-49F6-AC07-9E277DD0D9DA",
"versionEndExcluding": "x14.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFF2D182-7599-4B81-B56B-F44EDA1384C0",
"versionEndExcluding": "2024.01.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4868BCCA-24DE-4F24-A8AF-B3A545C0396E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:*:*:*:*:*:*:*:*",
"matchCriteriaId": "194F7A1F-FD43-4FF7-9AE2-C13AA5567E8A",
"versionEndExcluding": "2024.02.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC75F99-C7F0-47EB-9032-C9D3A42EBA20",
"versionEndExcluding": "2024.02.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_attendant_console_advanced:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6638F4E-16F7-447D-B755-52640BCB1C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC34F742-530E-4AB4-8AFC-D1E088E256B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D31CC0E9-8E21-436B-AB84-EA1B1BC60DCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E22AD683-345B-4E16-BB9E-E9B1783E09AD",
"versionEndExcluding": "12.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_management_portal:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C0D694-9E24-4782-B35F-D7C3E3B0F2ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fog_director:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2955BEE9-F567-4006-B96D-92E10FF84DB4",
"versionEndExcluding": "1.22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67502878-DB20-4410-ABA0-A1C5705064CD",
"versionEndExcluding": "17.15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "177DED2D-8089-4494-BDD9-7F84FC06CD5B",
"versionEndExcluding": "7.11.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:secure_web_appliance_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54A29FD3-4128-4333-8445-A7DD04A6ECF6",
"versionEndExcluding": "15.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:secure_web_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67074526-9933-46B3-9FE3-A0BE73C5E8A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9",
"versionEndExcluding": "10.2\\(7\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A236A0A-6956-4D79-B8E5-B2D0C79FAE88",
"versionEndExcluding": "10.3\\(5\\)",
"versionStartIncluding": "10.3\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F4E8EE4-031D-47D3-A12E-EE5F792172EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D14D4B4E-120E-4607-A4F1-447C7BF3052E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15702ACB-29F3-412D-8805-E107E0729E35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B34855-D8D2-4114-80D2-A4D159C62458",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32A532C0-B0E3-484A-B356-88970E7D0248",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C84D24C-2256-42AF-898A-221EBE9FE1E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43913A0E-50D5-47DD-94D8-DD3391633619",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9",
"versionEndExcluding": "10.2\\(7\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A236A0A-6956-4D79-B8E5-B2D0C79FAE88",
"versionEndExcluding": "10.3\\(5\\)",
"versionStartIncluding": "10.3\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "532CE4B0-A3C9-4613-AAAF-727817D06FB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24CA1A59-2681-4507-AC74-53BD481099B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB9FDE8-8533-4F65-BF32-4066D042B2F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA5389A-8AD1-476E-983A-54DF573C30F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B1A8F1-45B1-4E64-A254-7191FA93CB6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2FFD26-8255-4351-8594-29D2AEFC06EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61E10975-B47E-4F4D-8096-AEC7B7733612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16C64136-89C2-443C-AF7B-BED81D3DE25A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "182000E0-8204-4D8B-B7DE-B191AFE12E28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC208BC-7E19-48C6-A20E-A79A51B7362C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "084D0191-563B-4FF0-B589-F35DA118E1C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DB6FC5-762A-4F16-AE8C-69330EFCF640",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "968390BC-B430-4903-B614-13104BFAE635",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAD21E-59EE-4CCE-8F1E-621D2EA50905",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02C3CE6D-BD54-48B1-A188-8E53DA001424",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "498991F7-39D6-428C-8C7D-DD8DC72A0346",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B90D36-5124-4669-8462-4EAF35B0F53D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6EB963-E0F2-4A02-8765-AB2064BE19E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEAAF99B-5406-4722-81FB-A91CBAC2DF41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D6DB7F-C025-4971-9615-73393ED61078",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "737C724A-B6CD-4FF7-96E0-EBBF645D660E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7067AEC7-DFC8-4437-9338-C5165D9A8F36",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71D4CF15-B293-4403-A1A9-96AD3933BAEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBCC1515-2DBE-4DF2-8E83-29A869170F36",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7282AAFF-ED18-4992-AC12-D953C35EC328",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "360409CC-4172-4878-A76B-EA1C1F8C7A79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D5D5E2-B40B-475D-9EF3-8441016E37E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73F59A4B-AE92-4533-8EDC-D1DD850309FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "492A2C86-DD38-466B-9965-77629A73814F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB7AA46-4018-4925-963E-719E1037F759",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B04484DA-AA59-4833-916E-6A8C96D34F0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D07B5399-44C7-468D-9D57-BB5B5E26CE50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B76FB64F-16F0-4B0B-B304-B46258D434BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E128053-834B-4DD5-A517-D14B4FC2B56F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "163743A1-09E7-4EC5-8ECA-79E4B9CE173B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE340E4C-DC48-4FC8-921B-EE304DB5AE0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C367BBE0-D71F-4CB5-B50E-72B033E73FE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85E1D224-4751-4233-A127-A041068C804A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD31B075-01B1-429E-83F4-B999356A0EB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3284D16F-3275-4F8D-8AE4-D413DE19C4FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023."
},
{
"lang": "es",
"value": "El protocolo HTTP/2 permite una denegaci\u00f3n de servicio (consumo de recursos del servidor) porque la cancelaci\u00f3n de solicitudes puede restablecer muchas transmisiones r\u00e1pidamente, como se explot\u00f3 en la naturaleza entre agosto y octubre de 2023."
}
],
"id": "CVE-2023-44487",
"lastModified": "2024-12-20T17:40:52.067",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-10-10T14:15:10.883",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description"
],
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description"
],
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description"
],
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mitigation"
],
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Release Notes"
],
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/golang/go/issues/63417"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/line/armeria/pull/5232"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation"
],
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage"
],
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Vendor Advisory"
],
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Vendor Advisory"
],
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Vendor Advisory"
],
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch"
],
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/golang/go/issues/63417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/line/armeria/pull/5232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Press/Media Coverage"
],
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Press/Media Coverage"
],
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-25 20:15
Modified
2024-11-21 05:44
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific packets with a Transparent Interconnection of Lots of Links (TRILL) OAM EtherType. An attacker could exploit this vulnerability by sending crafted packets, including the TRILL OAM EtherType of 0x8902, to a device that is part of a VXLAN Ethernet VPN (EVPN) fabric. A successful exploit could allow the attacker to cause an affected device to experience high CPU usage and consume excessive system resources, which may result in overall control plane instability and cause the affected device to reload. Note: The NGOAM feature is disabled by default.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA35D4AA-24B3-428E-84ED-804EF941E9A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific packets with a Transparent Interconnection of Lots of Links (TRILL) OAM EtherType. An attacker could exploit this vulnerability by sending crafted packets, including the TRILL OAM EtherType of 0x8902, to a device that is part of a VXLAN Ethernet VPN (EVPN) fabric. A successful exploit could allow the attacker to cause an affected device to experience high CPU usage and consume excessive system resources, which may result in overall control plane instability and cause the affected device to reload. Note: The NGOAM feature is disabled by default."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad Operation, Administration, and Maintenance (OAM) de VXLAN del Software Cisco NX-OS, conocida como NGOAM, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido al manejo inapropiado de paquetes espec\u00edficos con un EtherType OAM de Interconexi\u00f3n Transparente de Lotes de Enlaces (TRILL). Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes dise\u00f1ados, incluyendo el TRILL OAM EtherType de 0x8902, a un dispositivo que forma parte de un tejido VXLAN Ethernet VPN (EVPN). Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que un dispositivo afectado experimente un alto uso de la CPU y consuma excesivos recursos del sistema, lo que puede resultar en una inestabilidad general del plano de control y causar que el dispositivo afectado se recargue. Nota: La funci\u00f3n NGOAM est\u00e1 deshabilitada por defecto."
}
],
"id": "CVE-2021-1587",
"lastModified": "2024-11-21T05:44:41.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-25T20:15:11.417",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ngoam-dos-LTDb9Hv"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ngoam-dos-LTDb9Hv"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-115"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-436"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Exploitation of this vulnerability also requires jumbo frames to be enabled on the interface that receives the crafted Cisco Discovery Protocol packets on the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA35D4AA-24B3-428E-84ED-804EF941E9A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1EA5BD6-6270-4A46-A6BB-E516ECD7441F",
"versionEndExcluding": "4.0\\(4h\\)",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC04D48B-8B2F-45E1-A445-A87E92E790B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Exploitation of this vulnerability also requires jumbo frames to be enabled on the interface that receives the crafted Cisco Discovery Protocol packets on the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el Data Management Engine (DME) de Cisco NX-OS Software, podr\u00eda permitir a un atacante adyacente no autenticado ejecutar c\u00f3digo arbitrario con privilegios administrativos o causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de entrada . Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete de Cisco Discovery Protocol dise\u00f1ado hacia un dispositivo afectado adyacente a la Capa 2. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario con privilegios administrativos o causar que el proceso Cisco Discovery Protocol se bloquee y se reinicie varias veces, causando que el dispositivo afectado se recargue y resulte en una condici\u00f3n DoS. Nota: El Cisco Discovery Protocol es un protocolo de capa 2. Para explotar esta vulnerabilidad, un atacante debe estar en el mismo dominio de transmisi\u00f3n que el dispositivo afectado (adyacente a Capa 2). La explotaci\u00f3n de esta vulnerabilidad tambi\u00e9n requiere que las tramas jumbo sean habilitadas en la interfaz que recibe los paquetes Cisco Discovery Protocol dise\u00f1ados en el dispositivo afectado"
}
],
"id": "CVE-2020-3415",
"lastModified": "2024-11-21T05:30:59.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-27T16:15:12.317",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dme-rce-cbE3nhZS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dme-rce-cbE3nhZS"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-23 19:15
Modified
2024-11-21 07:40
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device.
This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user.
There are workarounds that address this vulnerability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD96C7AE-EECC-43F4-9132-1E7F8047C701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1D43B9D6-0991-4370-9369-C0A1EDBF6627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6EB58108-78E4-4208-A549-C86B37422828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2v\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46427F06-FAB1-4AB8-A6BF-3EE10608B4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5FB6ADC7-97AC-4DD8-8F1B-448A63D8BE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6E2484E7-24ED-4238-8ED3-FFFB7C479F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A589031-946F-4016-AFC9-92FB033420D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20FF2A5A-CB80-4F58-856D-724AACB0864C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9FF50BFC-2DB3-4954-BC59-8B3D27D418E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F97A62E0-8A96-43A3-8FB1-FDC1B8A08049",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A2F42DB-B22B-4880-BA73-D0E0295190DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "85A8B2D7-BCF2-4B2E-8208-7D2FDF717C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C8A71DEB-93CD-4827-9F9E-3A0DFFAD145A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(7a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E1A56DB8-CDDD-4AB8-8694-B6CC967B7F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2B448FDB-C2F5-454F-A275-E985C3FCDBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AEE47A7-B23A-4C9A-A25C-0983D94FB569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "350F10D8-221B-4A47-8BF6-CCC421878243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C0B4E497-95AE-45FC-8F89-A7959CA9AF4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7B192CE-F0B4-415F-9A33-B639A7B56ED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A1D6DFF-D8CC-4912-BFE6-8454AB95AD7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.1\\(2t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B6C6D9CC-211B-4CAA-B2AB-16DE5A34E21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F2DB904E-9FAF-4A23-82E9-367BDBFC57D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(1q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A5736375-4050-40A5-A504-688B182C9A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "54AB751B-77DE-4513-B961-378458F74164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63AB92C1-D2F7-4025-88B6-EFA1D3C07F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(3t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "305A6637-16EA-4A66-A044-19BE643D6CA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69C445A7-B836-493D-8056-86D4F31847EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C3018A70-3236-4885-8EB1-708442F74981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F69EF43C-0F06-40B8-94AE-870E182E26CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8CE0E36D-08A6-48D5-A364-AC066F30F3CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16C64136-89C2-443C-AF7B-BED81D3DE25A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02C3CE6D-BD54-48B1-A188-8E53DA001424",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "498991F7-39D6-428C-8C7D-DD8DC72A0346",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D6DB7F-C025-4971-9615-73393ED61078",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D5D5E2-B40B-475D-9EF3-8441016E37E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3284D16F-3275-4F8D-8AE4-D413DE19C4FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device. \r\n\r This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user.\r\n\r There are workarounds that address this vulnerability."
}
],
"id": "CVE-2023-20115",
"lastModified": "2024-11-21T07:40:35.413",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-23T19:15:07.587",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-sftp-xVAp5Hfd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-sftp-xVAp5Hfd"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-671"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect implementation of the CLI command, resulting in a failure to free all allocated memory upon completion. An attacker could exploit this vulnerability by authenticating to the affected device and repeatedly issuing a specific CLI command or sending a specific SNMP poll request for a specific Object Identifier (OID). A successful exploit could allow the attacker to cause the IP routing process to restart or to cause a device reset, resulting in a DoS condition. Cisco Bug IDs: CSCvf23136.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 7.0\(3\)i5\(2\) | |
| cisco | nx-os | 7.0\(3\)i6\(1\) | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_3064-t | - | |
| cisco | nexus_31108pc-v | - | |
| cisco | nexus_31108tc-v | - | |
| cisco | nexus_31128pq | - | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3132q-v | - | |
| cisco | nexus_3132q-xl | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3172pq-xl | - | |
| cisco | nexus_3172tq | - | |
| cisco | nexus_3172tq-32t | - | |
| cisco | nexus_3172tq-xl | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3264q | - | |
| cisco | nexus_9000v | - | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92300yc | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180lc-ex | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1BEB5BAE-0BB6-4201-9229-47DE631AAF3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "00953B63-7DBB-4A67-B41D-321C2ECDE79A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect implementation of the CLI command, resulting in a failure to free all allocated memory upon completion. An attacker could exploit this vulnerability by authenticating to the affected device and repeatedly issuing a specific CLI command or sending a specific SNMP poll request for a specific Object Identifier (OID). A successful exploit could allow the attacker to cause the IP routing process to restart or to cause a device reset, resulting in a DoS condition. Cisco Bug IDs: CSCvf23136."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de un comando espec\u00edfico de la interfaz de l\u00ednea de comandos y el MIB SNMP (Simple Network Management Protocol) asociado para Cisco NX-OS (en modo NX-OS independiente) en los switches Cisco Nexus 3000 y 9000 Series podr\u00eda permitir que un atacante remoto autenticado agote la memoria del sistema en un dispositivo afectado, lo que resulta en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a la implementaci\u00f3n incorrecta del comando CLI, lo que resulta en un error a la hora de liberar toda la memoria asignada tras la finalizaci\u00f3n. Un atacante podr\u00eda explotar esta vulnerabilidad autentic\u00e1ndose en el dispositivo afectado y enviando repetidamente un comando CLI espec\u00edfico o enviando una petici\u00f3n de sondeo SNMP concreta para un OID (Object Identifier) determinado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante consiga que el proceso de enrutamiento de IP se reinicie o que se restablezca el dispositivo, provocando una denegaci\u00f3n de servicio (DoS). Cisco Bug IDs: CSCvf23136."
}
],
"id": "CVE-2018-0309",
"lastModified": "2024-11-21T03:37:56.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-21T11:29:00.570",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE7BCA11-7B09-43A3-A589-59D48402F564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8ABD8597-BDD8-4280-9743-63561B11A26A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C83E090-7C99-465A-A477-C2949B137720",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.8\\(3.5\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B17D00-490A-42CE-9DBB-EF8D30264546",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C9388C2C-75F4-487F-A7D8-4E17FD39A166",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC6D08-C547-44A3-AC77-A63DB58E4889",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D4C48-4D01-4761-B2D8-F16E90F78560",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE7BCA11-7B09-43A3-A589-59D48402F564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8ABD8597-BDD8-4280-9743-63561B11A26A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_2148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5BBD7E-7638-4725-B01E-37B0056521EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2224tp_ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6A29A1-C498-4F98-81B6-F920AB038507",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232pp_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A0F8DD-8150-45EB-8C0E-636C11C258A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232tm-e_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8DC1FE-89A4-4E8D-917C-A888F2475FDC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232tm_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8717918-2908-470C-BD41-6B466AF539F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248pq_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "572DBF51-E334-444B-B548-2539740E1D0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248tp-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8D3949-D212-4212-A651-07A631964448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248tp_ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2291E9C8-3816-49E6-843E-292686F5B6CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE7BCA11-7B09-43A3-A589-59D48402F564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8ABD8597-BDD8-4280-9743-63561B11A26A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:3.1\\(3a\\)a:*:*:*:*:*:*:*",
"matchCriteriaId": "9EAE8F9F-A0D5-4CE1-9DF7-5EFB36A45B5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.9\\(0.902\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A6984CB-EF97-4CDD-B4CF-D460908C69A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0246716-64E9-4CCA-9546-A3A40D375E95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5581E60-8144-4630-9545-8DC0B7AD44A1",
"versionEndExcluding": "1.1.4.179",
"versionStartIncluding": "1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA77B46-C30C-4427-9401-6500B6221ACE",
"versionEndExcluding": "2.0.1.153",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0AC7D7-0569-497E-B38E-2758410A750D",
"versionEndExcluding": "2.1.1.86",
"versionStartIncluding": "2.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5712D110-FF7D-4A6A-A592-0245709BC6B3",
"versionEndExcluding": "2.2.1.70",
"versionStartIncluding": "2.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C9BF568-45B6-4087-8DB3-B806159AE075",
"versionEndExcluding": "2.2.2.17",
"versionStartIncluding": "2.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5581E60-8144-4630-9545-8DC0B7AD44A1",
"versionEndExcluding": "1.1.4.179",
"versionStartIncluding": "1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA77B46-C30C-4427-9401-6500B6221ACE",
"versionEndExcluding": "2.0.1.153",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0AC7D7-0569-497E-B38E-2758410A750D",
"versionEndExcluding": "2.1.1.86",
"versionStartIncluding": "2.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5712D110-FF7D-4A6A-A592-0245709BC6B3",
"versionEndExcluding": "2.2.1.70",
"versionStartIncluding": "2.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C9BF568-45B6-4087-8DB3-B806159AE075",
"versionEndExcluding": "2.2.2.17",
"versionStartIncluding": "2.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0574E77C-18C6-4621-B73A-DCDD6D1B5E37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el componente Cisco Fabric Services del software FXOS y Cisco NX-OS podr\u00eda permitir que un atacante remoto no autenticado obtenga informaci\u00f3n sensible de la memoria o cree una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad existe debido a que el software afectado no valida suficientemente los valores de las cabeceras de paquetes Cisco Fabric Services. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un paquete Cisco Fabric Services manipulado a un dispositivo afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante provoque una sobrelectura de b\u00fafer que le permitir\u00eda obtener informaci\u00f3n sensible de la memoria o provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el dispositivo afectado. La vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches en modo NX-OS independiente, los m\u00f3dulos Line Cards y Fabric de Nexus 9500 R-Series, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559."
}
],
"id": "CVE-2018-0310",
"lastModified": "2024-11-21T03:37:57.080",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-21T11:29:00.617",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-20 21:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker, authenticated as a privileged user, to execute arbitrary commands with root privileges. Note: On products that support multiple virtual device contexts (VDC), this vulnerability could allow an attacker to access files from any VDC. This vulnerability affects Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve51704, CSCve91749, CSCve91768.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-injection | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-injection | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D75479AD-9847-497C-9438-AA82D91B6F71",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6004E45-878B-4034-AD67-8D2CCB01E9B6",
"versionEndExcluding": "8.1\\(2\\)",
"versionStartIncluding": "6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E40D9097-C95A-4813-9DEE-89CA75820524",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93C9AFED-1347-4B0E-B031-AF5EA891B9BD",
"versionEndExcluding": "7.0\\(3\\)i3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C899EF-A64F-4FD8-851C-1D4E2929BAF4",
"versionEndExcluding": "7.0\\(3\\)i7\\(1\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93C9AFED-1347-4B0E-B031-AF5EA891B9BD",
"versionEndExcluding": "7.0\\(3\\)i3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C899EF-A64F-4FD8-851C-1D4E2929BAF4",
"versionEndExcluding": "7.0\\(3\\)i7\\(1\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC6D08-C547-44A3-AC77-A63DB58E4889",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D4C48-4D01-4761-B2D8-F16E90F78560",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D75479AD-9847-497C-9438-AA82D91B6F71",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02DD5791-E4D3-475C-84B0-E642ACFC5EB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker, authenticated as a privileged user, to execute arbitrary commands with root privileges. Note: On products that support multiple virtual device contexts (VDC), this vulnerability could allow an attacker to access files from any VDC. This vulnerability affects Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve51704, CSCve91749, CSCve91768."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de l\u00ednea de comandos del software NX-OS podr\u00eda permitir que un atacante local autenticado realice un ataque de inyecci\u00f3n de comandos en un dispositivo afectado. La vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente de algunos argumentos de comandos. Un atacante podr\u00eda explotar esta vulnerabilidad inyectando argumentos de comando maliciosos en una comando de interfaz de l\u00ednea de comandos vulnerable. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante, autenticado como usuario con privilegios, ejecute comandos arbitrarios con privilegios root. Nota: en productos que soportan m\u00faltiples contextos de dispositivos virtuales (VDC), esta vulnerabilidad podr\u00eda permitir que un atacante acceda a archivos desde cualquier VDC. Esta vulnerabilidad afecta a Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches en modo NX-OS independiente y los m\u00f3dulos Line Cards y Fabric de Nexus 9500 R-Series. Cisco Bug IDs: CSCve51704, CSCve91749, CSCve91768."
}
],
"id": "CVE-2018-0307",
"lastModified": "2024-11-21T03:37:56.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-20T21:29:00.577",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-injection"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-injection"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 03:15
Modified
2024-11-21 06:11
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A21987E-AE24-4C2C-894A-FFF7CC0CA73B",
"versionEndExcluding": "2.2.2.148",
"versionStartIncluding": "2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3779F159-04B8-40D7-98D0-B1B68AE02C31",
"versionEndExcluding": "2.3.1.216",
"versionStartIncluding": "2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F839DB11-1E63-4727-8AB0-ED0B5D6BC38A",
"versionEndExcluding": "2.4.1.273",
"versionStartIncluding": "2.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "440AAA0A-FEF8-4E40-95EC-59F37A63091D",
"versionEndExcluding": "2.6.1.224",
"versionStartIncluding": "2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08C690B6-DE7E-417F-883A-3A3AE51F0710",
"versionEndExcluding": "2.7.1.143",
"versionStartIncluding": "2.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88F98150-EB80-41BB-9B80-520124E3FD9A",
"versionEndExcluding": "2.8.1.143",
"versionStartIncluding": "2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2E8B9E7-1023-4A0C-BC8C-C45F956B20BA",
"versionEndExcluding": "2.9.1.135",
"versionStartIncluding": "2.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
"matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18048A84-BA0F-48EF-AFFB-635FF7F70C66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "317DF3DD-C7CD-4CA2-804F-A738E048BEB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C13CF29B-9308-452B-B7E0-9E818B5A6C1E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB527C2-855E-4BB9-BCA7-94BE86100D44",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E82C1B05-990D-49D2-B80A-C3EDD4082840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "421D91C3-8AB3-45E1-9E55-13ED1A4A623E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D741945-8B0A-408D-A5FE-D5B38DC6D46A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9308CA67-E949-4338-A890-22B3C4428D70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3C6CC11-470A-47A4-AAF5-D5580FB78562",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4A2B35-5106-4F43-835A-7F97D2324373",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F7F452-9294-4445-A344-1A76B277C45D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA604D8-76C0-40B9-8675-02BEEA18E432",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82542890-87E9-4C92-9B20-7CC668B4E5E1",
"versionEndIncluding": "8.4\\(3.115\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D8583BD-4586-4AB0-9C7A-BC14385AACE8",
"versionEndIncluding": "8.4\\(3.115\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "657840E3-B3E9-4218-A89D-F27D8DC269C6",
"versionEndIncluding": "8.4\\(3.115\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B36972DF-1BEB-48EB-9C79-725AA493F87C",
"versionEndIncluding": "8.4\\(3.115\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08D3FFC7-2C86-4162-B1E8-C9FF39F4465B",
"versionEndIncluding": "8.4\\(3.115\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9134:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB00911-C0B0-4A4E-A0B9-413EC9D9C25A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F762E87A-BF80-4D33-ADDA-84369E068005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22E6B85A-3988-4EC5-B788-9664772CE64E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B25B92ED-37C0-4653-9C5E-B4C13C46464C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E81D2CC1-376A-4D87-88EA-6E1831741EC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2374E02D-46FE-477F-A74D-49E72149E6EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C44335D8-8A78-486C-A325-9691FA4C3271",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B22B3865-30E9-4B5A-A37D-DC33F1150FFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "459A7F11-52BF-4AD6-B495-4C4D6C050493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEACA55F-4335-4478-B608-EB92EE1D6C6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36145717-6348-466D-87B4-B1A19F17BA55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7009:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4831C5F4-AF09-4951-B7AC-9DAF1C7045B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BBDCF9-562C-44BA-B709-F91346F6F99F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7018:-:*:*:*:*:*:*:*",
"matchCriteriaId": "276BD181-125C-48EC-984C-29BAE20C21F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ABB175-81BE-4C46-BD2D-70016508BE22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71F93299-A715-4E97-87FE-B1E248EA98BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3AD807-5A0F-4DF5-9A7A-748205F409E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596B885-5312-489B-BBDB-A5374E525DE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42EC10DA-FE01-4BA3-B49F-B164F697D4BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1655CC-9BD5-4BD5-B113-776E4335D556",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA6F9ED-50A1-4D61-BC83-438585646856",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04E18F69-07F4-4BEA-9867-B79351687D32",
"versionEndIncluding": "7.0\\(3\\)i7\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EC79F46-3416-4D95-A839-BA707A9E22E2",
"versionEndIncluding": "7.0\\(3\\)i7\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4673FD6-3C58-41BA-AA7F-C26FE42ECBD4",
"versionEndIncluding": "7.0\\(3\\)i7\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4328C1A9-F5B4-4D6B-8B2D-03BFC5310EDC",
"versionEndIncluding": "7.0\\(3\\)i7\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC5D36F-834A-44EA-BCC8-A71BBA202A4F",
"versionEndIncluding": "7.0\\(3\\)i7\\(9\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F4E8EE4-031D-47D3-A12E-EE5F792172EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D14D4B4E-120E-4607-A4F1-447C7BF3052E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15702ACB-29F3-412D-8805-E107E0729E35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B34855-D8D2-4114-80D2-A4D159C62458",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32A532C0-B0E3-484A-B356-88970E7D0248",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43913A0E-50D5-47DD-94D8-DD3391633619",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3500_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B72E8456-A9BD-447B-8F33-4BEB052A82D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_aci_mode:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57BC5903-1316-4FFF-BE52-2F6D63549590",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_standalone:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4755F890-634B-4B25-AF08-C34F13429FA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA62800-F5DC-48DA-8C81-D684EA8EBB9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "532CE4B0-A3C9-4613-AAAF-727817D06FB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB9FDE8-8533-4F65-BF32-4066D042B2F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DB6FC5-762A-4F16-AE8C-69330EFCF640",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B04484DA-AA59-4833-916E-6A8C96D34F0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24A634C9-C1DA-4D2D-BA5F-1EFC05756E5A",
"versionEndIncluding": "7.3\\(8\\)n1\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCA44694-9D36-4E97-83F7-A1FEAC6717AB",
"versionEndIncluding": "7.3\\(8\\)n1\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6F83F0-AF30-453D-BB96-FE56A04C4971",
"versionEndIncluding": "7.3\\(8\\)n1\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0EFE3A3-2469-445E-A325-BC3F1D72FCA6",
"versionEndIncluding": "7.3\\(8\\)n1\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74A7DECE-B92C-471A-8A74-F1D5B5254A9B",
"versionEndIncluding": "7.3\\(8\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFC8699E-81C0-4374-B827-71B3916B910D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "870F4379-68F6-4B34-B99B-107DFE0DBD63",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A58223F-3B15-420B-A6D4-841451CF0380",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F182AD1-6E51-456A-A8F7-8F3B92DBE4D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76CF6300-0292-4E53-B28D-865C2303BA51",
"versionEndIncluding": "3.2\\(3o\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16B79C2F-DAE9-4AD4-AFDA-DADD43E650AD",
"versionEndIncluding": "3.2\\(3o\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "980DD4C4-A6C0-4D2D-BD09-21B62C4ADC71",
"versionEndIncluding": "3.2\\(3o\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62C92804-B959-43E1-9133-C16E58921D9A",
"versionEndIncluding": "3.2\\(3o\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F063A1CB-6FC6-46EF-AF2E-1E211C7CA41F",
"versionEndIncluding": "3.2\\(3o\\)a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B96E5C-CC27-4020-93CE-413B95DCABB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6248_up_fabric_interconnect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96AB2BB-4F4A-44C3-918F-DDB31B0D1FFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296_up_fabric_interconnect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82775AC1-173D-4335-B13A-6CF73C9C11D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324_fabric_interconnect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "104AB7AA-2AB6-40AB-9BCA-2041396060B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "054D8EB2-97A3-4725-9DFF-27A4D231D90A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332-16up_fabric_interconnect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAF3163-4FF6-4BB0-8870-80D3F3F2953B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332_fabric_interconnect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB5291D-D248-4125-9129-BC655F082AD8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17BAF9DA-E605-42D2-8DF9-A7211ADBEA74",
"versionEndIncluding": "4.1\\(1a\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81771B6E-4D9D-470B-8072-50E9F1F654CD",
"versionEndIncluding": "4.1\\(1a\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6D87151-01B0-4069-861C-BBB57C493EB3",
"versionEndIncluding": "4.1\\(1a\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7561ED7-D773-4A88-B145-EEC3F7A6269B",
"versionEndIncluding": "4.1\\(1a\\)a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F063A1CB-6FC6-46EF-AF2E-1E211C7CA41F",
"versionEndIncluding": "3.2\\(3o\\)a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1888B66-5CF7-4D4D-B832-E2CF75D6EAD8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad Unidirectional Link Detection (UDLD) de Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, y Cisco NX-OS Software podr\u00eda permitir a un atacante adyacente no autenticado causar la recarga de un dispositivo afectado. Esta vulnerabilidad es debido a una comprobaci\u00f3n inapropiada de entrada de los paquetes UDLD. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes UDLD espec\u00edficamente dise\u00f1ados a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar la recarga del dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Nota: La funcionalidad UDLD est\u00e1 deshabilitada por defecto, y las condiciones para explotar esta vulnerabilidad son estrictas. Un atacante debe tener el control total de un dispositivo conectado directamente. En los dispositivos Cisco IOS XR, el impacto se limita a la recarga del proceso UDLD"
}
],
"id": "CVE-2021-34714",
"lastModified": "2024-11-21T06:11:01.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T03:15:18.153",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE7BCA11-7B09-43A3-A589-59D48402F564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8ABD8597-BDD8-4280-9743-63561B11A26A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C83E090-7C99-465A-A477-C2949B137720",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.8\\(3.5\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B17D00-490A-42CE-9DBB-EF8D30264546",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C9388C2C-75F4-487F-A7D8-4E17FD39A166",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC6D08-C547-44A3-AC77-A63DB58E4889",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D4C48-4D01-4761-B2D8-F16E90F78560",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE7BCA11-7B09-43A3-A589-59D48402F564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8ABD8597-BDD8-4280-9743-63561B11A26A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_2148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5BBD7E-7638-4725-B01E-37B0056521EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2224tp_ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6A29A1-C498-4F98-81B6-F920AB038507",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232pp_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A0F8DD-8150-45EB-8C0E-636C11C258A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232tm-e_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8DC1FE-89A4-4E8D-917C-A888F2475FDC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232tm_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8717918-2908-470C-BD41-6B466AF539F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248pq_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "572DBF51-E334-444B-B548-2539740E1D0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248tp-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8D3949-D212-4212-A651-07A631964448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248tp_ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2291E9C8-3816-49E6-843E-292686F5B6CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE7BCA11-7B09-43A3-A589-59D48402F564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8ABD8597-BDD8-4280-9743-63561B11A26A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:3.1\\(3a\\)a:*:*:*:*:*:*:*",
"matchCriteriaId": "9EAE8F9F-A0D5-4CE1-9DF7-5EFB36A45B5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0246716-64E9-4CCA-9546-A3A40D375E95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5581E60-8144-4630-9545-8DC0B7AD44A1",
"versionEndExcluding": "1.1.4.179",
"versionStartIncluding": "1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA77B46-C30C-4427-9401-6500B6221ACE",
"versionEndExcluding": "2.0.1.153",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0AC7D7-0569-497E-B38E-2758410A750D",
"versionEndExcluding": "2.1.1.86",
"versionStartIncluding": "2.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5712D110-FF7D-4A6A-A592-0245709BC6B3",
"versionEndExcluding": "2.2.1.70",
"versionStartIncluding": "2.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C9BF568-45B6-4087-8DB3-B806159AE075",
"versionEndExcluding": "2.2.2.17",
"versionStartIncluding": "2.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5581E60-8144-4630-9545-8DC0B7AD44A1",
"versionEndExcluding": "1.1.4.179",
"versionStartIncluding": "1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA77B46-C30C-4427-9401-6500B6221ACE",
"versionEndExcluding": "2.0.1.153",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0AC7D7-0569-497E-B38E-2758410A750D",
"versionEndExcluding": "2.1.1.86",
"versionStartIncluding": "2.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5712D110-FF7D-4A6A-A592-0245709BC6B3",
"versionEndExcluding": "2.2.1.70",
"versionStartIncluding": "2.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C9BF568-45B6-4087-8DB3-B806159AE075",
"versionEndExcluding": "2.2.2.17",
"versionStartIncluding": "2.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0574E77C-18C6-4621-B73A-DCDD6D1B5E37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el componente Cisco Discovery Protocol del software FXOS y Cisco NX-OS podr\u00eda permitir que un atacante adyacente no autenticado ejecute c\u00f3digo arbitrario como root o cree una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad existe debido a las cabeceras de paquete Cisco Discovery Protocol insuficientemente validadas. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un paquete Cisco Discovery Protocol a un dispositivo afectado adyacente en la capa 2. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante provoque un desbordamiento de b\u00fafer que le permitir\u00eda ejecutar c\u00f3digo arbitrario como root o provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el dispositivo afectado. Esta vulnerabilidad afecta a los siguientes productos si est\u00e1n configurados para emplear Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches en modo Application Centric Infrastructure (ACI), Nexus 9000 Series Switches en modo NX-OS independiente, los m\u00f3dulos Line Cards y Fabric de Nexus 9500 R-Series, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167."
}
],
"id": "CVE-2018-0303",
"lastModified": "2024-11-21T03:37:56.127",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-21T11:29:00.413",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB",
"versionEndExcluding": "4.0\\(1a\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "054D8EB2-97A3-4725-9DFF-27A4D231D90A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E762B981-6AC3-41E2-9FF5-DBA9616EA75C",
"versionEndExcluding": "6.2\\(25\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0041E4-EBDC-465A-B593-E7C353EF0D8F",
"versionEndExcluding": "8.3\\(2\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF06D835-FBE6-4866-B410-C2F66AEF68CD",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0C7252-4931-47EF-9AFD-0CE05C786613",
"versionEndExcluding": "7.3\\(4\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4",
"versionEndExcluding": "6.2\\(22\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3411F8C2-D65A-46CF-9563-0A9866462491",
"versionEndExcluding": "7.3\\(3\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8882184-A5B1-4F67-B942-FDEE2FFD43F4",
"versionEndExcluding": "8.2\\(3\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC2CF14-BF68-49FD-AFDE-886FD1A51520",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F8E70D-012F-4465-AC5B-D31563BE219A",
"versionEndExcluding": "2.2.2.91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2C8263-BA5C-41D0-ABD9-42925B94BF84",
"versionEndExcluding": "2.3.1.130",
"versionStartIncluding": "2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "564D0A43-37E4-477A-8ADD-5D2FC8092142",
"versionEndExcluding": "2.4.1.222",
"versionStartIncluding": "2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE",
"versionEndExcluding": "6.0\\(2\\)a8\\(11\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFCC3C2-3483-4BD0-AF71-23574D0849B1",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF06D835-FBE6-4866-B410-C2F66AEF68CD",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de los programas FXOS y NX-OS de Cisco podr\u00eda permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con elevados privilegios . Un atacante necesitar\u00eda credenciales de administrador para aprovechar esta vulnerabilidad."
}
],
"id": "CVE-2019-1782",
"lastModified": "2024-11-21T04:37:22.043",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T20:29:01.463",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108407"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-25 21:15
Modified
2024-11-21 04:23
Severity ?
Summary
A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges, which may lead to complete system compromise. An attacker would need valid administrator credentials to exploit this vulnerability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "844B2F51-6C6B-4B13-BDB2-95FB98323B04",
"versionEndExcluding": "7.0\\(3\\)i7\\(6\\)",
"versionStartIncluding": "6.0\\(2\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF64A744-B207-4EAB-B395-1E477AE7E730",
"versionEndExcluding": "9.2\\(3\\)",
"versionStartIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A49B703F-71AC-4D71-B20B-B373A1F20F2D",
"versionEndExcluding": "9.2\\(3\\)",
"versionStartIncluding": "7.0\\(3\\)f",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B87F05E-6442-4B82-9B9C-3FDC98116A79",
"versionEndExcluding": "7.3\\(5\\)n1\\(1\\)",
"versionStartIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F182AD1-6E51-456A-A8F7-8F3B92DBE4D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E94ECC2-7203-41AB-8FDA-92807B9336B2",
"versionEndExcluding": "8.0\\(1\\)",
"versionStartIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B22B3865-30E9-4B5A-A37D-DC33F1150FFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "459A7F11-52BF-4AD6-B495-4C4D6C050493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEACA55F-4335-4478-B608-EB92EE1D6C6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ABB175-81BE-4C46-BD2D-70016508BE22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71F93299-A715-4E97-87FE-B1E248EA98BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3AD807-5A0F-4DF5-9A7A-748205F409E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges, which may lead to complete system compromise. An attacker would need valid administrator credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en un comando CLI relacionado con el virtualization manager (VMAN) en el software Cisco NX-OS, podr\u00eda permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo Linux subyacente con privilegios root. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de los argumentos pasados a un comando espec\u00edfico de CLI de VMAN en un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante la inclusi\u00f3n de entradas maliciosas como argumento de un comando afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo Linux subyacente con privilegios root, lo que puede conllevar a un compromiso total del sistema. Un atacante necesitar\u00eda credenciales de administrador v\u00e1lidas para explotar esta vulnerabilidad."
}
],
"id": "CVE-2019-12717",
"lastModified": "2024-11-21T04:23:25.750",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-25T21:15:11.937",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-nxos-vman-cmd-inj"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-nxos-vman-cmd-inj"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-28 01:59
Modified
2024-11-21 02:23
Severity ?
Summary
The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 6.1\(2\) | |
| cisco | nx-os | 6.1\(3\) | |
| cisco | nx-os | 6.1\(4\) | |
| cisco | nx-os | 6.1\(4a\) | |
| cisco | nx-os | 6.2\(2\) | |
| cisco | nx-os | 6.2\(2a\) | |
| cisco | nx-os | 6.2\(6\) | |
| cisco | nx-os | 6.2\(6b\) | |
| cisco | nx-os | 6.2\(8\) | |
| cisco | nx-os | 6.2\(8a\) | |
| cisco | nx-os | 6.2\(8b\) | |
| cisco | nexus_7000 | * | |
| cisco | nexus_7700 | * | |
| cisco | nx-os | 6.0\(2\)n1\(1\) | |
| cisco | nx-os | 6.0\(2\)n1\(2\) | |
| cisco | nx-os | 6.0\(2\)n1\(2a\) | |
| cisco | nx-os | 6.0\(2\)n2\(1\) | |
| cisco | nx-os | 6.0\(2\)n2\(1b\) | |
| cisco | nx-os | 6.0\(2\)n2\(2\) | |
| cisco | nx-os | 6.0\(2\)n2\(3\) | |
| cisco | nx-os | 6.0\(2\)n2\(4\) | |
| cisco | nx-os | 6.0\(2\)n2\(5\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nexus_5010 | * | |
| cisco | nexus_5020 | * | |
| cisco | nexus_5548p | * | |
| cisco | nexus_5548up | * | |
| cisco | nexus_5596t | * | |
| cisco | nexus_5596up | * | |
| cisco | nexus_56128p | * | |
| cisco | nexus_5624q | * | |
| cisco | nexus_5648q | * | |
| cisco | nexus_5672up | * | |
| cisco | nexus_5696q | * | |
| cisco | nx-os | 6.0\(2\)n1\(2\) | |
| cisco | nx-os | 6.0\(2\)n1\(2a\) | |
| cisco | nx-os | 6.0\(2\)n2\(1\) | |
| cisco | nx-os | 6.0\(2\)n2\(1b\) | |
| cisco | nx-os | 6.0\(2\)n2\(2\) | |
| cisco | nx-os | 6.0\(2\)n2\(3\) | |
| cisco | nx-os | 6.0\(2\)n2\(4\) | |
| cisco | nx-os | 6.0\(2\)n2\(5\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nexus_6001 | * | |
| cisco | nexus_6004 | * | |
| cisco | nx-os | 6.1\(2\)i2\(1\) | |
| cisco | nx-os | 6.1\(2\)i2\(2\) | |
| cisco | nx-os | 6.1\(2\)i2\(2a\) | |
| cisco | nx-os | 6.1\(2\)i2\(2b\) | |
| cisco | nx-os | 6.1\(2\)i2\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(1\) | |
| cisco | nx-os | 6.1\(2\)i3\(2\) | |
| cisco | nx-os | 6.1\(2\)i3\(3\) | |
| cisco | nx-os | 11.0\(1b\) | |
| cisco | nx-os | 11.0\(1c\) | |
| cisco | nexus_93120tx | * | |
| cisco | nexus_93128tx | * | |
| cisco | nexus_9332pq | * | |
| cisco | nexus_9336pq_aci_spine | * | |
| cisco | nexus_9372px | * | |
| cisco | nexus_9372tx | * | |
| cisco | nexus_9396px | * | |
| cisco | nexus_9396tx | * | |
| cisco | nexus_9504 | * | |
| cisco | nexus_9508 | * | |
| cisco | nexus_9516 | * | |
| cisco | nx-os | 5.0\(3\)u3\(1\) | |
| cisco | nx-os | 5.0\(3\)u3\(2\) | |
| cisco | nx-os | 5.0\(3\)u3\(2a\) | |
| cisco | nx-os | 5.0\(3\)u3\(2b\) | |
| cisco | nx-os | 5.0\(3\)u4\(1\) | |
| cisco | nx-os | 5.0\(3\)u5\(1\) | |
| cisco | nx-os | 5.0\(3\)u5\(1a\) | |
| cisco | nx-os | 5.0\(3\)u5\(1b\) | |
| cisco | nx-os | 5.0\(3\)u5\(1c\) | |
| cisco | nx-os | 5.0\(3\)u5\(1d\) | |
| cisco | nx-os | 5.0\(3\)u5\(1e\) | |
| cisco | nx-os | 5.0\(3\)u5\(1f\) | |
| cisco | nx-os | 5.0\(3\)u5\(1g\) | |
| cisco | nx-os | 5.0\(3\)u5\(1h\) | |
| cisco | nx-os | 6.0\(2\)u1\(1\) | |
| cisco | nx-os | 6.0\(2\)u1\(1a\) | |
| cisco | nx-os | 6.0\(2\)u1\(2\) | |
| cisco | nx-os | 6.0\(2\)u1\(3\) | |
| cisco | nx-os | 6.0\(2\)u1\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(1\) | |
| cisco | nx-os | 6.0\(2\)u2\(2\) | |
| cisco | nx-os | 6.0\(2\)u2\(3\) | |
| cisco | nx-os | 6.0\(2\)u2\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(5\) | |
| cisco | nx-os | 6.0\(2\)u2\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(1\) | |
| cisco | nx-os | 6.0\(2\)u3\(2\) | |
| cisco | nx-os | 6.0\(2\)u3\(3\) | |
| cisco | nx-os | 6.0\(2\)u3\(4\) | |
| cisco | nx-os | 6.0\(2\)u3\(5\) | |
| cisco | nx-os | 6.0\(2\)u4\(1\) | |
| cisco | nx-os | 6.0\(2\)u4\(2\) | |
| cisco | nx-os | 6.0\(2\)u4\(3\) | |
| cisco | nx-os | 6.0\(2\)u5\(1\) | |
| cisco | nexus_3016 | * | |
| cisco | nexus_3048 | * | |
| cisco | nexus_3064 | * | |
| cisco | nexus_3132q | * | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | * | |
| cisco | nexus_3524 | * | |
| cisco | nexus_3548 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35E48EE6-C498-4E13-AC5E-28F6B4391725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A3B41075-01D1-4832-A025-07A378F2A5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "858E4134-643C-422C-8441-5372F4BC25D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A12BFDB0-4B90-4EB6-9CBE-A7A33C57EA9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2FDE8EF9-47CF-451D-9570-3D369D74D44F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "55A760CE-5E63-4A6B-8DA3-A473BC3900E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0E738E86-B75F-48BF-9E76-C7DD470F3688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "68C6090F-0B05-46F0-8A67-928FE1C36D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FBD345BD-83EF-4913-A0F3-74E52AD76BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46B2B97B-DDB7-4208-BF1A-D10C8A075A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "317C8BE8-84DA-43D5-AE93-7E7DCDE6883E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16DE0FB3-1DC2-4BA4-BD26-FF6E7C06EC11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDE36822-4657-457A-B260-BEEE914B5057",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C871A419-B769-46B2-956E-467BBE94F290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7EACF481-3E4B-4580-8AE7-3D49790E0715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "698ABD3F-C9DE-4376-B57A-D05AEDCD9A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5010EDAE-67BB-4E23-B0F5-10096A7DAB54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "84CF5114-731F-4BF4-83E0-9B095C34541C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4750621F-E7C5-4E6A-BC5F-232E75A454E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "08F35A63-9343-47D6-AB91-37AB148137E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CADBDD1D-DA17-40EE-8B23-81E9991387DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A623F8E1-B97B-41DD-947F-7E1B65DD6902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD613D8F-099C-43A1-BD29-A98250E1334A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "576B74DF-9527-4931-B1A3-8FEE1DB1AD99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63949081-E2F3-4EB4-BABC-270AAB19EE78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C498AF62-0B67-4CBE-B635-2665B7B6AB5B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90564BCC-F093-4E48-8188-AB07B2F6A65D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E34A8EA1-170C-443B-8EE1-CBA6EB8B2465",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B657BB8-4E6D-41B0-870A-3E973D2642A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1637A625-07C8-45E5-8896-591635821C87",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFECF84E-3826-4DCC-8F1B-7A6FAFD9F07F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD45884E-1573-48C2-98C0-3FC4A404CCD4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D163F5E-F5E9-4553-BA68-E7B965423E05",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBB1AF7A-6FFA-4DB3-8CD9-324D0D15EBB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CBBD6CC-7EC0-4D49-BD27-436290398F9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD9B812-271E-4155-BAAD-DDC50808F014",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7EACF481-3E4B-4580-8AE7-3D49790E0715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "698ABD3F-C9DE-4376-B57A-D05AEDCD9A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5010EDAE-67BB-4E23-B0F5-10096A7DAB54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "84CF5114-731F-4BF4-83E0-9B095C34541C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4750621F-E7C5-4E6A-BC5F-232E75A454E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "08F35A63-9343-47D6-AB91-37AB148137E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CADBDD1D-DA17-40EE-8B23-81E9991387DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A623F8E1-B97B-41DD-947F-7E1B65DD6902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD613D8F-099C-43A1-BD29-A98250E1334A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "576B74DF-9527-4931-B1A3-8FEE1DB1AD99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63949081-E2F3-4EB4-BABC-270AAB19EE78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:*:*:*:*:*:*:*:*",
"matchCriteriaId": "991C8B44-CD6D-4A86-BEDC-EEE4DF1C33E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C7E0DD8-54BF-4C91-B163-288FEF443234",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1BB0F49B-85C0-4C52-82E0-C2683D43B553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9ABB647D-B91E-4C2F-9FBE-1C9AAB27E2D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "384B7337-1C2F-479E-BB2B-F31320D82EE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9ED50316-7044-4757-9C51-5543BA5693A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1CB11917-C606-4025-A91A-596F7D47A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69B757AE-83C8-4194-9BAE-DBECA2021597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB1A44C9-147B-4D1F-AB98-EB4F9F8C1C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "702EF8D5-1F3F-45EF-AC8D-BD5A9E46A78E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C64CC640-B37D-4064-8946-B8CCCDE1A6EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E8983275-20C6-487E-A265-3836F06AB226",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4191D5D-2DAE-42E8-9DF8-54BF94F6357F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22D2DC70-84C1-43B1-892F-CB42F97B4308",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F85E999E-B350-42DF-85C2-9AD9B95143BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C6E98BF-2B00-4F94-9643-E136AAA51A15",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:*:*:*:*:*:*:*:*",
"matchCriteriaId": "910E9554-5B27-4120-A2BA-6BC1DBD93B4A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DE2807-88F4-4830-8C66-FA2694040012",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47A47B73-31E2-4A02-9AA8-6450501A3B03",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42F184B8-36B2-47CA-97ED-8A50E8C55EAC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:*:*:*:*:*:*:*:*",
"matchCriteriaId": "291ADF89-15B3-4405-A5A1-16DBCED41B5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB1F31A-0068-4A7F-8019-8CE7E792529D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:*:*:*:*:*:*:*:*",
"matchCriteriaId": "444564EE-97FA-41E1-801E-1C38B853D321",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "641D651A-B85B-4E9E-BE92-35AFAE8A63A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7810F6FD-F58F-4121-9D30-8C5E3E163EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09C38DCD-2A5F-4095-ABA4-02E95D93C358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "103A4C19-0E91-45FC-9AA2-F40215FCF63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F61C03B-D7AB-468A-B092-158730FB3E0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F883AA8-CC44-4440-AB30-D7AC29C242F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7390B4D2-2121-4311-A798-337E8B777A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "924C6663-9EA0-4124-ACC6-0AFC649AEA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3C559C83-FB34-4B1A-A6B3-1834D6CD022C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F422D53-4FF4-43FB-8F62-D53393A8C038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7CFFFE88-17EA-4515-BF71-C0AB82957B21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6EF14E5C-B776-4A04-A5CC-853CFF2816B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF7E681A-F354-4093-84A9-5A357EAB1559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B627C66-CFE1-40B9-8264-392BB091EA52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5BFA21F2-E2B2-49B6-9956-D6219D499F7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52899164-992D-4736-B460-FDFB825DB7A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8766DA4C-A25C-48D4-A6FC-2357200A9215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B6C48105-F73E-40C9-8CD9-B46C5319FB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94F5B47A-023B-4415-8DB9-6829C5E72901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "618861BD-8FEE-4EF8-BFFB-A5BCBA8EA3EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6459DD6B-6DC1-4C14-A8E7-4503ED5F69BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA600413-FC70-4776-99DF-180C96D4FD24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ECC9066F-3082-48A0-BA52-9ED9420EA47A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "78611E25-E33E-4C88-A681-97B5A2A01B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "780B04ED-412E-441F-8717-D8F9257F5699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FC6A3647-2AF0-4D45-BCC9-24618B43ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AD2AABBD-8680-4615-A4E2-B607CB1B0979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "693F444B-FA34-489C-BB45-E9185DE47816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "13669043-3F12-4439-812F-6DE35F70B159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58A8BDE0-2F73-4E0C-B73A-918DB3352067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "10BFAE68-01C5-4EF8-8B86-F470092E9034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6D02FC11-EB21-45CD-A070-89C4862240BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8C67AE59-380A-402B-9B2A-F595E001637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C71ED401-6786-4AAE-A98F-BE4732256A7D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CE8BF90-B19C-4EA7-ACF8-37AEF624C1EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7918D88F-AF51-42B1-8C8E-587D6714DEB8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7623D2B2-B37D-48BF-BB77-FF9FBB07D98F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:*:*:*:*:*:*:*:*",
"matchCriteriaId": "133078DA-A6A7-41FC-AB28-BCE5B3600B48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22089EF2-B027-4B88-A3F8-229A65D9DDEA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E613A55C-F925-42A9-9A09-F03B0350B3B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12F474C7-EB30-4069-A723-54269F5AFFE8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589."
},
{
"lang": "es",
"value": "La implementaci\u00f3n DHCP en la caracter\u00edstica PowerOn Auto Provisioning (POAP) en Cisco NX-OS no restringe correctamente el proceso de inicializaci\u00f3n, lo que permite a atacantes remotos ejecutar comandos arbitrarios como root mediante el env\u00edo de paquetes de respuestas manipulados en la red local, tambi\u00e9n conocido como Bug ID CSCur14589."
}
],
"id": "CVE-2015-0658",
"lastModified": "2024-11-21T02:23:29.213",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-28T01:59:49.210",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38062"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1031992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031992"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-05 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D562562-099B-47D6-8A27-592960AEDB5C",
"versionEndExcluding": "9.3\\(2\\)",
"versionStartIncluding": "7.0\\(3\\)f2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBBBECB4-431D-42AE-9A15-E1B8C7186EE2",
"versionEndExcluding": "7.0\\(3\\)i7\\(8\\)",
"versionStartIncluding": "7.0\\(3\\)i",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E305E4CC-859B-4697-A7C9-A55BA55FF949",
"versionEndExcluding": "7.3\\(6\\)n1\\(1\\)",
"versionStartIncluding": "7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68A586A3-0291-4BA3-9211-6EE0BBB7F39C",
"versionEndExcluding": "9.3\\(2\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A415FC0-EC1A-4172-B88E-5AC3BEE291BE",
"versionEndExcluding": "14.2\\(1j\\)",
"versionStartIncluding": "14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BA5E06-2264-4292-93E5-D32A2D81600E",
"versionEndExcluding": "3.2\\(3m\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA485BA3-323E-4505-BBE1-4B2AC9E5A00D",
"versionEndExcluding": "4.0\\(4f\\)",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC04D48B-8B2F-45E1-A445-A87E92E790B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de Cisco Discovery Protocol para Cisco NX-OS Software, podr\u00eda permitir a un atacante adyacente no autenticado ejecutar c\u00f3digo arbitrario o causar una recarga sobre un dispositivo afectado. La vulnerabilidad se presenta porque el analizador de Cisco Discovery Protocol no comprueba apropiadamente la entrada para determinados campos en un mensaje de Cisco Discovery Protocol. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete malicioso de Cisco Discovery Protocol hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un desbordamiento del b\u00fafer de la pila, lo que podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario con privilegios administrativos sobre un dispositivo afectado. Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe encontrarse en el mismo dominio de difusi\u00f3n que el dispositivo afectado (Capa 2 adyacente)."
}
],
"id": "CVE-2020-3119",
"lastModified": "2024-11-21T05:30:21.903",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-05T18:15:10.987",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-25 20:15
Modified
2024-11-21 05:44
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service (DoS) condition. This vulnerability is due to a logic error in the implementation of the system login block-for command when an attack is detected and acted upon. An attacker could exploit this vulnerability by performing a brute-force login attack on an affected device. A successful exploit could allow the attacker to cause a login process to reload, which could result in a delay during authentication to the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(0.116\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BC4593C9-29B1-4456-AF09-5ACBEABEF68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B2B7951C-8376-49C3-BF50-E6B65909A739",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B22B3865-30E9-4B5A-A37D-DC33F1150FFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "459A7F11-52BF-4AD6-B495-4C4D6C050493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEACA55F-4335-4478-B608-EB92EE1D6C6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36145717-6348-466D-87B4-B1A19F17BA55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7009:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4831C5F4-AF09-4951-B7AC-9DAF1C7045B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BBDCF9-562C-44BA-B709-F91346F6F99F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7018:-:*:*:*:*:*:*:*",
"matchCriteriaId": "276BD181-125C-48EC-984C-29BAE20C21F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ABB175-81BE-4C46-BD2D-70016508BE22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71F93299-A715-4E97-87FE-B1E248EA98BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3AD807-5A0F-4DF5-9A7A-748205F409E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596B885-5312-489B-BBDB-A5374E525DE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42EC10DA-FE01-4BA3-B49F-B164F697D4BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1655CC-9BD5-4BD5-B113-776E4335D556",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA6F9ED-50A1-4D61-BC83-438585646856",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_computing_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D99FFFFF-952F-4252-A08A-CDC3E6084595",
"versionEndExcluding": "4.0\\(4m\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:unified_computing_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89885F95-856F-47A6-8EEA-CBFF3D2D59A8",
"versionEndExcluding": "4.1\\(3d\\)",
"versionStartIncluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_computing_system_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D7657D9-1513-4F6C-8FCC-A8E78FE6982E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:unified_computing_system_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D58479-CC4C-4CFE-9D7D-868063994AF3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:unified_computing_system_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "284368C0-501F-4E6C-B27C-39B81626F324",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:unified_computing_system_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DE795E-5E9E-4F35-B3A6-BF4FFCB2A793",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:unified_computing_system_6332-16up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25B45087-CFAA-4A3A-A572-BC0290E8F7FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service (DoS) condition. This vulnerability is due to a logic error in the implementation of the system login block-for command when an attack is detected and acted upon. An attacker could exploit this vulnerability by performing a brute-force login attack on an affected device. A successful exploit could allow the attacker to cause a login process to reload, which could result in a delay during authentication to the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n del comando system login block-for para el Software Cisco NX-OS, podr\u00eda permitir a un atacante remoto no autenticado causar que un proceso de inicio de sesi\u00f3n se reinicie inesperadamente, causando una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido a un error l\u00f3gico en la implementaci\u00f3n del comando system login block-for cuando es detectado un ataque y se act\u00faa en consecuencia. Un atacante podr\u00eda aprovechar esta vulnerabilidad al llevar a cabo un ataque de inicio de sesi\u00f3n por fuerza bruta en un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una recarga del proceso de inicio de sesi\u00f3n, que podr\u00eda resultar en un retraso durante la autenticaci\u00f3n en el dispositivo afectado."
}
],
"id": "CVE-2021-1590",
"lastModified": "2024-11-21T05:44:41.597",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-25T20:15:11.657",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-login-blockfor-RwjGVEcu"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-login-blockfor-RwjGVEcu"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this specific, valid BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause one of the BGP-related routing applications to restart multiple times, leading to a system-level restart. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA35D4AA-24B3-428E-84ED-804EF941E9A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this specific, valid BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause one of the BGP-related routing applications to restart multiple times, leading to a system-level restart. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de Border Gateway Protocol (BGP) Multicast VPN (MVPN) de Cisco NX-OS Software, podr\u00eda permitir a un atacante remoto no autenticado causar que un dispositivo afectado se recargue inesperadamente, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a una comprobaci\u00f3n incompleta de entrada de un tipo espec\u00edfico de mensaje de actualizaci\u00f3n de BGP MVPN. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de este mensaje de actualizaci\u00f3n de BGP MVPN espec\u00edfico y v\u00e1lido hacia un dispositivo objetivo. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que una de las aplicaciones de enrutamiento relacionadas con BGP se reinicie varias veces, conllevando a un reinicio a nivel del sistema. Nota: La implementaci\u00f3n de Cisco de BGP acepta tr\u00e1fico BGP entrante solo de peers configurados expl\u00edcitamente. Para explotar esta vulnerabilidad, un atacante debe enviar un mensaje de actualizaci\u00f3n de BGP MVPN espec\u00edfico por medio de una conexi\u00f3n TCP establecida que parece provenir de un peer BGP confiable. Para hacerlo, el atacante debe obtener informaci\u00f3n sobre los peers BGP en la red confiable del sistema afectado"
}
],
"id": "CVE-2020-3397",
"lastModified": "2024-11-21T05:30:57.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-27T16:15:12.143",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-20 21:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the IGMP Snooping subsystem. An attacker could exploit this vulnerability by sending crafted IGMP packets to an affected system. An exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCuv79620, CSCvg71263.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosigmp | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosigmp | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D75479AD-9847-497C-9438-AA82D91B6F71",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6004E45-878B-4034-AD67-8D2CCB01E9B6",
"versionEndExcluding": "8.1\\(2\\)",
"versionStartIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA142B0-238F-45D7-B203-7A71EEB0C7BF",
"versionEndExcluding": "13.1\\(1i\\)",
"versionStartIncluding": "12.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7863D91-BA8E-4FB4-9294-8E0B92F42825",
"versionEndIncluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAEED288-9710-4758-8F6A-50BB6CF8338F",
"versionEndExcluding": "7.0\\(3\\)i7\\(1\\)",
"versionStartIncluding": "7.0\\(3\\)i5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC6D08-C547-44A3-AC77-A63DB58E4889",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D4C48-4D01-4761-B2D8-F16E90F78560",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D75479AD-9847-497C-9438-AA82D91B6F71",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_2148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5BBD7E-7638-4725-B01E-37B0056521EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2224tp_ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6A29A1-C498-4F98-81B6-F920AB038507",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232pp_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A0F8DD-8150-45EB-8C0E-636C11C258A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232tm-e_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8DC1FE-89A4-4E8D-917C-A888F2475FDC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232tm_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8717918-2908-470C-BD41-6B466AF539F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248pq_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "572DBF51-E334-444B-B548-2539740E1D0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248tp-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8D3949-D212-4212-A651-07A631964448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248tp_ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2291E9C8-3816-49E6-843E-292686F5B6CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D75479AD-9847-497C-9438-AA82D91B6F71",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the IGMP Snooping subsystem. An attacker could exploit this vulnerability by sending crafted IGMP packets to an affected system. An exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCuv79620, CSCvg71263."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la caracter\u00edstica Snooping IGMP (Internet Group Management Protocol) del software Cisco NX-OS podr\u00eda permitir que un atacante adyacente sin autenticar ejecute c\u00f3digo arbitrario y obtenga el control total de un sistema afectado. El atacante podr\u00eda tambi\u00e9n hacer que el sistema afectado se reinicie, provocando una denegaci\u00f3n de servicio (DoS) en consecuencia. Esta vulnerabilidad se debe a un desbordamiento de b\u00fafer en el subsistema IGMP Snooping. Un atacante podr\u00eda explotar esta vulnerabilidad enviando paquetes IGMP manipulados a un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante ejecute c\u00f3digo arbitrario y obtenga el control total del sistema afectado o haga que el sistema afectado se reinicie, provocando una denegaci\u00f3n de servicio (DoS) como consecuencia. Esta vulnerabilidad afecta a Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode y Nexus 9000 Series Switches en modo NX-OS independiente. Cisco Bug IDs: CSCuv79620, CSCvg71263."
}
],
"id": "CVE-2018-0292",
"lastModified": "2024-11-21T03:37:54.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-20T21:29:00.297",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosigmp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosigmp"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108394 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108394 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1D583A-2AB3-4E66-9DE9-24AD9CE0C850",
"versionEndExcluding": "2.4.1.101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
"matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E762B981-6AC3-41E2-9FF5-DBA9616EA75C",
"versionEndExcluding": "6.2\\(25\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86770ECC-BC1D-42BC-A65B-FCE598491BEE",
"versionEndExcluding": "8.1\\(1b\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4863FC5-6578-48DE-838D-E5D2EEFF27B1",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B25B92ED-37C0-4653-9C5E-B4C13C46464C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2374E02D-46FE-477F-A74D-49E72149E6EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C44335D8-8A78-486C-A325-9691FA4C3271",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF06D835-FBE6-4866-B410-C2F66AEF68CD",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0C7252-4931-47EF-9AFD-0CE05C786613",
"versionEndExcluding": "7.3\\(4\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4",
"versionEndExcluding": "6.2\\(22\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3411F8C2-D65A-46CF-9563-0A9866462491",
"versionEndExcluding": "7.3\\(3\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02E6779A-5759-4A83-B884-1B47FC124A22",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de los programas FXOS y NX-OS de Cisco podr\u00eda permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con elevados privilegios. Un atacante necesitar\u00eda credenciales de administrador para aprovechar esta vulnerabilidad."
}
],
"id": "CVE-2019-1779",
"lastModified": "2024-11-21T04:37:21.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 3.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T20:29:01.320",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108394"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108394"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-24 20:15
Modified
2024-11-21 05:44
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Summary
A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A2F42DB-B22B-4880-BA73-D0E0295190DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "85A8B2D7-BCF2-4B2E-8208-7D2FDF717C65",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D14D4B4E-120E-4607-A4F1-447C7BF3052E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15702ACB-29F3-412D-8805-E107E0729E35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32A532C0-B0E3-484A-B356-88970E7D0248",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43913A0E-50D5-47DD-94D8-DD3391633619",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de un servicio de administraci\u00f3n de archivos interno para Cisco Nexus 3000 Series Switches y Cisco Nexus 9000 Series Switches en modo NX-OS dedicado que ejecutan el software Cisco NX-OS podr\u00eda permitir a un atacante remoto no autenticado crear, eliminar o sobrescribir archivos arbitrarios con privilegios de root en el dispositivo.\u0026#xa0;Esta vulnerabilidad se presenta porque el puerto TCP 9075 est\u00e1 configurado incorrectamente para escuchar y responder a peticiones de conexi\u00f3n externa.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes TCP dise\u00f1ados a una direcci\u00f3n IP configurada en una interfaz local en el puerto TCP 9075. Un ataque exitoso podr\u00eda permitir al atacante crear, eliminar o sobrescribir archivos arbitrarios, incluidos archivos confidenciales relacionados a la configuraci\u00f3n del dispositivo.\u0026#xa0;Por ejemplo, el atacante podr\u00eda agregar una cuenta de usuario sin que el administrador del dispositivo lo sepa"
}
],
"id": "CVE-2021-1361",
"lastModified": "2024-11-21T05:44:10.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.4,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-24T20:15:13.287",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-552"
}
],
"source": "ykramarz@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-03 02:00
Modified
2024-11-21 02:23
Severity ?
Summary
The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service (device reload) via unspecified vectors, aka Bug ID CSCuq92240.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 6.1\(2\)i2\(3\) | |
| cisco | nexus_9000 | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1CB11917-C606-4025-A91A-596F7D47A311",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service (device reload) via unspecified vectors, aka Bug ID CSCuq92240."
},
{
"lang": "es",
"value": "La implementaci\u00f3n SNMP en Cisco NX-OS 6.1(2)I2(3) en los dispositivos Nexus 9000, cuando una pol\u00edtica Reset High Availability (HA) est\u00e1 configurada, permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCuq92240."
}
],
"id": "CVE-2015-0686",
"lastModified": "2024-11-21T02:23:32.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-03T02:00:25.097",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38193"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1032021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032021"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-08-19 15:59
Modified
2024-11-21 02:30
Severity ?
Summary
Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=40470 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securityfocus.com/bid/76372 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1033327 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=40470 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/76372 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1033327 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 7.3\(0\)zn\(0.81\) | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_31128pq | * | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3264q | - | |
| cisco | nexus_3524 | - | |
| cisco | nexus_3548 | - | |
| cisco | nx-os | 7.3\(0\)zn\(0.81\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nx-os | 7.3\(0\)zn\(0.81\) | |
| cisco | nexus_1000v | - | |
| cisco | nx-os | 4.1\(2\)e1\(1c\) | |
| cisco | nexus_4001i | - | |
| cisco | nx-os | 7.2\(0\)n1\(0.1\) | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)zn\\(0.81\\):*:*:*:*:*:*:*",
"matchCriteriaId": "49BBF13E-A73F-4042-A263-DCA99DD75D48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E262B017-866F-4C82-895B-F92B8D49E469",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)zn\\(0.81\\):*:*:*:*:*:*:*",
"matchCriteriaId": "49BBF13E-A73F-4042-A263-DCA99DD75D48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)zn\\(0.81\\):*:*:*:*:*:*:*",
"matchCriteriaId": "49BBF13E-A73F-4042-A263-DCA99DD75D48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:nexus_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75364901-EF60-471D-9119-63835F6BF139",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6F6ED843-F0BB-46B6-BD11-982B96977123",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_4001i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB68FC53-5CD6-445F-9BB5-1F3724D92A4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)n1\\(0.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "185B1E14-1944-4BD2-AA45-0F5025EDDC84",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00faffer en Cisco NX-OS en dispositivos Nexus 1000V para VMware vSphere 7.3(0)ZN(0.81), dispositivos Nexus 3000 7.3(0)ZN(0.81), dispositivos Nexus 4000 4.1(2)E1(1c), dispositivos Nexus 7000 7.2(0)N1(0.1), y dispositivos Nexus 9000 7.3(0)ZN(0.81), permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio del proceso IGMP) a trav\u00e9s de un paquete IGMPv3 mal formado que es manejado incorrectamente durante la asignaci\u00f3n de memoria, tambi\u00e9n conocida como Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732 y CSCuv48908."
}
],
"id": "CVE-2015-4324",
"lastModified": "2024-11-21T02:30:50.107",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-08-19T15:59:06.837",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40470"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/76372"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/76372"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033327"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-30 09:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9501608B-3811-4C33-BDA1-721045284C7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F363BEDD-A8AC-4FB6-87DC-708F97F8375E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E40D9097-C95A-4813-9DEE-89CA75820524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "399568C2-4198-4D2C-B694-FF4EFE5E4710",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F762E87A-BF80-4D33-ADDA-84369E068005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B25B92ED-37C0-4653-9C5E-B4C13C46464C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2374E02D-46FE-477F-A74D-49E72149E6EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C44335D8-8A78-486C-A325-9691FA4C3271",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8C2A169-117C-4F64-A6F0-748E7686260A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1A9850-0AF6-48B1-8D7B-309135DE7A27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4:*:*:*:*:*:*:*",
"matchCriteriaId": "E42217F8-C85B-45D4-BA3B-F4303947E355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEBF467-C2E2-4ED9-8E8A-02E062E734D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8:*:*:*:*:*:*:*",
"matchCriteriaId": "9DCBF1FE-C124-4DBA-B127-D484D5C9110C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEBF467-C2E2-4ED9-8E8A-02E062E734D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f:*:*:*:*:*:*:*",
"matchCriteriaId": "E575893D-81E5-47E6-9531-50E044C2C3D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF918D59-4D57-4C18-9FF5-AE6636F24484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE85C54-276F-462E-808A-23D3E54D31BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9501608B-3811-4C33-BDA1-721045284C7D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE85C54-276F-462E-808A-23D3E54D31BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9501608B-3811-4C33-BDA1-721045284C7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B36B056-C068-4413-B648-1D1D6026B823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F363BEDD-A8AC-4FB6-87DC-708F97F8375E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E40D9097-C95A-4813-9DEE-89CA75820524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "399568C2-4198-4D2C-B694-FF4EFE5E4710",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B22B3865-30E9-4B5A-A37D-DC33F1150FFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "459A7F11-52BF-4AD6-B495-4C4D6C050493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEACA55F-4335-4478-B608-EB92EE1D6C6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ABB175-81BE-4C46-BD2D-70016508BE22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71F93299-A715-4E97-87FE-B1E248EA98BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3AD807-5A0F-4DF5-9A7A-748205F409E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad NX-API de Cisco NX-OS Software, podr\u00eda permitir a un atacante remoto no autenticado causar que un proceso del sistema NX-API se reinicie inesperadamente. La vulnerabilidad es debido a una comprobaci\u00f3n incorrecta del encabezado HTTP de una petici\u00f3n que se env\u00eda a NX-API. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una petici\u00f3n HTTP especialmente dise\u00f1ada a NX-API en un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el servicio NX-API; sin embargo, el dispositivo NX-OS en s\u00ed todav\u00eda estar\u00eda disponible y pasando el tr\u00e1fico de red. Nota: La funcionalidad NX-API est\u00e1 deshabilitada por defecto."
}
],
"id": "CVE-2019-1968",
"lastModified": "2024-11-21T04:37:47.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-30T09:15:20.380",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-116"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-30 09:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7688EC58-4647-4A08-9E86-A71EA7C41B88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1D43B9D6-0991-4370-9369-C0A1EDBF6627",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f:*:*:*:*:*:*:*",
"matchCriteriaId": "E575893D-81E5-47E6-9531-50E044C2C3D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1D43B9D6-0991-4370-9369-C0A1EDBF6627",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de la funcionalidad Simple Network Management Protocol (SNMP) Access Control List (ACL) de Cisco NX-OS Software, podr\u00eda permitir a un atacante remoto no autenticado realizar el sondeo SNMP de un dispositivo afectado, incluso si se configura para denegar el tr\u00e1fico SNMP. La vulnerabilidad es debido a una comprobaci\u00f3n de longitud incorrecta cuando el nombre de ACL configurado es de la longitud m\u00e1xima, que es 32 caracteres ASCII. Un atacante podr\u00eda explotar esta vulnerabilidad realizando el sondeo SNMP de un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante realizar el sondeo SNMP que deber\u00eda haber sido denegado. El atacante no tiene ning\u00fan control de la configuraci\u00f3n del nombre de la ACL de SNMP."
}
],
"id": "CVE-2019-1969",
"lastModified": "2024-11-21T04:37:47.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-30T09:15:20.443",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-20 21:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D75479AD-9847-497C-9438-AA82D91B6F71",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6004E45-878B-4034-AD67-8D2CCB01E9B6",
"versionEndExcluding": "8.1\\(2\\)",
"versionStartIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93C9AFED-1347-4B0E-B031-AF5EA891B9BD",
"versionEndExcluding": "7.0\\(3\\)i3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C899EF-A64F-4FD8-851C-1D4E2929BAF4",
"versionEndExcluding": "7.0\\(3\\)i7\\(1\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93C9AFED-1347-4B0E-B031-AF5EA891B9BD",
"versionEndExcluding": "7.0\\(3\\)i3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C899EF-A64F-4FD8-851C-1D4E2929BAF4",
"versionEndExcluding": "7.0\\(3\\)i7\\(1\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC6D08-C547-44A3-AC77-A63DB58E4889",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D4C48-4D01-4761-B2D8-F16E90F78560",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D75479AD-9847-497C-9438-AA82D91B6F71",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02DD5791-E4D3-475C-84B0-E642ACFC5EB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEB1EB12-3456-4001-9CF0-D9E25CCD3A54",
"versionEndExcluding": "2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "129FB11D-7F37-4951-A3D2-9C12F74F5583",
"versionEndExcluding": "3.2\\(2b\\)",
"versionStartIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0246716-64E9-4CCA-9546-A3A40D375E95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el procesador de paquetes entrantes SNMP (Simple Network Management Protocol) del software Cisco NX-OS podr\u00eda permitir que la aplicaci\u00f3n SNMP se reinicie inesperadamente en un dispositivo afectado. La vulnerabilidad se debe a la validaci\u00f3n incorrecta de unidades de datos del protocolo SNMP (PDU) en los paquetes SNMP. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un paquete SNMP manipulado a un dispositivo afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante provoque que la aplicaci\u00f3n SNMP se reinicie varias veces, lo que conduce a un reinicio a nivel de sistema y a una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad afecta a Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches en modo NX-OS independiente, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977."
}
],
"id": "CVE-2018-0291",
"lastModified": "2024-11-21T03:37:54.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-20T21:29:00.217",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-11 21:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/107317 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107317 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "980B41C7-4122-4D8B-9AAB-2D7BBBC5A7B3",
"versionEndExcluding": "4.2\\(0.21c\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
"matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9134:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB00911-C0B0-4A4E-A0B9-413EC9D9C25A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1888B66-5CF7-4D4D-B832-E2CF75D6EAD8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de gesti\u00f3n del software de Cisco Application Policy Infrastructure Controller (APIC) podr\u00eda permitir a un atacante adyacente sin autenticar obtener acceso no autorizado a un dispositivo afectado. La vulnerabilidad se debe a una falta de mecanismos de control de acceso adecuados para la conectividad IPv6 (link-local) que se impone en la interfaz de gesti\u00f3n de un dispositivo afectado. Un atacante en la misma red f\u00edsica podr\u00eda explotar esta vulnerabilidad intentando conectarse a la direcci\u00f3n IPv6 (link local) en el dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante omitir las restricciones de control de acceso en un dispositivo afectado. Los dispositivos de Cisco Application Policy Controller (APIC) en versiones anteriores a 4.2(0.21c) se ven afectados."
}
],
"id": "CVE-2019-1690",
"lastModified": "2024-11-21T04:37:06.480",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-11T21:29:01.090",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107317"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-02-07 11:59
Modified
2024-11-21 02:46
Severity ?
Summary
Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
| sun | opensolaris | snv_124 | |
| zyxel | gs1900-10hp_firmware | * | |
| zzinc | keymouse_firmware | 3.08 | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nx-os | base | |
| sun | opensolaris | snv_124 | |
| zyxel | gs1900-10hp_firmware | * | |
| zzinc | keymouse_firmware | 3.08 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5867B4-EC19-45D4-87BE-867E1D41ECD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_124:*:sparc:*:*:*:*:*",
"matchCriteriaId": "09B35C0E-6CBA-4B6B-BCD2-F5CC0BF8CF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:gs1900-10hp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21D9999F-C55E-4BAB-A401-007FB34B2A5E",
"versionEndExcluding": "2.50\\(aazi.0\\)c0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zzinc:keymouse_firmware:3.08:*:*:*:*:windows:*:*",
"matchCriteriaId": "83223AC7-22F3-4FCA-B11B-B769086DCF04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*",
"matchCriteriaId": "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_124:*:sparc:*:*:*:*:*",
"matchCriteriaId": "09B35C0E-6CBA-4B6B-BCD2-F5CC0BF8CF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zyxel:gs1900-10hp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21D9999F-C55E-4BAB-A401-007FB34B2A5E",
"versionEndExcluding": "2.50\\(aazi.0\\)c0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zzinc:keymouse_firmware:3.08:*:*:*:*:windows:*:*",
"matchCriteriaId": "83223AC7-22F3-4FCA-B11B-B769086DCF04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998."
},
{
"lang": "es",
"value": "Dispositivos Cisco Application Policy Infrastructure Controller (APIC) con software anterior a 1.0(3h) y 1.1 en versiones anteriores a 1.1(1j) y switches Nexus 9000 ACI Mode con software anterior a 11.0(3h) y 11.1 en versiones anteriores a 11.1(1j) permite a usuarios remotos autenticados eludir las restricciones destinadas RBAC a trav\u00e9s de peticiones REST manipuladas, tambi\u00e9n conocido como Bug ID CSCut12998."
}
],
"id": "CVE-2016-1302",
"lastModified": "2024-11-21T02:46:08.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-02-07T11:59:01.943",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1034925"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034925"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-16 02:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108386 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108386 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D14AF388-8D72-45DF-A268-4ACE8472F65C",
"versionEndExcluding": "8.3\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de un comando CLI espec\u00edfico para el programa NX-OS de isco podr\u00eda permitir que un atacante local autenticado con credenciales de administrador origine una condici\u00f3n de desbordamiento del b\u00fafer o realice una inyecci\u00f3n de comandos. Esto podr\u00eda permitir al atacante ejecutar comandos arbitrarios con privilegios elevados en el sistema operativo subyacente de un dispositivo afectado. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos pasados ??a un determinado comando CLI. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento del comando CLI afectado. Un aprovechamiento exitoso podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios de root. Un atacante necesitar\u00eda credenciales de administrador v\u00e1lidas para explotar estas vulnerabilidades."
}
],
"id": "CVE-2019-1768",
"lastModified": "2024-11-21T04:37:20.043",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-16T02:29:00.247",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108386"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-27 10:59
Modified
2024-11-21 02:30
Severity ?
Summary
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=39529 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securityfocus.com/bid/75433 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1032735 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=39529 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/75433 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032735 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 1.0\(1.110a\) | |
| cisco | nx-os | 1.0\(1e\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:1.0\\(1.110a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ADE956FC-1BEF-40E6-AD94-B61ABBAC22EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:1.0\\(1e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "60E0DFB9-D722-445D-B9CD-AA36B4CDC659",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485."
},
{
"lang": "es",
"value": "Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) y 1.0(1e) en los dispositivos Nexus 9000 no implementa correctamente la puntuaci\u00f3n de salud RBAC, lo que permite a usuarios remotos autenticados obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCuq77485."
}
],
"id": "CVE-2015-4225",
"lastModified": "2024-11-21T02:30:40.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-27T10:59:01.173",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39529"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75433"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032735"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032735"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. To exploit this vulnerability, the attacker would need to have valid credentials for the affected device. The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command. A successful exploit could allow the attacker to gain full administrative privileges without using the enable password. Note: The Enable Secret feature is disabled by default.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA35D4AA-24B3-428E-84ED-804EF941E9A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. To exploit this vulnerability, the attacker would need to have valid credentials for the affected device. The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command. A successful exploit could allow the attacker to gain full administrative privileges without using the enable password. Note: The Enable Secret feature is disabled by default."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad Enable Secret de Cisco Nexus 3000 Series Switches y Cisco Nexus 9000 Series Switches en modo NX-OS independiente, podr\u00eda permitir a un atacante local autenticado emitir el comando enable y conseguir privilegios administrativos completos. Para explotar esta vulnerabilidad, el atacante necesitar\u00eda tener credenciales v\u00e1lidas para el dispositivo afectado. La vulnerabilidad es debido a un error l\u00f3gico en la implementaci\u00f3n del comando enable. Un atacante podr\u00eda explotar esta vulnerabilidad al iniciar sesi\u00f3n en el dispositivo y emitiendo el comando enable. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante conseguir privilegios administrativos completos sin usar la contrase\u00f1a de habilitaci\u00f3n. Nota: La funcionalidad Enable Secret est\u00e1 desactivada por defecto"
}
],
"id": "CVE-2020-3394",
"lastModified": "2024-11-21T05:30:56.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-27T16:15:12.037",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-24 20:15
Modified
2024-11-21 05:43
Severity ?
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Summary
A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allow the attacker to disable switching on the SFP interface, which could disrupt network traffic.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C64CC640-B37D-4064-8946-B8CCCDE1A6EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E8983275-20C6-487E-A265-3836F06AB226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CBCA0A4F-D475-405C-B9A7-EBB0A816B9C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(1e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA0E0039-23E1-425B-8B2C-DFE2C185CC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(2j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C3FB2AC-934D-4F12-9E9B-EA5F0731DA4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(2m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BACE91F5-EC9B-4486-80F1-CFC3DA570B9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(3f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C60E5B9-10AB-4A69-B28D-0D526756E6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(3i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "979FEE23-2C28-4212-9DA5-10A0EAFE1668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(3k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9B610400-181F-4621-B27B-18C2609990DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(3n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4585B70C-E162-42FA-9CB8-42C1F34017AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(3o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EFC3F541-E417-4FC1-8C35-5B162F35F4F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(4g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "627482D8-0464-4B96-B36A-25D151F1525E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(4h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "788E6471-F000-45A7-9829-71F7AE5ED1B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(4o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BCD04718-6743-40A1-9115-A172D1C37835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(4q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0277D6FD-2A73-45E9-ADA3-64998B7E4668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CAA00485-725D-467C-9152-DF325507E248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(1o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7D7ED5D0-12BD-483C-902B-CF1AE23611E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(1r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "582C120A-DFA9-40F8-875A-C7875D9D93F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(1s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "040EFFE2-EE24-46EA-B77B-7FDCCF66923D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4FB814B0-24AE-4C62-9CCE-5D572D0FC0A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(2i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "92FAEF9F-724D-43E9-8916-BEF64A9B8F9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(3f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EA448665-A433-4C40-940D-1165C6A2777F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(4e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "061AC794-EDA5-4166-85D1-EA827685C0F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(4f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FFE372D3-4978-4C78-AE1A-14E29ED00D46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(4g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1A11D005-53E4-4575-8EAC-86F9DDB62FF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(4i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "952CC9AA-D03C-44F5-8600-78C1E20D0F9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(4l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74F6CC3C-BFCB-4CD6-830E-6A2C29EB0923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(4m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C27C3B5E-AD72-4A32-BE7B-885AE8DFB480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A2C5F386-C135-4AED-9F96-388E324F09BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "669CF375-763C-4B83-8291-85F7CE8297F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(1m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9188E945-D4A9-47A7-8588-302762510C2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "36A00C1F-7270-4E2F-8420-8567336AD1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "22EE58D9-D1BF-41BD-B331-A3472D38B1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(2i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58B28302-6700-4B2C-9531-6BECA5113D70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(2j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C470740F-386B-472E-AD18-D8954AD5BE78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E34C017B-E9C3-48B8-AB7E-0A8C6CD8788B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(3e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED0CF9B2-356D-45C5-BFCD-94155E1A2F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(3h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2478A831-330D-4526-8A2C-DC8C0F6973ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(3m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EAB57FD7-4350-4BFD-A6CF-EDA674AD31BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(1g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "71B4FF76-FBC5-4742-B784-90AFBE8E2767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "28328D72-D898-48C4-B7A9-D97E321C9D99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1569E0F4-33D1-408D-88DC-26822447F325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF454C26-1558-405A-B99C-ADF7A9E91B69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CA86F8E0-58FB-4CA5-9541-E9D55BED533D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F031ABAD-3D20-4374-ABBE-24D5C01BE910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(2i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F227E127-08EE-4A86-956C-BBBDB49925A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(2j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0CD7AC4-58DD-4795-AB15-EFA214111B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(2k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "64581189-9370-487A-9196-D0421CB3636E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0BEE5B22-F9D3-4EAA-A552-7F0271080632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74DB471F-43AF-4E94-99B0-7D38CB3F5943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9217FBFE-2708-440A-90F9-0562C159DE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5BA5F46C-3172-4509-856F-703E0B517E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E07DC9A1-E4BA-474C-96C2-0B73704628AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "027DCF27-E201-4713-A1AC-526C6CA04343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40B05631-0319-4AFA-867A-2AECEAD449CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "771CD71E-4F24-4ACC-8D86-11429379093B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "906C7861-3266-445E-BBAB-64B757229A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "782E194A-E91E-4C72-A86A-5BD2B9CE19BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4CE062A4-FD32-41E5-A5B2-06BED72140E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52016BB9-A37D-4F3A-BEB4-77CF84193652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(2o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CE8D042D-35C6-4BDF-9CD7-9125B19DC415",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "50F91C27-4625-4CCD-B2EB-7F34F286AB2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F65D3CE3-CA53-4A13-AD86-E59196B586FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EC4633AD-6CBA-4E7B-BC9D-DCCBE1F2C7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "04B6FAA5-D3CF-4463-9DE9-6F472DC78B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(2k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A1A8E4CF-2EF7-45E8-A4FE-5BEA54617D71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(3g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B0A7F045-BE20-4B1D-8A0D-38A651B77EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(3h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E8DB4683-C8B2-4013-85C5-A1B5F01790B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(3j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF031A0E-9C92-4931-8433-EAF9F9BA0DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.1\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E66B8A3B-AE6E-4876-9C14-54B24F91229C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "57B9178C-DD7F-4FE4-BC24-7025F90A4E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(1n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A5288A19-E08E-4748-A6F8-C095746D8B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(1o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4DBC06D8-E9B3-4400-A7E5-7EE6A3B8C9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46C5D5D2-B2B9-4A9A-84D5-6F04E3F8694F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FDFA97CC-F9AD-42A8-8FBE-D986E729336C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "49DCFBB0-E1DA-4F4D-877A-BC6075775EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4E02BE71-98EB-494D-A808-42A3B2A0A72A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6B74C309-446F-4EAC-939E-43BC8167FE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(2q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0EA38368-8EE4-4480-9A9A-D12992108475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(3j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BFCAE710-1789-4D3A-AC2E-E6A523037172",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(3p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2E7A6830-C15E-4690-8C1A-5044A3B01C13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(3r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69051EB0-D60F-4E30-8939-088E50422A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(3s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5135CDF-5991-4CC9-9C4C-CC0DADEA8C5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(3t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "00DF4FCE-1B71-4A28-989C-AE4C5F2B3343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(4f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6049CBB-7445-4A77-867B-5D59DF0C9332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(4p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58BE5188-775E-42A9-BCCF-0DBACDDFC045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(4q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "762B4A37-3D8C-4172-A8FF-14F470CBDBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.2\\(4r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C9BCF174-6D01-4C1A-AF7F-B91EDD16E010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94E4F174-8F51-41AF-82C7-0CA577753191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "353FD814-0812-4B90-B8F0-D372E85CF40B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "71AF6628-3E98-4D66-B4A9-9EA16519719A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E52B312E-9C91-40F7-BACB-1550D6632477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "746D1151-BEC2-4404-A7CF-651D8BFA3412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(1p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52CE3E73-8EC6-49D1-837F-2FBFDD51802C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.0\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B774106E-DC00-4F79-A5F9-390483A9FBEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.0\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "26676350-6635-4B97-8A1E-250E06A177CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.0\\(2k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA426885-C1FB-4DB5-900A-7C7882956BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.0\\(2n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AA5C1581-9C53-4093-BBCA-67F57CE24C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D548C85A-F98B-49BF-A6C3-ADEB60124822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "970718D9-4789-414B-8ED2-FBF914B4047C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C45D91E-5AA4-46B4-9A87-75480AC04732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "973B7EE9-6B18-4D1D-8DEE-3C43D0CEB89C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "32083CFE-1DAE-4BE2-AFB9-B2806F809191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B0D61DA2-28B2-49E5-8739-38113455BD09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2E20496D-D83C-4CD3-B1A3-EEE0D165F609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2u\\):*:*:*:*:*:*:*",
"matchCriteriaId": "71425F24-4C89-49C1-9B5E-68FAFE04F89C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.1\\(2v\\):*:*:*:*:*:*:*",
"matchCriteriaId": "310CF610-34E9-45F2-B01A-76DDEC40A040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09A32C04-1467-4564-A18E-EF2AAEF64244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(1m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED378075-D761-4D0D-8852-93616EA2F9BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(2l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C9BD58D-3AE9-49C7-AE94-74878CD109B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(2o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46D16C20-D68E-4118-B8D4-D6A2044DCD32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ABCDA33D-8576-4DF6-90A1-710CA3F78F68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D302931B-4425-40A6-BF7E-97FAB43D0778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CEBC0A74-551B-4BD1-A59A-80C119362D60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F36E0CC9-7DD7-439B-B83F-F96DEF5B2A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F50E84B-7CAC-4832-96C5-9885F0F9DFC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(3s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DEB8A917-6F49-4636-AF8C-8C18BAACE661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(4d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "79ECC89F-7F84-42E0-AF0F-4C9A609131E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(4e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A9AC0D9-D8D4-480F-B1B7-84D17AF4ABC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(5d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "28A0A2C2-6E9F-4A08-9ED8-6FD4E8203053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(5e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FCE26439-5B15-48F4-8E02-CC45A76297A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(5f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F8744322-4D27-44BB-9573-BDEC9E8F6B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(6i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "83C1841C-9D9B-4A22-9080-724BC75A004E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(7f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3E54C78E-93FE-4E22-A37A-25D07AF7C7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(7k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED709475-D435-492E-A295-3F3202CB6CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(8d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20DBADBC-106E-4D0D-B6F1-F5859AD84DE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(9b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B226BA8E-FC1E-44FF-9A91-837F355E53B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(9f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1BA59F5B-43FE-4051-9D27-F83A7A39141E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(9h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3883FD9C-0BCB-4865-81B6-854C8C4EC7DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:13.2\\(41d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3A52F12E-8EAD-40B8-BB6D-54FAD8718AD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.0\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B4F75D6B-D48A-4B5E-A1DF-EEBFEBFE6073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.0\\(2c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FB1B81AF-FC0F-42B6-98C0-BEC432C7BAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.0\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "87C5BB7A-3B2B-4AE3-A626-04FD1BB1E9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDEB393A-9687-4E52-9837-B2C9E8F22D58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7E1BE98A-95AE-4D11-B427-68D25FE60720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CD61CB15-1955-4A81-9F8E-02F207094260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "455F4A6C-428C-494F-B70C-A891B83EBEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "322088F6-DF10-4C58-92F3-0FFBF469A6B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20BFA5E5-0ECC-4A1F-A936-1F325A810334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7ECA1140-9DE0-4BC9-A381-A8DCB5BEA4A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F5FCA86-82A3-4540-B827-BD752D9E0465",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6B8DE7D4-EFEC-487B-8250-251F9EA36BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2u\\):*:*:*:*:*:*:*",
"matchCriteriaId": "83EA47AA-6F3B-4A48-81A0-2CA8D6696B27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2w\\):*:*:*:*:*:*:*",
"matchCriteriaId": "89662D5F-AEEC-4DEB-AB8B-6A95D0A4B1D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(2x\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40D5076C-6C6F-44F9-91D7-D8F2FEB21310",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D8BA2854-BE27-45F8-AF6E-CF6C474CF15B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8296DD01-9CE0-4734-97A1-43250AD87453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "77FC6FCC-9C86-43CB-A008-82E5C3E5B791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AD71858-CA76-4BE3-8B4F-626959F6A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "38F4C42B-D975-46B5-8A18-1D6F72A294F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58277DB8-BBC7-4639-8967-FCBAB029641E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(3j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7E6354B7-3CBA-4E09-93F6-B49717B2A78E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(3l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C693C8FA-3324-4439-B177-6FAE387DB23D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(3n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "949C0F31-77ED-49CC-870D-70104AA908A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(3q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "007BDA28-37AD-4F37-B351-C3BE0B8418F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(4i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9563DBDC-D2C0-4C7C-A246-EC95DC4581CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(4k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09CF92FC-B053-4234-830F-683E06807545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(4o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "61DF8B69-D0B7-455F-A50E-5930948BED49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(4p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "724603DA-06C9-4E64-B495-A90AD9BF31E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(5k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D1255013-E3BC-4048-BD50-4641C0048FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.0\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ABBAFC12-85C7-4FD1-B46E-D8268D00DEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.0\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8F988380-7BAE-4E9C-B1E2-D3F7389E2FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.0\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "11E2E40A-CCD5-4CA7-826E-10923BED72E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.0\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95A5C1D4-EAE5-4E3F-AFCC-96B1ECDA91EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allow the attacker to disable switching on the SFP interface, which could disrupt network traffic."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el protocolo Link Layer Discovery Protocol (LLDP) para Nexus 9000 Series Fabric Switches en modo Application Centric Infrastructure (ACI) podr\u00eda permitir a un atacante adyacente no autenticado deshabilitar la conmutaci\u00f3n en una interfaz small form-factor pluggable (SFP).\u0026#xa0;Esta vulnerabilidad es debido a una comprobaci\u00f3n incompleta del origen de un paquete LLDP recibido.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete LLDP dise\u00f1ado en una interfaz SFP a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante deshabilitar la conmutaci\u00f3n en la interfaz SFP, lo que podr\u00eda interrumpir el tr\u00e1fico de la red"
}
],
"id": "CVE-2021-1231",
"lastModified": "2024-11-21T05:43:53.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-24T20:15:13.193",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-346"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-24 20:15
Modified
2024-11-21 05:44
Severity ?
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted PIM packet to an affected device. A successful exploit could allow the attacker to cause a traffic loop, resulting in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A2F42DB-B22B-4880-BA73-D0E0295190DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33600D17-FBBD-4314-AAE6-95E78A5F32EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44BE8368-6B37-4C2C-980F-412CA6E87A2C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA5389A-8AD1-476E-983A-54DF573C30F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B1A8F1-45B1-4E64-A254-7191FA93CB6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2749521-2922-4F15-9467-AFD8D9F15C91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2FFD26-8255-4351-8594-29D2AEFC06EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61E10975-B47E-4F4D-8096-AEC7B7733612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "902F5C0B-F379-464C-8DED-C166004FE97B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75507216-258C-4501-AD98-CC9BB2EA5E14",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted PIM packet to an affected device. A successful exploit could allow the attacker to cause a traffic loop, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad Protocol Independent Multicast (PIM) del software Cisco NX-OS, podr\u00eda permitir a un atacante adyacente no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;Esta vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete PIM dise\u00f1ado a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un bucle de tr\u00e1fico, lo que resultar\u00eda en una condici\u00f3n DoS"
}
],
"id": "CVE-2021-1367",
"lastModified": "2024-11-21T05:44:11.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-24T20:15:13.363",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-dos-Y8SjMz4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-dos-Y8SjMz4"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B77DE7C-8F8A-4474-BA11-401B6A07C18E",
"versionEndExcluding": "7.1\\(5\\)n1\\(1\\)",
"versionStartIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5FF890-017A-4F2B-9253-8149FA484066",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "991285C8-2BD5-4C84-8DA0-4C500B519267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02DD5791-E4D3-475C-84B0-E642ACFC5EB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE85C54-276F-462E-808A-23D3E54D31BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "627E5170-669E-41CB-BEA7-9DA6C6C4FF44",
"versionEndExcluding": "6.2\\(20\\)",
"versionStartIncluding": "6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20B60929-1E25-49F2-9C11-7A613E6CE1E7",
"versionEndExcluding": "7.2\\(2\\)d1\\(3\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9223B362-B27F-49FF-AFB2-8F39C43C4510",
"versionEndExcluding": "7.3\\(2\\)d1\\(1\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C06BC203-6A1D-4427-B368-46CDE4110F2E",
"versionEndExcluding": "8.1\\(2\\)",
"versionStartIncluding": "8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18F3A094-63D1-45B8-B0D2-D84BAD19BB8A",
"versionEndExcluding": "8.2\\(1\\)",
"versionStartIncluding": "8.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B36B056-C068-4413-B648-1D1D6026B823",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93C9AFED-1347-4B0E-B031-AF5EA891B9BD",
"versionEndExcluding": "7.0\\(3\\)i3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C899EF-A64F-4FD8-851C-1D4E2929BAF4",
"versionEndExcluding": "7.0\\(3\\)i7\\(1\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5219768E-0988-4F66-8D53-23EAD5819F35",
"versionEndExcluding": "7.0\\(3\\)i7\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC6D08-C547-44A3-AC77-A63DB58E4889",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D4C48-4D01-4761-B2D8-F16E90F78560",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D75479AD-9847-497C-9438-AA82D91B6F71",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEE82469-C112-4BF3-848B-ACDA7000B235",
"versionEndExcluding": "8.1\\(1a\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1EB1DA63-8A73-4BBC-AD53-469B0559A112",
"versionEndExcluding": "2.2\\(8g\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF9D209-A6D9-4502-A1EC-E9FE1457A547",
"versionEndExcluding": "3.1\\(2f\\)",
"versionStartIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0246716-64E9-4CCA-9546-A3A40D375E95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A5AB957-E691-4088-AB25-33AB9C88F73F",
"versionEndExcluding": "2.0.1.153",
"versionStartIncluding": "1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0AC7D7-0569-497E-B38E-2758410A750D",
"versionEndExcluding": "2.1.1.86",
"versionStartIncluding": "2.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5712D110-FF7D-4A6A-A592-0245709BC6B3",
"versionEndExcluding": "2.2.1.70",
"versionStartIncluding": "2.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B56E81C-0822-4B76-8F24-9A85A5DD84A6",
"versionEndExcluding": "2.2.2.14",
"versionStartIncluding": "2.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0AC7D7-0569-497E-B38E-2758410A750D",
"versionEndExcluding": "2.1.1.86",
"versionStartIncluding": "2.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5712D110-FF7D-4A6A-A592-0245709BC6B3",
"versionEndExcluding": "2.2.1.70",
"versionStartIncluding": "2.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86A5F522-BA5D-4CF2-B166-9D84ECF33F4E",
"versionEndExcluding": "2.0.1.152",
"versionStartIncluding": "1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B56E81C-0822-4B76-8F24-9A85A5DD84A6",
"versionEndExcluding": "2.2.2.14",
"versionStartIncluding": "2.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0574E77C-18C6-4621-B73A-DCDD6D1B5E37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el subsistema Cisco Discovery Protocol (anteriormente conocido como CDP) de los dispositivos que ejecutan, o se basan en, Cisco NX-OS Software podr\u00eda permitir que un atacante adyacente sin autenticar cree una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a un error a la hora de validar adecuadamente ciertos campos en un mensaje Cisco Discovery Protocol antes de procesarlo. Un atacante que pueda enviar un mensaje Cisco Discovery Protocol destinado a desencadenar este problema podr\u00eda provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado mientras el dispositivo se reinicia. La vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000 y CSCve41007."
}
],
"id": "CVE-2018-0331",
"lastModified": "2024-11-21T03:37:59.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-21T11:29:00.773",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-25 20:15
Modified
2024-11-21 05:44
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation when an affected device is processing an MPLS echo-request or echo-reply packet. An attacker could exploit this vulnerability by sending malicious MPLS echo-request or echo-reply packets to an interface that is enabled for MPLS forwarding on the affected device. A successful exploit could allow the attacker to cause the MPLS OAM process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4C1BC928-7DB9-499A-8CF4-90C98218E9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2636B1F1-8C40-44A4-B96B-C84EC244685E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C8A71DEB-93CD-4827-9F9E-3A0DFFAD145A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B22B3865-30E9-4B5A-A37D-DC33F1150FFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "459A7F11-52BF-4AD6-B495-4C4D6C050493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEACA55F-4335-4478-B608-EB92EE1D6C6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation when an affected device is processing an MPLS echo-request or echo-reply packet. An attacker could exploit this vulnerability by sending malicious MPLS echo-request or echo-reply packets to an interface that is enabled for MPLS forwarding on the affected device. A successful exploit could allow the attacker to cause the MPLS OAM process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad Operation, Administration, and Maintenance (OAM) de MPLS del Software Cisco NX-OS, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a una comprobaci\u00f3n inapropiada de la entrada cuando un dispositivo afectado est\u00e1 procesando un paquete de eco-petici\u00f3n o eco-respuesta MPLS. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes maliciosos de eco-solicitud o eco-respuesta MPLS a una interfaz que est\u00e9 habilitada para el reenv\u00edo MPLS en el dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el proceso de MPLS OAM se bloquee y se reinicie varias veces, causando que el dispositivo afectado se recargue y resultando en una condici\u00f3n de DoS."
}
],
"id": "CVE-2021-1588",
"lastModified": "2024-11-21T05:44:41.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-25T20:15:11.537",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-mpls-oam-dos-sGO9x5GM"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-mpls-oam-dos-sGO9x5GM"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-126"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-24 10:59
Modified
2024-11-21 02:30
Severity ?
Summary
Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=39469 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securityfocus.com/bid/75378 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1032712 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=39469 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/75378 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032712 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 1.1\(1g\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:1.1\\(1g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "259E6EC6-B4CC-40A0-8250-E486AD621ACD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391."
},
{
"lang": "es",
"value": "Cisco NX-OS 1.1(1g) en los dispositivos Nexus 9000 permite a usuarios remotos autenticados descubrir contrase\u00f1as en texto claro mediante el aprovechamiento de la existencia de un mecanismo de descifrado, tambi\u00e9n conocido como Bug ID CSCuu84391."
}
],
"id": "CVE-2015-4213",
"lastModified": "2024-11-21T02:30:38.780",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-24T10:59:09.073",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39469"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75378"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032712"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-08-19 15:59
Modified
2024-11-21 02:30
Severity ?
Summary
Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=40431 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1033267 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=40431 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1033267 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 11.1\(1c\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE500E08-7AC5-4086-8B83-20E24CB5DDAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device\u0027s filesystem, aka Bug ID CSCuu77225."
},
{
"lang": "es",
"value": "Vulnerabilidad en Cisco NX-OS en dispositivos Nexus 9000 11.1(1c), permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (cuelgue de dispositivo) a trav\u00e9s de archivos de gran tama\u00f1o que son copiados al sistema de archivos de un dispositivo, tambi\u00e9n conocida como Bug ID CSCuu77225."
}
],
"id": "CVE-2015-4301",
"lastModified": "2024-11-21T02:30:47.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-08-19T15:59:03.727",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40431"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033267"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to send a malicious packet to the management interface on an affected system and execute a command-injection exploit. The vulnerability is due to incorrect input validation of user-supplied data to the NX-API subsystem. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet to the management interface of an affected system that has the NX-API feature enabled. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. Note: NX-API is disabled by default. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd47415, CSCve03216, CSCve03224, CSCve03234.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-api-execution | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-api-execution | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE7BCA11-7B09-43A3-A589-59D48402F564",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.0\\(1\\)s20:*:*:*:*:*:*:*",
"matchCriteriaId": "20F27BA1-8824-4576-A737-20910CC6EBE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0\\)bd\\(0.20\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F66360CD-CCCF-4DE7-86F1-996175B4503C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0.97\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "656E0EE0-4693-4388-88D5-353CF309866E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0\\)bd\\(0.20\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F66360CD-CCCF-4DE7-86F1-996175B4503C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(1\\)s5:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C0438A-0275-49B1-91BF-437917F3A4BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA35D4AA-24B3-428E-84ED-804EF941E9A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC6D08-C547-44A3-AC77-A63DB58E4889",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D4C48-4D01-4761-B2D8-F16E90F78560",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA35D4AA-24B3-428E-84ED-804EF941E9A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_2148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5BBD7E-7638-4725-B01E-37B0056521EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2224tp_ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6A29A1-C498-4F98-81B6-F920AB038507",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232pp_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A0F8DD-8150-45EB-8C0E-636C11C258A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232tm-e_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8DC1FE-89A4-4E8D-917C-A888F2475FDC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2232tm_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8717918-2908-470C-BD41-6B466AF539F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248pq_10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "572DBF51-E334-444B-B548-2539740E1D0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248tp-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8D3949-D212-4212-A651-07A631964448",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_2248tp_ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2291E9C8-3816-49E6-843E-292686F5B6CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA35D4AA-24B3-428E-84ED-804EF941E9A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to send a malicious packet to the management interface on an affected system and execute a command-injection exploit. The vulnerability is due to incorrect input validation of user-supplied data to the NX-API subsystem. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet to the management interface of an affected system that has the NX-API feature enabled. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. Note: NX-API is disabled by default. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd47415, CSCve03216, CSCve03224, CSCve03234."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la caracter\u00edstica NX-API del software Cisco NX-OS podr\u00eda permitir que un atacante remoto autenticado env\u00ede un paquete malicioso a la interfaz de gesti\u00f3n de un sistema afectado y ejecute un exploit de inyecci\u00f3n de comandos. Esta vulnerabilidad se debe a la validaci\u00f3n incorrecta de entradas del datos proporcionados por el usuario en el subsistema NX-API. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un paquete HTTP o HTTPS malicioso a la interfaz de gesti\u00f3n de un sistema afectado que tenga la caracter\u00edstica NX-API habilitada. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante ejecute comandos arbitrarios con privilegios root. Nota: NX-API est\u00e1 deshabilitado por defecto. La vulnerabilidad afecta a MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches en modo NX-OS independiente y los m\u00f3dulos Line Cards y Fabric de Nexus 9500 R-Series. Cisco Bug IDs: CSCvd47415, CSCve03216, CSCve03224, CSCve03234."
}
],
"id": "CVE-2018-0313",
"lastModified": "2024-11-21T03:37:57.480",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-21T11:29:00.727",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-api-execution"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-api-execution"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-20 21:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(0.354\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E37D2258-0776-4EA8-9342-4F90DF77C33E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "17C275C2-9082-47EC-B525-9EAA427A083B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "9A5FFC5B-6F90-4E8F-9AE2-B4DA4C7A144B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.8\\(3.5\\)s0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B17D00-490A-42CE-9DBB-EF8D30264546",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "262C95B9-0B56-48FD-BEE4-6680839D21A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC6D08-C547-44A3-AC77-A63DB58E4889",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D4C48-4D01-4761-B2D8-F16E90F78560",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "262C95B9-0B56-48FD-BEE4-6680839D21A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0246716-64E9-4CCA-9546-A3A40D375E95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0AC7D7-0569-497E-B38E-2758410A750D",
"versionEndExcluding": "2.1.1.86",
"versionStartIncluding": "2.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD4FA53-E048-4F10-800A-0C213F361139",
"versionEndExcluding": "2.2.2.17",
"versionStartIncluding": "2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81FC0A3F-4682-47D9-8095-6805E33979BF",
"versionEndExcluding": "2.0.1.159",
"versionStartIncluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0AC7D7-0569-497E-B38E-2758410A750D",
"versionEndExcluding": "2.1.1.86",
"versionStartIncluding": "2.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD4FA53-E048-4F10-800A-0C213F361139",
"versionEndExcluding": "2.2.2.17",
"versionStartIncluding": "2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81FC0A3F-4682-47D9-8095-6805E33979BF",
"versionEndExcluding": "2.0.1.159",
"versionStartIncluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0574E77C-18C6-4621-B73A-DCDD6D1B5E37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C28214D7-90AA-4917-AC87-BE9F481BBE2C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_4001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56193DB3-79DC-47D1-A629-D22EFC57D590",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la caracter\u00edstica escritura-borrado del software Cisco FXOS y Cisco NX-OS podr\u00eda permitir que un atacante local autenticado configure una cuenta de administrador no autorizada para un dispositivo afectado. La vulnerabilidad existe debido a que el software afectado no elimina correctamente los archivos sensibles cuando determinados comandos de la interfaz de l\u00ednea de comandos se emplean para limpiar la configuraci\u00f3n del dispositivo y recargarlo. Un atacante podr\u00eda explotar esta vulnerabilidad iniciando sesi\u00f3n en un dispositivo afectado como usuario administrativo y configurando una cuenta no autorizada en el dispositivo. La cuenta no requerir\u00eda una contrase\u00f1a para autenticarse y ser\u00eda accesible solo mediante una conexi\u00f3n SSH (Secure Shell) al dispositivo. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante configure una cuenta no autorizada con privilegios administrativos, que no requiere contrase\u00f1a para autenticarse y no aparece en la configuraci\u00f3n en ejecuci\u00f3n o los registros de auditor\u00eda para el dispositivo afectado. La vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753."
}
],
"id": "CVE-2018-0294",
"lastModified": "2024-11-21T03:37:54.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-20T21:29:00.390",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-03 17:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. The vulnerability is due to overly permissive file permissions of specific system files. An attacker could exploit this vulnerability by authenticating to an affected device, creating a crafted command string, and writing this crafted string to a specific file location. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device. The attacker would need to have valid administrator credentials for the device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9000_series_application_centric_infrastructure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F856D67-3314-4B08-BD96-DACBFEA6979B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DB6FC5-762A-4F16-AE8C-69330EFCF640",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. The vulnerability is due to overly permissive file permissions of specific system files. An attacker could exploit this vulnerability by authenticating to an affected device, creating a crafted command string, and writing this crafted string to a specific file location. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device. The attacker would need to have valid administrator credentials for the device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la administraci\u00f3n del sistema de archivos para el programa Cisco Nexus 9000 Series Application Centric Infrastructure (ACI), podr\u00eda permitir a un atacante local autorizado con derechos de administrador conseguir privilegios elevados como usuario tipo root en un dispositivo afectado. La vulnerabilidad se debe a los permisos de archivos excesivamente flexibles de archivos espec\u00edficos del sistema. Un atacante podr\u00eda aprovechar esta vulnerabilidad al identificarse en un dispositivo afectado, crear una cadena de comandos creada y escribir esta cadena en una ubicaci\u00f3n espec\u00edfica del archivo. Una operaci\u00f3n exito podr\u00eda permitir al atacante ejecutar comandos de sistema operativo arbitrarios tipo root en un dispositivo afectado. El atacante deber\u00eda tener credenciales de administrador v\u00e1lidas para el dispositivo."
}
],
"id": "CVE-2019-1803",
"lastModified": "2024-11-21T04:37:24.733",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-03T17:29:00.737",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-03 10:59
Modified
2024-11-21 02:30
Severity ?
Summary
Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=39569 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securityfocus.com/bid/75503 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1032764 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=39569 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/75503 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032764 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 6.2\(10\) | |
| cisco | mds_9100 | - | |
| cisco | mds_9200 | - | |
| cisco | mds_9500 | - | |
| cisco | mds_9700 | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED7B1216-4C4F-4A23-9474-23876649ABF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B25B92ED-37C0-4653-9C5E-B4C13C46464C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2374E02D-46FE-477F-A74D-49E72149E6EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C44335D8-8A78-486C-A325-9691FA4C3271",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856."
},
{
"lang": "es",
"value": "Cisco NX-OS 6.2(10) en los dispositivos Nexus y MDS 9000 permite a usuarios locales ejecutar comandos del sistema operativo arbitrarios mediante la entrada de par\u00e1metro tar manipulados en la interfaz l\u00edneas de comando, tambi\u00e9n conocido como Bug ID CSCus44856."
}
],
"id": "CVE-2015-4232",
"lastModified": "2024-11-21T02:30:40.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-03T10:59:01.343",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39569"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75503"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032764"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E762B981-6AC3-41E2-9FF5-DBA9616EA75C",
"versionEndExcluding": "6.2\\(25\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0041E4-EBDC-465A-B593-E7C353EF0D8F",
"versionEndExcluding": "8.3\\(2\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF06D835-FBE6-4866-B410-C2F66AEF68CD",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0C7252-4931-47EF-9AFD-0CE05C786613",
"versionEndExcluding": "7.3\\(4\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4",
"versionEndExcluding": "6.2\\(22\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3411F8C2-D65A-46CF-9563-0A9866462491",
"versionEndExcluding": "7.3\\(3\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8882184-A5B1-4F67-B942-FDEE2FFD43F4",
"versionEndExcluding": "8.2\\(3\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC2CF14-BF68-49FD-AFDE-886FD1A51520",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F8E70D-012F-4465-AC5B-D31563BE219A",
"versionEndExcluding": "2.2.2.91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2C8263-BA5C-41D0-ABD9-42925B94BF84",
"versionEndExcluding": "2.3.1.130",
"versionStartIncluding": "2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "564D0A43-37E4-477A-8ADD-5D2FC8092142",
"versionEndExcluding": "2.4.1.222",
"versionStartIncluding": "2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE",
"versionEndExcluding": "6.0\\(2\\)a8\\(11\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFCC3C2-3483-4BD0-AF71-23574D0849B1",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF06D835-FBE6-4866-B410-C2F66AEF68CD",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB",
"versionEndExcluding": "4.0\\(1a\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "054D8EB2-97A3-4725-9DFF-27A4D231D90A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de los programas FXOS y NX-OS de Cisco podr\u00eda permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con elevados privilegios. Un atacante necesitar\u00eda credenciales de administrador para aprovechar esta vulnerabilidad."
}
],
"id": "CVE-2019-1781",
"lastModified": "2024-11-21T04:37:21.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T20:29:01.400",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108407"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-25 20:15
Modified
2024-11-21 05:44
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient restrictions during the execution of a specific CLI command. An attacker with administrative privileges could exploit this vulnerability by performing a command injection attack on the vulnerable command. A successful exploit could allow the attacker to access the underlying operating system as root.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(7f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD6D7D62-660F-49AB-96D7-189778A42394",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient restrictions during the execution of a specific CLI command. An attacker with administrative privileges could exploit this vulnerability by performing a command injection attack on the vulnerable command. A successful exploit could allow the attacker to access the underlying operating system as root."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco Nexus 9000 Series Fabric Switches en el modo Application Centric Infrastructure (ACI) podr\u00eda permitir a un atacante local autenticado elevar los privilegios en un dispositivo afectado. Esta vulnerabilidad es debido a las restricciones insuficientes durante la ejecuci\u00f3n de un comando CLI espec\u00edfico. Un atacante con privilegios administrativos podr\u00eda explotar esta vulnerabilidad al llevar a cabo un ataque de inyecci\u00f3n de comandos en el comando vulnerable. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante acceder al sistema operativo subyacente como root."
}
],
"id": "CVE-2021-1584",
"lastModified": "2024-11-21T05:44:40.663",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-25T20:15:11.177",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-mdvul-vrKVgNU"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-mdvul-vrKVgNU"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-25 20:15
Modified
2024-11-21 05:44
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.0\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "11E2E40A-CCD5-4CA7-826E-10923BED72E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:15.1\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C78C9E79-C6DC-4FE3-8B79-A9BEBED9A67D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en las configuraciones de red Multi-Pod o Multi-Site para Cisco Nexus 9000 Series Fabric Switches en el modo Application Centric Infrastructure (ACI) podr\u00eda permitir a un atacante remoto no autenticado reiniciar inesperadamente el dispositivo, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se presenta porque el tr\u00e1fico TCP enviado a un puerto espec\u00edfico en un dispositivo afectado no se sanea apropiadamente. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de datos TCP dise\u00f1ados a un puerto espec\u00edfico que est\u00e1 escuchando en una direcci\u00f3n IP p\u00fablica para la configuraci\u00f3n de Multi-Pod o Multi-Site. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el dispositivo se reinicie inesperadamente, resultando en una condici\u00f3n de DoS."
}
],
"id": "CVE-2021-1586",
"lastModified": "2024-11-21T05:44:40.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-25T20:15:11.237",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 19:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities. NX-OS versions prior to 8.3(1) are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108386 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108386 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D14AF388-8D72-45DF-A268-4ACE8472F65C",
"versionEndExcluding": "8.3\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities. NX-OS versions prior to 8.3(1) are affected."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de un comando espec\u00edfico CLI para el software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado con credenciales de administrador genere una condici\u00f3n de desbordamiento del b\u00fafer o realice una inyecci\u00f3n de comandos. Esto podr\u00eda permitir al atacante ejecutar comandos arbitrarios con elevados privilegios sobre el sistema operativo subyacente de un dispositivo afectado. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos pasados ??a un determinado comando CLI. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento del comando CLI afectado. Un aprovechamiento exitoso podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios de raiz. Un atacante necesitar\u00eda credenciales de administrador v\u00e1lidas para aprovechar estas vulnerabilidades. Las versiones de NX-OS anteriores a 8.3 (1) est\u00e1n afectadas."
}
],
"id": "CVE-2019-1767",
"lastModified": "2024-11-21T04:37:19.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T19:29:00.697",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108386"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-03 17:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is due to the presence of a default SSH key pair that is present in all devices. An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials. An exploit could allow the attacker to access the system with the privileges of the root user. This vulnerability is only exploitable over IPv6; IPv4 is not vulnerable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nexus_9332pq_firmware | 14.0\(3d\) | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_93180yc-ex_firmware | 14.0\(3d\) | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93128tx_firmware | 14.0\(3d\) | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93120tx_firmware | 14.0\(3d\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93108tc-ex_firmware | 14.0\(3d\) | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_9516_firmware | 14.0\(3d\) | |
| cisco | nexus_9516 | - | |
| cisco | nexus_9508_firmware | 14.0\(3d\) | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9504_firmware | 14.0\(3d\) | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9500_firmware | 14.0\(3d\) | |
| cisco | nexus_9500 | - | |
| cisco | nexus_9396tx_firmware | 14.0\(3d\) | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9396px_firmware | 14.0\(3d\) | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9372tx_firmware | 14.0\(3d\) | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372px_firmware | 14.0\(3d\) | |
| cisco | nexus_9372px | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9332pq_firmware:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "30DB41FE-EC1D-4116-A4BA-5F578016D38E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180yc-ex_firmware:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C57C5155-B51A-4FB6-8352-10930C68C83B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93128tx_firmware:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E1C8D17B-FC0B-4ACA-B8F3-7D0C74211A62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93120tx_firmware:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "27BEE2C5-B41C-4C06-BA4B-44736ADF90CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93108tc-ex_firmware:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5B1EEB5-5EA3-4870-B312-3E97DF71128C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9516_firmware:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EA969704-C381-46F2-9381-A908799C6FD4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9508_firmware:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1D905244-4924-4DD7-87E8-76FDB3AAF648",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9504_firmware:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "07C8F61A-61C1-42EB-88FD-BDCFEBA3CFB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9500_firmware:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B09EE34F-FA8C-42BC-89BD-A162186C8FA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9396tx_firmware:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1EDC87DF-259C-46B5-BCCF-48957BA7D4EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9396px_firmware:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "00629264-0F72-42E7-A4D1-B8C1ADBB417E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9372tx_firmware:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F2F0E62-4135-4E45-BDB1-9C745D46C732",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9372px_firmware:14.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5E5C4F2E-AF6F-4212-892F-E945CFD2C0EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is due to the presence of a default SSH key pair that is present in all devices. An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials. An exploit could allow the attacker to access the system with the privileges of the root user. This vulnerability is only exploitable over IPv6; IPv4 is not vulnerable."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la gesti\u00f3n de claves SSH para el software Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch podr\u00eda permitir que un atacante remoto no autenticado se conecte al sistema afectado con los privilegios de usuario root. La vulnerabilidad se debe a la presencia de un par de claves SSH predeterminado que est\u00e1 presente en todos los dispositivos. Un atacante podr\u00eda explotar esta vulnerabilidad abriendo una conexi\u00f3n SSH v\u00eda IPv6 a un dispositivo objetivo utilizando los materiales clave extra\u00eddos. Un exploit podr\u00eda permitir al atacante acceder al sistema con los privilegios del usuario root. Esta vulnerabilidad s\u00f3lo es explotable sobre IPv6; IPv4 no es vulnerable."
}
],
"id": "CVE-2019-1804",
"lastModified": "2024-11-21T04:37:24.863",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-03T17:29:00.813",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-sshkey"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-sshkey"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1188"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-09-20 14:59
Modified
2024-11-21 02:34
Severity ?
Summary
Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=40990 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1033611 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=40990 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1033611 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 6.1\(2\)i3\(4\) | |
| cisco | nx-os | 7.0\(3\)i1\(1\) | |
| cisco | nexus_9000 | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0750C504-3D45-4ED7-9A0A-A8EEEEE426ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58BC9769-F3CD-4047-8C86-8C09FB2AB0F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560."
},
{
"lang": "es",
"value": "Vulnerabilidad en Cisco NX-OS 6.1(2)I3(4) y 7.0(3)I1(1) en dispositivos Nexus 9000 (N9K), permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de CPU o inestabilidad en el plano de control) o desencadenar reenv\u00edos de tr\u00e1fico involuntarios a trav\u00e9s de un paquete de Layer 2 con un n\u00famero VLAN reservado, tambi\u00e9n conocida como Bug ID CSCuw13560."
}
],
"id": "CVE-2015-6295",
"lastModified": "2024-11-21T02:34:43.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-09-20T14:59:03.850",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40990"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033611"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-02 09:15
Modified
2024-11-21 04:54
Severity ?
Summary
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 5.2\(1\)sk3\(1.1\) | |
| cisco | nx-os | 5.2\(1\)sk3\(2.1\) | |
| cisco | nx-os | 5.2\(1\)sk3\(2.1a\) | |
| cisco | nx-os | 5.2\(1\)sk3\(2.2\) | |
| cisco | nx-os | 5.2\(1\)sk3\(2.2b\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.1\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.2\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.2a\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.2b\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.2c\) | |
| cisco | nx-os | 5.2\(1\)sm3\(1.1\) | |
| cisco | nx-os | 5.2\(1\)sm3\(1.1a\) | |
| cisco | nx-os | 5.2\(1\)sm3\(1.1b\) | |
| cisco | nx-os | 5.2\(1\)sm3\(1.1c\) | |
| cisco | nx-os | 5.2\(1\)sm3\(2.1\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.1\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.2\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.3\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.4\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.4b\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.5a\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.5b\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.6\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.10\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.15\) | |
| cisco | nx-os | 5.2\(1\)sv3\(2.1\) | |
| cisco | nx-os | 5.2\(1\)sv3\(2.5\) | |
| cisco | nx-os | 5.2\(1\)sv3\(2.8\) | |
| cisco | nx-os | 5.2\(1\)sv3\(3.1\) | |
| cisco | nx-os | 5.2\(1\)sv3\(3.15\) | |
| cisco | nx-os | 5.2\(1\)sv3\(4.1\) | |
| cisco | nx-os | 5.2\(1\)sv3\(4.1a\) | |
| cisco | nx-os | 5.2\(1\)sv3\(4.1b\) | |
| cisco | nx-os | 5.2\(1\)sv3\(4.1b\) | |
| cisco | nx-os | 5.2\(1\)sv3\(4.1b\) | |
| cisco | nx-os | 5.2\(1\)sv5\(1.1\) | |
| cisco | nx-os | 5.2\(1\)sv5\(1.2\) | |
| cisco | nx-os | 5.2\(1\)sv5\(1.3\) | |
| cisco | nx-os | 5.2\(1\)sv5\(1.3\) | |
| cisco | nexus_1000v | - | |
| cisco | nexus_1000ve | - | |
| cisco | nx-os | 5.0\(3\)a1\(1\) | |
| cisco | nx-os | 5.0\(3\)a1\(2\) | |
| cisco | nx-os | 5.0\(3\)a1\(2a\) | |
| cisco | nx-os | 5.0\(3\)u1\(1\) | |
| cisco | nx-os | 5.0\(3\)u1\(1a\) | |
| cisco | nx-os | 5.0\(3\)u1\(1b\) | |
| cisco | nx-os | 5.0\(3\)u1\(1c\) | |
| cisco | nx-os | 5.0\(3\)u1\(1d\) | |
| cisco | nx-os | 5.0\(3\)u1\(2\) | |
| cisco | nx-os | 5.0\(3\)u1\(2a\) | |
| cisco | nx-os | 5.0\(3\)u2\(1\) | |
| cisco | nx-os | 5.0\(3\)u2\(2\) | |
| cisco | nx-os | 5.0\(3\)u2\(2a\) | |
| cisco | nx-os | 5.0\(3\)u2\(2b\) | |
| cisco | nx-os | 5.0\(3\)u2\(2c\) | |
| cisco | nx-os | 5.0\(3\)u2\(2d\) | |
| cisco | nx-os | 5.0\(3\)u3\(1\) | |
| cisco | nx-os | 5.0\(3\)u3\(2\) | |
| cisco | nx-os | 5.0\(3\)u3\(2a\) | |
| cisco | nx-os | 5.0\(3\)u3\(2b\) | |
| cisco | nx-os | 5.0\(3\)u4\(1\) | |
| cisco | nx-os | 5.0\(3\)u5\(1\) | |
| cisco | nx-os | 5.0\(3\)u5\(1a\) | |
| cisco | nx-os | 5.0\(3\)u5\(1b\) | |
| cisco | nx-os | 5.0\(3\)u5\(1c\) | |
| cisco | nx-os | 5.0\(3\)u5\(1d\) | |
| cisco | nx-os | 5.0\(3\)u5\(1e\) | |
| cisco | nx-os | 5.0\(3\)u5\(1f\) | |
| cisco | nx-os | 5.0\(3\)u5\(1g\) | |
| cisco | nx-os | 5.0\(3\)u5\(1h\) | |
| cisco | nx-os | 5.0\(3\)u5\(1i\) | |
| cisco | nx-os | 5.0\(3\)u5\(1j\) | |
| cisco | nx-os | 6.0\(2\)a1\(1\) | |
| cisco | nx-os | 6.0\(2\)a1\(1a\) | |
| cisco | nx-os | 6.0\(2\)a1\(1b\) | |
| cisco | nx-os | 6.0\(2\)a1\(1c\) | |
| cisco | nx-os | 6.0\(2\)a1\(1d\) | |
| cisco | nx-os | 6.0\(2\)a1\(1e\) | |
| cisco | nx-os | 6.0\(2\)a1\(1f\) | |
| cisco | nx-os | 6.0\(2\)a1\(2d\) | |
| cisco | nx-os | 6.0\(2\)a3\(1\) | |
| cisco | nx-os | 6.0\(2\)a3\(2\) | |
| cisco | nx-os | 6.0\(2\)a3\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(1\) | |
| cisco | nx-os | 6.0\(2\)a4\(2\) | |
| cisco | nx-os | 6.0\(2\)a4\(3\) | |
| cisco | nx-os | 6.0\(2\)a4\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(5\) | |
| cisco | nx-os | 6.0\(2\)a4\(6\) | |
| cisco | nx-os | 6.0\(2\)u1\(1\) | |
| cisco | nx-os | 6.0\(2\)u1\(1a\) | |
| cisco | nx-os | 6.0\(2\)u1\(2\) | |
| cisco | nx-os | 6.0\(2\)u1\(3\) | |
| cisco | nx-os | 6.0\(2\)u1\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(1\) | |
| cisco | nx-os | 6.0\(2\)u2\(2\) | |
| cisco | nx-os | 6.0\(2\)u2\(3\) | |
| cisco | nx-os | 6.0\(2\)u2\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(4.92.4z\) | |
| cisco | nx-os | 6.0\(2\)u2\(5\) | |
| cisco | nx-os | 6.0\(2\)u2\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(1\) | |
| cisco | nx-os | 6.0\(2\)u3\(2\) | |
| cisco | nx-os | 6.0\(2\)u3\(3\) | |
| cisco | nx-os | 6.0\(2\)u3\(4\) | |
| cisco | nx-os | 6.0\(2\)u3\(5\) | |
| cisco | nx-os | 6.0\(2\)u3\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(7\) | |
| cisco | nx-os | 6.0\(2\)u3\(8\) | |
| cisco | nx-os | 6.0\(2\)u3\(9\) | |
| cisco | nx-os | 6.0\(2\)u4\(1\) | |
| cisco | nx-os | 6.0\(2\)u4\(2\) | |
| cisco | nx-os | 6.0\(2\)u4\(3\) | |
| cisco | nx-os | 6.0\(2\)u4\(4\) | |
| cisco | nx-os | 6.0\(2\)u5\(1\) | |
| cisco | nx-os | 6.1\(2\)i2\(2b\) | |
| cisco | nx-os | 6.1\(2\)i3\(1\) | |
| cisco | nx-os | 6.1\(2\)i3\(2\) | |
| cisco | nx-os | 6.1\(2\)i3\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(3a\) | |
| cisco | nx-os | 7.0\(3\)i1\(1\) | |
| cisco | nx-os | 7.0\(3\)i1\(1a\) | |
| cisco | nx-os | 7.0\(3\)i1\(1b\) | |
| cisco | nx-os | 7.0\(3\)i1\(1z\) | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_3064-t | - | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3172 | - | |
| cisco | nx-os | 5.2\(1\)n1\(1\) | |
| cisco | nx-os | 5.2\(1\)n1\(1a\) | |
| cisco | nx-os | 5.2\(1\)n1\(1b\) | |
| cisco | nx-os | 5.2\(1\)n1\(2\) | |
| cisco | nx-os | 5.2\(1\)n1\(2a\) | |
| cisco | nx-os | 5.2\(1\)n1\(3\) | |
| cisco | nx-os | 5.2\(1\)n1\(4\) | |
| cisco | nx-os | 5.2\(1\)n1\(5\) | |
| cisco | nx-os | 5.2\(1\)n1\(6\) | |
| cisco | nx-os | 5.2\(1\)n1\(7\) | |
| cisco | nx-os | 5.2\(1\)n1\(8\) | |
| cisco | nx-os | 5.2\(1\)n1\(8a\) | |
| cisco | nx-os | 5.2\(1\)n1\(8b\) | |
| cisco | nx-os | 5.2\(1\)n1\(9\) | |
| cisco | nx-os | 5.2\(1\)n1\(9a\) | |
| cisco | nx-os | 5.2\(1\)n1\(9b\) | |
| cisco | nx-os | 6.0\(2\)n1\(1\) | |
| cisco | nx-os | 6.0\(2\)n1\(1a\) | |
| cisco | nx-os | 6.0\(2\)n1\(2\) | |
| cisco | nx-os | 6.0\(2\)n1\(2a\) | |
| cisco | nx-os | 6.0\(2\)n2\(1\) | |
| cisco | nx-os | 6.0\(2\)n2\(1b\) | |
| cisco | nx-os | 6.0\(2\)n2\(2\) | |
| cisco | nx-os | 6.0\(2\)n2\(3\) | |
| cisco | nx-os | 6.0\(2\)n2\(4\) | |
| cisco | nx-os | 6.0\(2\)n2\(5\) | |
| cisco | nx-os | 6.0\(2\)n2\(5a\) | |
| cisco | nx-os | 6.0\(2\)n2\(5b\) | |
| cisco | nx-os | 6.0\(2\)n2\(6\) | |
| cisco | nx-os | 6.0\(2\)n2\(7\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1a\) | |
| cisco | nx-os | 7.0\(5\)n1\(1\) | |
| cisco | nx-os | 7.0\(5\)n1\(1a\) | |
| cisco | nx-os | 7.0\(6\)n1\(1\) | |
| cisco | nx-os | 7.0\(6\)n1\(2s\) | |
| cisco | nx-os | 7.0\(6\)n1\(3s\) | |
| cisco | nx-os | 7.0\(6\)n1\(4s\) | |
| cisco | nx-os | 7.0\(7\)n1\(1\) | |
| cisco | nx-os | 7.0\(7\)n1\(1a\) | |
| cisco | nx-os | 7.0\(7\)n1\(1b\) | |
| cisco | nx-os | 7.0\(8\)n1\(1\) | |
| cisco | nx-os | 7.0\(8\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1\) | |
| cisco | nx-os | 7.1\(0\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1b\) | |
| cisco | nx-os | 7.1\(1\)n1\(1\) | |
| cisco | nx-os | 7.1\(1\)n1\(1a\) | |
| cisco | nx-os | 7.1\(2\)n1\(1\) | |
| cisco | nx-os | 7.1\(2\)n1\(1a\) | |
| cisco | nx-os | 7.1\(3\)n1\(1\) | |
| cisco | nx-os | 7.1\(3\)n1\(2\) | |
| cisco | nx-os | 7.1\(3\)n1\(2a\) | |
| cisco | nx-os | 7.1\(3\)n1\(3\) | |
| cisco | nx-os | 7.1\(3\)n1\(4\) | |
| cisco | nx-os | 7.1\(3\)n1\(5\) | |
| cisco | nx-os | 7.1\(4\)n1\(1\) | |
| cisco | nx-os | 7.1\(4\)n1\(1a\) | |
| cisco | nx-os | 7.1\(4\)n1\(1c\) | |
| cisco | nx-os | 7.1\(4\)n1\(1d\) | |
| cisco | nx-os | 7.1\(5\)n1\(1\) | |
| cisco | nx-os | 7.1\(5\)n1\(1b\) | |
| cisco | nx-os | 7.2\(1\)n1\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1a\) | |
| cisco | nx-os | 7.3\(0\)n1\(1b\) | |
| cisco | nx-os | 7.3\(1\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)n1\(1b\) | |
| cisco | nx-os | 7.3\(2\)n1\(1c\) | |
| cisco | nx-os | 7.3\(3\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1a\) | |
| cisco | nx-os | 7.3\(5\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1a\) | |
| cisco | nx-os | 7.3\(7\)n1\(1\) | |
| cisco | nx-os | 7.3\(7\)n1\(1a\) | |
| cisco | nexus_5010 | - | |
| cisco | nexus_5020 | - | |
| cisco | nexus_5548p | - | |
| cisco | nexus_5548up | - | |
| cisco | nexus_5596t | - | |
| cisco | nexus_5596up | - | |
| cisco | nexus_56128p | - | |
| cisco | nexus_5624q | - | |
| cisco | nexus_5648q | - | |
| cisco | nexus_5672up | - | |
| cisco | nexus_5696q | - | |
| cisco | nexus_6001 | - | |
| cisco | nexus_6004 | - | |
| cisco | nx-os | 5.2\(1\) | |
| cisco | nx-os | 5.2\(3\) | |
| cisco | nx-os | 5.2\(3a\) | |
| cisco | nx-os | 5.2\(4\) | |
| cisco | nx-os | 5.2\(5\) | |
| cisco | nx-os | 5.2\(7\) | |
| cisco | nx-os | 5.2\(9\) | |
| cisco | nx-os | 5.2\(9a\) | |
| cisco | nx-os | 6.2\(2\) | |
| cisco | nx-os | 6.2\(2a\) | |
| cisco | nx-os | 6.2\(6\) | |
| cisco | nx-os | 6.2\(6a\) | |
| cisco | nx-os | 6.2\(6b\) | |
| cisco | nx-os | 6.2\(8\) | |
| cisco | nx-os | 6.2\(8a\) | |
| cisco | nx-os | 6.2\(8b\) | |
| cisco | nx-os | 6.2\(10\) | |
| cisco | nx-os | 6.2\(12\) | |
| cisco | nx-os | 6.2\(14\) | |
| cisco | nx-os | 6.2\(14a\) | |
| cisco | nx-os | 6.2\(14b\) | |
| cisco | nx-os | 6.2\(16\) | |
| cisco | nx-os | 6.2\(18\) | |
| cisco | nx-os | 6.2\(20\) | |
| cisco | nx-os | 6.2\(20a\) | |
| cisco | nx-os | 6.2\(22\) | |
| cisco | nx-os | 6.2\(24\) | |
| cisco | nx-os | 7.2\(0\)d1\(1\) | |
| cisco | nx-os | 7.2\(1\)d1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(2\) | |
| cisco | nx-os | 7.2\(2\)d1\(3\) | |
| cisco | nx-os | 7.2\(2\)d1\(4\) | |
| cisco | nx-os | 7.3\(0\)d1\(1\) | |
| cisco | nx-os | 7.3\(0\)dx\(1\) | |
| cisco | nx-os | 7.3\(1\)d1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1d\) | |
| cisco | nx-os | 7.3\(2\)d1\(2\) | |
| cisco | nx-os | 7.3\(2\)d1\(3\) | |
| cisco | nx-os | 7.3\(2\)d1\(3a\) | |
| cisco | nx-os | 7.3\(3\)d1\(1\) | |
| cisco | nx-os | 7.3\(4\)d1\(1\) | |
| cisco | nx-os | 7.3\(5\)d1\(1\) | |
| cisco | nx-os | 7.3\(6\)d1\(1\) | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | 6.1\(2\)i1\(2\) | |
| cisco | nx-os | 6.1\(2\)i1\(3\) | |
| cisco | nx-os | 6.1\(2\)i2\(1\) | |
| cisco | nx-os | 6.1\(2\)i2\(2\) | |
| cisco | nx-os | 6.1\(2\)i2\(2a\) | |
| cisco | nx-os | 6.1\(2\)i2\(2b\) | |
| cisco | nx-os | 6.1\(2\)i2\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(1\) | |
| cisco | nx-os | 6.1\(2\)i3\(2\) | |
| cisco | nx-os | 6.1\(2\)i3\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(3a\) | |
| cisco | nx-os | 7.0\(3\)i1\(1\) | |
| cisco | nx-os | 7.0\(3\)i1\(1a\) | |
| cisco | nx-os | 7.0\(3\)i1\(1b\) | |
| cisco | nx-os | 7.0\(3\)i1\(1z\) | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_92348gc-x | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93108tc-fx | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180lc-ex | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93180yc-fx | - | |
| cisco | nexus_93216tc-fx2 | - | |
| cisco | nexus_93240yc-fx2 | - | |
| cisco | nexus_9332c | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_93360yc-fx2 | - | |
| cisco | nexus_9336c-fx2 | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9348gc-fxp | - | |
| cisco | nexus_9364c | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | ucs_manager | 3.2\(3n\)a | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6324 | - | |
| cisco | ucs_6332 | - | |
| cisco | ucs_6332-16up | - | |
| digi | saros | * | |
| hp | x3220nr_firmware | * | |
| hp | x3220nr_firmware | - | |
| treck | tcp\/ip | * | |
| cisco | unified_computing_system | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sk3\\(1.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8AE969C2-960D-4C09-BBCA-B757D925EB5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sk3\\(2.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5D85822F-209F-4FE3-8ED9-59EC33E71884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sk3\\(2.1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9180296D-7BF2-445E-92AB-002D50D8D87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sk3\\(2.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0B7B63E-7B91-48BC-A0E7-5BDC1FCC02AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sk3\\(2.2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "28765813-6283-43AF-9C0E-6884B305C158",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B3917B37-BA20-4B07-B003-B7E5F99C4A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BA9CEC37-A833-41D6-B3DA-9D17962D0989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3515BB86-5FD5-4203-B1AB-CCC8B784D091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5F310196-08CD-4A81-BE5C-8B484A71CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.2c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3B8663A9-7287-4A28-8278-124F437A2BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm3\\(1.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "36ECC59E-23AB-44F2-982E-8EC6901F6CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm3\\(1.1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A7ECE401-189C-4438-8B73-AED84EAEB2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm3\\(1.1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AEF80603-493F-41D1-B8E1-C73617AD4992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm3\\(1.1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7B5E826B-AD7D-417E-87F4-C702BFB243A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm3\\(2.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4FC4D1AE-FC2D-4687-BE4A-04064CCDBBA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95F0898B-06EC-426E-98A6-753FD1FA1250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48E47ECE-9070-4EC6-BEB2-B6C233419439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5264C81D-8FA2-4C83-A136-A5F2A298DB08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "675E1BB5-E0B5-4123-819F-641DB1277EC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.4b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EADE0C99-64F2-4294-A78B-782006C40F1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A58D667-218D-42DA-A15F-4DA23762A71B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.5b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A4265ACF-8EC4-4794-A31F-28CC6CBEBFE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B3BE1868-1AEB-468C-8B96-A0E85A5B7064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "17C275C2-9082-47EC-B525-9EAA427A083B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "072DA31B-F629-4A39-9149-03CC339C8D01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(2.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6C3D3F90-5552-45EA-97E6-D298D23A87A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0D58CF7B-FCEF-4A97-A9D3-631556FCE3D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(2.8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "650B2C45-A7F4-4104-BF7A-7C4E18CFA225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(3.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F74EB97-3BC7-4CC5-A48F-57B0C4C0E108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(3.15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE71BCEF-43A3-41C4-871B-E30DD7BFE3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(4.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CE33B6DC-0339-4D13-8AEC-7A91A386D3AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(4.1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C6A89675-D360-4476-ADDE-FA3F0EBEC131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(4.1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BFC48A4A-C4CC-4463-83D8-32192F3B7D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(4.1b\\):*:*:*:*:hyper-v:*:*",
"matchCriteriaId": "71AC07A2-0A94-4531-8733-C399EC926515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(4.1b\\):*:*:*:*:vsphere:*:*",
"matchCriteriaId": "9414EB06-685B-449A-AAE0-70BF74B50F59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "14F547DC-9941-49B8-9752-FC25D144022F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A9F0C0E2-17ED-4CCB-BAFA-CD957ACC8BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5266D0F6-9B69-43A9-BA66-C0A6C1293BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.3\\):*:*:*:*:vsphere:*:*",
"matchCriteriaId": "DB787D8A-1E09-450B-A7EC-8F2C3B7A0383",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E705638-8D0A-40D6-9A51-4FDB6C03F71E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "882D7344-E38B-4F44-8CDE-1CCA827F28BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)a1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "65CDC91A-BFED-47C3-8B2E-4BEB99F73555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)a1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A58651D4-1292-445F-985F-945E2B881AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)a1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "169B0759-C366-4633-99E0-0FCF8CBBB002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "92BDA5ED-E9AF-4D9C-9D13-BADFC515670C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F8C124BA-D5FC-422A-B3F4-AC1A41B7EEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F358E8D0-624B-412A-8726-B8AF96156317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B178F96C-78D0-466E-B201-FE5371F4610E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "17A4CE07-64FF-4C5C-81FF-A2388818CF7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AFDC9595-39D4-4BF8-AF18-D27A500C9007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7241BFDB-6386-4CBE-ACFB-4599EDE9CB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AF7CE90-9433-4E1D-A2AD-0B8854521CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "171160E9-F6B8-4C8A-B086-431E3E2A27BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9CAFAE6E-8B64-4A1F-A7E4-2D4BDFB7D5B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "91C35886-CB9B-4477-9AB3-9F1C9E45E757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F393BE8-8CC4-4302-829F-2C4F97BAC14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CE855B3E-B2B8-4EBA-8303-55F6A5A77E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "641D651A-B85B-4E9E-BE92-35AFAE8A63A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7810F6FD-F58F-4121-9D30-8C5E3E163EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09C38DCD-2A5F-4095-ABA4-02E95D93C358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "103A4C19-0E91-45FC-9AA2-F40215FCF63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F61C03B-D7AB-468A-B092-158730FB3E0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F883AA8-CC44-4440-AB30-D7AC29C242F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7390B4D2-2121-4311-A798-337E8B777A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "924C6663-9EA0-4124-ACC6-0AFC649AEA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3C559C83-FB34-4B1A-A6B3-1834D6CD022C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F422D53-4FF4-43FB-8F62-D53393A8C038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7CFFFE88-17EA-4515-BF71-C0AB82957B21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6EF14E5C-B776-4A04-A5CC-853CFF2816B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF7E681A-F354-4093-84A9-5A357EAB1559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B627C66-CFE1-40B9-8264-392BB091EA52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "512B7DAC-3929-4063-9AA4-0C6B1E3047A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1j\\):-:*:*:*:*:*:*",
"matchCriteriaId": "E51725F9-753E-4D03-B132-38EB0A00BC3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CA76DC9B-8325-4BF6-B729-FA781E88E7AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "26BC5100-7F5D-4603-A313-00767C6DA96F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A2EA595C-6A01-4D8D-9CB9-F280D540D3FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "882CE57A-B06D-4E93-A181-B74017ABBCC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "60848441-E3E5-47E8-809B-0B226658425E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3A196373-F643-4D7E-8DC7-8FFD60660B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "090903C2-4B6A-4DE5-9AD6-76A412E81A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(2d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7AF52EFA-7DE0-4669-ABA9-596D7D9A23AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AF658ED7-F77C-405B-B06A-74B46FBDAD98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4F0FDDF2-912C-4900-B0B7-20AF5D2F1B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7295EC54-FA19-4658-8510-3C072804D9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B31E39D5-147B-4965-ACB6-34F1244143F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3D672928-6AE8-488B-A2A5-257074BAB2D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C928C35-4E24-4DBE-ADEA-D449B88ECB6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E64D8992-CA79-4ADF-BF3B-A76E944EC740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "11A35378-54EB-422F-B0DD-211B214803D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1E46D326-665C-4DB7-89A0-0F1B987D4A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5BFA21F2-E2B2-49B6-9956-D6219D499F7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52899164-992D-4736-B460-FDFB825DB7A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8766DA4C-A25C-48D4-A6FC-2357200A9215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B6C48105-F73E-40C9-8CD9-B46C5319FB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94F5B47A-023B-4415-8DB9-6829C5E72901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "618861BD-8FEE-4EF8-BFFB-A5BCBA8EA3EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6459DD6B-6DC1-4C14-A8E7-4503ED5F69BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA600413-FC70-4776-99DF-180C96D4FD24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ECC9066F-3082-48A0-BA52-9ED9420EA47A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(4.92.4z\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AF23DA92-A5C0-488B-806E-8549190A08B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "78611E25-E33E-4C88-A681-97B5A2A01B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "780B04ED-412E-441F-8717-D8F9257F5699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FC6A3647-2AF0-4D45-BCC9-24618B43ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AD2AABBD-8680-4615-A4E2-B607CB1B0979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "693F444B-FA34-489C-BB45-E9185DE47816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "13669043-3F12-4439-812F-6DE35F70B159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58A8BDE0-2F73-4E0C-B73A-918DB3352067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5CC4DC15-3045-4CE3-A7B5-4E6ED35BF51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "625BE6B1-12A7-4A8A-A816-E82C026E0457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4EAC2920-462B-44F0-8E93-7875C2F74592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35957A41-D8F2-4BC1-986B-C3E271327D64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "10BFAE68-01C5-4EF8-8B86-F470092E9034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6D02FC11-EB21-45CD-A070-89C4862240BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8C67AE59-380A-402B-9B2A-F595E001637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4301927C-7A6D-4DA9-9470-9182E7FB234A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C71ED401-6786-4AAE-A98F-BE4732256A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9ED50316-7044-4757-9C51-5543BA5693A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69B757AE-83C8-4194-9BAE-DBECA2021597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB1A44C9-147B-4D1F-AB98-EB4F9F8C1C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "702EF8D5-1F3F-45EF-AC8D-BD5A9E46A78E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "30AE9092-DCF1-472F-B26D-E5BAA8DF25DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58BC9769-F3CD-4047-8C86-8C09FB2AB0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4C775E53-781D-4426-A59B-DB65D697A844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "619DEAAE-3356-4079-8CC8-F477FCA18199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1z\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3DFE4CA5-42CC-4D81-B044-2D4EDFA37AA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "757A0C8E-4817-41DD-A609-2B61C36DBBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3AECFED5-8D06-4396-BDD2-AAA0F5241839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "772A297E-E323-4D2D-9129-6C4FC63643DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "149ABB41-A8FF-4A8F-888E-F27BDAAE9C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6918EB91-679A-4F47-BB9E-3A22287F14FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A0464AAE-73CF-4B24-A5CE-5C1131909CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "68376361-C835-4552-8490-553C9A082615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "270620E3-92B7-4914-88C7-9D955B2B856E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A8E48600-FD20-4743-A3E8-AD5297164551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A10C1B6-616E-4F94-8889-9C99906326D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "01A091A5-2848-4901-B193-1EC9DD8A52E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "380FEA27-D68C-48DA-B2B9-4A3B3A71B059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3EAF9D9A-BFA7-43B2-BCF5-D4AE884AFB44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31224B4A-CE5F-4B6E-8BAD-DF5BAA7EEB78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(9a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B64B9F42-0779-439F-ABF9-4183B9A10D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(9b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "704B6AA4-D001-45B6-9E84-10F7E70CD9DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C871A419-B769-46B2-956E-467BBE94F290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AB525D6-6E1B-4806-A981-F0FEA87E516B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7EACF481-3E4B-4580-8AE7-3D49790E0715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "698ABD3F-C9DE-4376-B57A-D05AEDCD9A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5010EDAE-67BB-4E23-B0F5-10096A7DAB54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "84CF5114-731F-4BF4-83E0-9B095C34541C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4750621F-E7C5-4E6A-BC5F-232E75A454E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "08F35A63-9343-47D6-AB91-37AB148137E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CADBDD1D-DA17-40EE-8B23-81E9991387DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A623F8E1-B97B-41DD-947F-7E1B65DD6902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4F3D9588-D98A-45FC-8344-58C55F35610E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "90C2E584-4BA6-48E7-8C56-A7F7D9BABC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A190D0A-B758-49BA-9830-9870F699DA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF5613C4-6D05-4CF3-931F-F685150494DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD613D8F-099C-43A1-BD29-A98250E1334A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "576B74DF-9527-4931-B1A3-8FEE1DB1AD99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63949081-E2F3-4EB4-BABC-270AAB19EE78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58292522-F486-410D-AD99-DFD6EC0AA9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A462729A-720F-4180-96DD-713A70CEF494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BEB59A4B-3FCA-47F9-A4DB-D2B8ABAFB54D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A07ACF87-C694-41DB-B4BD-23CE72E32EED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C83C312B-0B0E-4A02-A9EE-F864EFBE60CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(2s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "832DE1DB-0D1C-4C24-8E2D-D182205C94B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(3s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BD36EDD5-4408-4BD0-A75A-AFFD5BF44D38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(4s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0FBFB9B-703D-42F8-93BA-969AB7284106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E47E0A4D-4033-43A8-9A50-E1A2BD7B419C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4C95519E-7536-4EF7-8222-D4089500F826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "71F56568-57E6-4C1C-AC8A-D96E097E449E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F631EAC6-1D33-485E-9E00-8572FA015C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "25CEAE9E-DD9B-41E2-BC39-3332F428B489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DE199525-4C2D-48C2-A76C-BD14BF2851F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E3644F66-F964-4D50-A6E0-EE8784490BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "72AD166D-7CBF-4A4D-A376-907DDA1BB504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A20D72B-E2C6-47B6-A54D-FA435F29D7F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6C801D4A-E604-49CA-8D14-13622E85C563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "77D9EEFA-D652-45D2-8AF5-8A72825E7ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EC78BEB7-47D1-4544-BC40-AB5D73B93D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AEB91EC-E548-4C53-920F-C4871BC464B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0282F963-2C1F-44F7-A0D0-4929685051AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A1F519D0-64BC-4862-8894-4F6C248253C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94A247A8-E918-4757-9ADE-251B027CD307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "195CD630-4949-4B52-B9FF-94F3DEFB47AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "225E5070-B635-4752-B771-0E721C96C2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9103A92E-C9F3-401B-AE30-66466210ADED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9E5CD729-234E-43C0-A6A3-A3E0983A6605",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A30E576-56F8-4EBA-AADE-C70655DE6E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74415A0A-A3F4-43BB-B609-B6641771D655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B5ED7424-EB12-4C21-97C8-082156716C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "16359104-2DB6-41D6-97A8-8CA1C3AB5688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94AA886F-7BD1-4699-B1D3-E495EFCA2812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "569B3CE7-CA06-4636-8043-7ED7635195A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "41A683FE-68AF-43E4-B846-2E82ACDD5E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C8B149C-D842-496A-BE21-41920F95139C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8D72F0B8-D229-4995-A053-62FA6591DCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D8025943-EA09-47E6-9109-7DAF078F8F26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1A727000-44CC-461C-A7D6-0B9A99CB974A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "105B6601-D756-4B76-9554-5B6E027A5E8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0EE35B51-2D13-4A8B-BFF5-0596DBDCD261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69FE85C9-A0AC-4FD4-A6EE-F0868B69503B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9B1340D1-8EE8-484F-979A-AB9E34D35EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AF1257BF-D534-4899-937F-DCBD033A7D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "86E5CF27-5661-41DF-B339-740718760AC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6AE0D110-D8D7-4D50-A599-618A5120EDD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9ACD2D0D-7A38-4FCD-9E24-5588BACF8DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "586E9024-C983-4CFF-9A3F-A39256E09910",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\):-:*:*:*:*:*:*",
"matchCriteriaId": "1D901758-5416-422A-A745-89EF53C5ADF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BB17004B-E1FE-4BE6-89A3-43AC2D967000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C628947-4A0E-4904-A6F7-745C3370A8F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "356B4143-5184-491B-9D10-19D6536366CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C038896F-6DBC-4695-9DBE-A60F6C39AFFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9F2453F2-704F-48F7-8009-991BE0B49251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E00B4AC8-1D27-4394-AF28-10785AEFC073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(9a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7AA95379-A172-4262-8B34-A912E47BFB2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2FDE8EF9-47CF-451D-9570-3D369D74D44F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "55A760CE-5E63-4A6B-8DA3-A473BC3900E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0E738E86-B75F-48BF-9E76-C7DD470F3688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(6a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "11E66F3E-9482-4F30-8480-F036F3C68B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "68C6090F-0B05-46F0-8A67-928FE1C36D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FBD345BD-83EF-4913-A0F3-74E52AD76BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46B2B97B-DDB7-4208-BF1A-D10C8A075A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "317C8BE8-84DA-43D5-AE93-7E7DCDE6883E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED7B1216-4C4F-4A23-9474-23876649ABF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "57892CBB-8C95-4E56-90F8-B77BBBDC03FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A555382D-9D35-4931-B3B0-DD4D956AB7AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(14a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "65CCE422-71DB-4500-AC91-9FB4DD5924A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(14b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C37B944B-CFB6-41F6-B4ED-049BEB3732E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "985752BE-AC65-47BC-97F5-36C2E44E55D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(18\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BEC60C3C-8689-47EC-B944-F0FB9D38E4F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(20\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C6A61F7E-9929-48F5-85BA-72E744AF30B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(20a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA24A851-F051-41A8-A33E-7296AD199306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52E6911E-3DD8-4FCC-A1B5-613098B25337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(24\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FEA235F0-95C4-471A-BBD6-EDB723E6E7CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6BF973CD-3315-4D86-8F89-05DC97C736AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C18A0045-87F3-4782-81C5-0BF615EA9346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2768DEF1-3DFA-4683-9D8D-C5915D8E7365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3CD05045-E867-4B7E-ACE4-7B6EA69971AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF9B10D1-29C0-4B16-813A-B535C4C64E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "84551391-3A13-42EC-855F-FBB3453F65D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7FD733DD-EC40-48EC-A8A6-AE09657EEFC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)dx\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "18CE33FF-6C81-4B38-8C47-6DEBD4D4223C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A7B0A8C-ED8F-411C-843F-B801CBBBB6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FADC755B-3AB3-43D6-8495-1FABCBD548E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "42D84BD8-D76B-422E-9E46-4A667A981FAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "03607526-7F9E-43F5-94ED-3ED0B4D29DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8890C4B8-2E5C-46D6-80DE-6B5256FA1CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F8A3FFE-D017-43F7-B481-AF25B8B2BE6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "98FC292D-27D3-40CF-98C5-AF47686FC134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C23B353-3500-4FA4-90CE-624A29B1048F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29002523-6405-4198-A5E5-630A4B661767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF0DFA7E-9B40-4E82-9EB9-886C79B2D61C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CD1CA5A5-703E-46B1-A4C8-EF8FAD58049E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48889960-437F-4848-9D91-DF8BAA118C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1BB0F49B-85C0-4C52-82E0-C2683D43B553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9ABB647D-B91E-4C2F-9FBE-1C9AAB27E2D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "384B7337-1C2F-479E-BB2B-F31320D82EE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9ED50316-7044-4757-9C51-5543BA5693A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1CB11917-C606-4025-A91A-596F7D47A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69B757AE-83C8-4194-9BAE-DBECA2021597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB1A44C9-147B-4D1F-AB98-EB4F9F8C1C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "702EF8D5-1F3F-45EF-AC8D-BD5A9E46A78E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "30AE9092-DCF1-472F-B26D-E5BAA8DF25DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58BC9769-F3CD-4047-8C86-8C09FB2AB0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4C775E53-781D-4426-A59B-DB65D697A844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "619DEAAE-3356-4079-8CC8-F477FCA18199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1z\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3DFE4CA5-42CC-4D81-B044-2D4EDFA37AA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ucs_manager:3.2\\(3n\\)a:*:*:*:*:*:*:*",
"matchCriteriaId": "13FF5911-F491-4741-8602-31CB00884520",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "054D8EB2-97A3-4725-9DFF-27A4D231D90A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:digi:saros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C98B5C59-8AF6-448B-AB76-BB3FAA7D4DD6",
"versionEndExcluding": "8.1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:x3220nr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A230831D-5238-49D4-9137-AB51BA84FEE5",
"versionEndExcluding": "3.00.11.08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:x3220nr_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "778ED36E-19A5-4BB7-A0C2-D7695DCC84C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:treck:tcp\\/ip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "197CE9E4-02C7-4C1F-87D2-DFD6FF636DF2",
"versionEndExcluding": "6.0.1.67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_computing_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B944AB06-2598-431A-B6A6-0C108EBDCD5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing."
},
{
"lang": "es",
"value": "M\u00faltiples productos que implementan la IP Encapsulation dentro del est\u00e1ndar IP (RFC 2003, STD 1) desencapsulan y enrutan el tr\u00e1fico IP-in-IP sin ninguna comprobaci\u00f3n, lo que podr\u00eda permitir a un atacante remoto no autenticado enrutar tr\u00e1fico arbitrario por medio de una interfaz de red expuesta y conllevar a una falsificaci\u00f3n, omisi\u00f3n de control de acceso y otros comportamientos inesperados de la red."
}
],
"id": "CVE-2020-10136",
"lastModified": "2024-11-21T04:54:53.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-02T09:15:09.967",
"references": [
{
"source": "cret@cert.org",
"url": "https://datatracker.ietf.org/doc/html/rfc6169"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://kb.cert.org/vuls/id/636397/"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.digi.com/resources/security"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/636397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://datatracker.ietf.org/doc/html/rfc6169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://kb.cert.org/vuls/id/636397/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.digi.com/resources/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/636397"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-290"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-290"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-24 20:15
Modified
2024-11-21 05:44
Severity ?
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(3.108\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1300F966-42F4-4F29-86C6-A11038B17D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(3.117\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D6A2FFB0-D207-4682-AF8E-EE65812FE889",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1BEB5BAE-0BB6-4201-9229-47DE631AAF3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4C1BC928-7DB9-499A-8CF4-90C98218E9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A2F42DB-B22B-4880-BA73-D0E0295190DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B34855-D8D2-4114-80D2-A4D159C62458",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB9FDE8-8533-4F65-BF32-4066D042B2F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(8\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D1718-F6B6-4AF6-86EE-0DFF5C6F5AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(9\\)n1\\(0.823\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2C25D897-0A4D-4FE8-864A-668CDC229CE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_computing_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF9A844-F4E9-4EBD-A704-CE55BCC7A636",
"versionEndExcluding": "4.0\\(4i\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_computing_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3721CBFD-3C90-4454-ACB0-57658D848DAE",
"versionEndExcluding": "4.1\\(2c\\)",
"versionStartIncluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "054D8EB2-97A3-4725-9DFF-27A4D231D90A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC04D48B-8B2F-45E1-A445-A87E92E790B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:r231:*:*:*:*:*:*:*",
"matchCriteriaId": "EC52EFF8-C5A8-4530-B3F5-03BCC023D6AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
"matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad Unidirectional Link Detection (UDLD) del Software Cisco FXOS y el Software Cisco NX-OS, podr\u00eda permitir a un atacante adyacente no autenticado ejecutar c\u00f3digo arbitrario con privilegios administrativos o causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;Esta vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes de protocolo Cisco UDLD dise\u00f1ados a un dispositivo afectado directamente conectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario con privilegios administrativos o hacer que el proceso de UDLD de Cisco se bloquee y se reinicie varias veces, causando que el dispositivo afectado se recargue y resulte en una condici\u00f3n de DoS.\u0026#xa0;Nota: La funci\u00f3n UDLD est\u00e1 deshabilitada por defecto y las condiciones para explotar esta vulnerabilidad son estrictas.\u0026#xa0;El atacante necesita el control total de un dispositivo conectado directamente.\u0026#xa0;Ese dispositivo debe estar conectado a trav\u00e9s de un canal de puerto que tenga UDLD habilitado.\u0026#xa0;Para activar la ejecuci\u00f3n de c\u00f3digo arbitraria, deben existir tanto el canal de puerto habilitado para UDLD como las condiciones espec\u00edficas del sistema.\u0026#xa0;En ausencia del canal de puerto habilitado para UDLD o de las condiciones del sistema, los intentos de explotar esta vulnerabilidad resultar\u00e1n en una condici\u00f3n de DoS.\u0026#xa0;Es posible, pero muy poco probable, que un atacante pueda controlar las condiciones necesarias para la explotaci\u00f3n.\u0026#xa0;La puntuaci\u00f3n CVSS refleja esta posibilidad.\u0026#xa0;Sin embargo, dada la complejidad de la explotaci\u00f3n, Cisco ha asignado una calificaci\u00f3n de impacto de seguridad media (SIR) a esta vulnerabilidad"
}
],
"id": "CVE-2021-1368",
"lastModified": "2024-11-21T05:44:11.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-24T20:15:13.473",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "ykramarz@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-20 21:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly validate certain parameters included within an NX-API request. An attacker that can successfully authenticate to the NX-API could submit a request designed to bypass NX-OS role assignment. A successful exploit could allow the attacker to execute commands with elevated privileges. This vulnerability affects the following if configured to use the NX-API feature: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCvc73177, CSCve40903, CSCve40911.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-nxapi | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-nxapi | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5FF890-017A-4F2B-9253-8149FA484066",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "991285C8-2BD5-4C84-8DA0-4C500B519267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02DD5791-E4D3-475C-84B0-E642ACFC5EB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF918D59-4D57-4C18-9FF5-AE6636F24484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE85C54-276F-462E-808A-23D3E54D31BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE20F28F-3C41-4B4B-9D31-AF0F68A0C2A2",
"versionEndExcluding": "7.3.2d1",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16E38EA6-AA09-479B-9613-0AC4791693CC",
"versionEndExcluding": "8.1.2",
"versionStartIncluding": "8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF1AF20-C6CE-4956-8129-FA68E3B03E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE85C54-276F-462E-808A-23D3E54D31BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B36B056-C068-4413-B648-1D1D6026B823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E40D9097-C95A-4813-9DEE-89CA75820524",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93C9AFED-1347-4B0E-B031-AF5EA891B9BD",
"versionEndExcluding": "7.0\\(3\\)i3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C899EF-A64F-4FD8-851C-1D4E2929BAF4",
"versionEndExcluding": "7.0\\(3\\)i7\\(1\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93C9AFED-1347-4B0E-B031-AF5EA891B9BD",
"versionEndExcluding": "7.0\\(3\\)i3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C899EF-A64F-4FD8-851C-1D4E2929BAF4",
"versionEndExcluding": "7.0\\(3\\)i7\\(1\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC6D08-C547-44A3-AC77-A63DB58E4889",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D4C48-4D01-4761-B2D8-F16E90F78560",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D75479AD-9847-497C-9438-AA82D91B6F71",
"versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE20F28F-3C41-4B4B-9D31-AF0F68A0C2A2",
"versionEndExcluding": "7.3.2d1",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A9E3F8F-1AE7-4E49-9E84-A98E960ADD54",
"versionEndExcluding": "8.1\\(1a\\)",
"versionStartIncluding": "8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "258F95C6-34C6-489D-95E0-5E90DAA518CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF1AF20-C6CE-4956-8129-FA68E3B03E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E40D9097-C95A-4813-9DEE-89CA75820524",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly validate certain parameters included within an NX-API request. An attacker that can successfully authenticate to the NX-API could submit a request designed to bypass NX-OS role assignment. A successful exploit could allow the attacker to execute commands with elevated privileges. This vulnerability affects the following if configured to use the NX-API feature: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCvc73177, CSCve40903, CSCve40911."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la API de gesti\u00f3n de NX-API en dispositivos que ejecutan, o se basan en, el software Cisco NX-OS podr\u00eda permitir que un atacante remoto autenticado ejecute comandos con privilegios elevados. La vulnerabilidad se debe a un error a la hora de validar correctamente ciertos par\u00e1metros incluidos en una petici\u00f3n NX-API. Un atacante que pueda autenticarse con \u00e9xito en NX-API podr\u00eda enviar una petici\u00f3n dise\u00f1ada para omitir la asignaci\u00f3n de roles de NX-OS. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante ejecute comandos con privilegios elevados. Esta vulnerabilidad afecta a los siguientes productos si est\u00e1n configurados para emplear la caracter\u00edstica NX-API: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches y Nexus 9000 Series Switches en modo NX-OS independiente. Cisco Bug IDs: CSCvc73177, CSCve40903, CSCve40911."
}
],
"id": "CVE-2018-0330",
"lastModified": "2024-11-21T03:37:59.583",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-20T21:29:00.767",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-nxapi"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-nxapi"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-05 20:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA431796-203A-47FF-8D7B-BE0F032EEF85",
"versionEndExcluding": "2.2.2.91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33D894C8-5C56-4CE9-8A82-248EBB36797A",
"versionEndExcluding": "2.3.1.111",
"versionStartIncluding": "2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF89AAA7-02D6-486A-9AF6-8977E756115D",
"versionEndExcluding": "2.4.1.101",
"versionStartIncluding": "2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
"matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA65618C-F766-469C-804C-391DFEE67589",
"versionEndExcluding": "6.2\\(7\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B25B92ED-37C0-4653-9C5E-B4C13C46464C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2374E02D-46FE-477F-A74D-49E72149E6EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C44335D8-8A78-486C-A325-9691FA4C3271",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1392CDF-115C-431A-AF9B-8414F9307163",
"versionEndExcluding": "7.0\\(3\\)i7\\(6\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FAAA03-9B96-4F4A-A17C-50709FF8A6B1",
"versionEndExcluding": "6.0\\(2\\)a4\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFCC3C2-3483-4BD0-AF71-23574D0849B1",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1392CDF-115C-431A-AF9B-8414F9307163",
"versionEndExcluding": "7.0\\(3\\)i7\\(6\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C2141E-5E85-48FF-A943-3738E1BCB66B",
"versionEndExcluding": "7.1\\(4\\)n1\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B317F641-A9CA-4658-8AB2-6CB4D1EDF159",
"versionEndExcluding": "7.3\\(0\\)n1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1730252C-B173-471C-A54A-B1A135CE5D6E",
"versionEndExcluding": "6.2\\(6\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB",
"versionEndExcluding": "4.0\\(1a\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B96E5C-CC27-4020-93CE-413B95DCABB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de un comando de diagn\u00f3stico de la CLI en el software Cisco FXOS y el software Cisco NX-OS, podr\u00eda permitir a un atacante local autenticado visualizar archivos confidenciales del sistema que deber\u00edan estar restringidos. El atacante podr\u00eda usar esta informaci\u00f3n para realizar ataques de reconocimiento adicionales. La vulnerabilidad es debido a la comprobaci\u00f3n incompleta del control de acceso basado en roles (RBAC). Un atacante podr\u00eda explotar esta vulnerabilidad mediante la autenticaci\u00f3n en el dispositivo y emitiendo un comando de diagn\u00f3stico de la CLI espec\u00edfico con par\u00e1metros de entrada de usuario especialmente dise\u00f1ados. Una explotaci\u00f3n podr\u00eda permitir al atacante realizar una lectura arbitraria de un archivo en el dispositivo, y el archivo puede contener informaci\u00f3n confidencial. El atacante necesita credenciales de dispositivo v\u00e1lidas para explotar esta vulnerabilidad."
}
],
"id": "CVE-2019-1734",
"lastModified": "2024-11-21T04:37:12.463",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-05T20:15:11.297",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-25 19:15
Modified
2024-11-21 06:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3016_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59C91269-1657-4181-9B95-BDF85BFFFCD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3016q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45BEF0CC-1944-43DD-8781-64DF63664412",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3048_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF530AE3-F80B-40EC-9259-4771EEAD431D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3064_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77E6A0BD-102F-40C6-BD9A-1986D6F58212",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3064-32t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDB2DB1-43FD-4A3E-B193-56537FCFFDF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3064-t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7A2723-6526-430C-BD39-9E32B1F37DBB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3064-x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "312E9E2F-A981-4E6B-A06A-CB92514412D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3064t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81213C5C-B1B4-4C6E-9792-99241C7C5034",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F4E8EE4-031D-47D3-A12E-EE5F792172EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3064x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB895948-43AC-4406-B047-158135786440",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35A21858-D261-4662-83D9-3D4E982E009A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3100-v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C86065-AAE1-4DF6-8147-E77FEF42E9EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3100-z_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E62F1F-A7AD-4C42-8E6F-A7FA13E89DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D14D4B4E-120E-4607-A4F1-447C7BF3052E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3100v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A368E506-10CB-4856-8D91-E6C5FD5E29A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15702ACB-29F3-412D-8805-E107E0729E35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_31108pc-v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D71782-16F9-41C9-BC10-BC514FD26129",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_31108pv-v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59CA1EFB-BE3D-4428-B8AF-24C19348DF7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B34855-D8D2-4114-80D2-A4D159C62458",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_31108tc-v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E769CD-8F81-40AE-A071-84FAF92AF5C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_31128pq_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB914738-4557-4EC3-8A18-810862877C72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132c-z_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7A4072-9F8B-4374-9F8A-B660220765FA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "092FC6ED-9F53-41FF-9E0F-997D84B6DE3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132q-v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A288C8F3-AD77-46CC-BAD2-D8FC186D6CC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132q-x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCCF14F6-D286-419C-8C7C-7058C4A7B9C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132q-x\\/3132q-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "555D7772-B0BE-47F9-849E-16D777E66DBB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3132q-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C735F2C0-DC4D-45DE-8BA9-439BAE5CFD67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3164q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7187F85E-FEBE-4D55-AC48-E92F05734169",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEA0B58-FE79-4A33-B812-51CDE327A235",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172pq_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9439556B-B1CE-4B6E-8DD3-958BA0ABEA43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172pq-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8030D5E-1BF4-485C-AFB7-B8DB48E0B91A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172pq\\/pq-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F6DCCDB-436F-4406-9EC0-AE9A8DC9CF38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172tq_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FB3414-3C5F-4827-B4F2-CF30EC31E0C9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172tq-32t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45B4711C-322E-4B7B-8810-04BA8249B8BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3172tq-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE63209-E1F9-4933-8729-E350ADE42793",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA9CF53-57DB-49EA-9A51-782D1D73D37F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32A532C0-B0E3-484A-B356-88970E7D0248",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3232c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0C6AB3-480D-46F6-BE72-0B0010EC34CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3232c__firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC111A6B-0910-4DC7-8270-A00CE508F1A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3264c-e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9329DC07-0B6F-467C-AAA0-527D97E956B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3264q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C944B9-9492-45AA-9A4E-9CD6C996AF4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3400_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9467B09-285D-453A-808C-0993160F7356",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43913A0E-50D5-47DD-94D8-DD3391633619",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3408-s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC2930-4A1A-4916-912F-953440AA009A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_34180yc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2125C9A-7524-408C-B92E-91162FD4D72F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_34200yc-sm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87F885B6-7049-4152-B74C-6444137B4662",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3432d-s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B24EC0B3-E3FC-4908-AC7E-2E3DE073DC06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3464c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9FFFDC6-BE3D-4E2D-B6F2-FD191DE4F9B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC074154-7F54-4058-8CDD-82E8B148B8C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3500_platform_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "692D752E-7878-483F-B0B5-DB7DCF44D973",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3500_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B72E8456-A9BD-447B-8F33-4BEB052A82D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3524_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "502C8ADB-7EF2-4AC5-ACF0-AEA1ADA7A6BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3524-x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7ED5FBF-F5DF-4788-8683-E328D86E8733",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3524-x\\/xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23AE531C-FA97-4480-A29D-FBDA6C131031",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3524-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "186CB256-39AE-4D5A-B3FB-891A17785176",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3548_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B0DAE9A-F2D3-49C3-8488-A3A03C1CEB57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3548-x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "029F0A5A-43E4-4F3A-98A3-81E924CBE700",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3548-x\\/xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B024FA69-6816-4AE2-B440-00BE32813545",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3548-xl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD53F341-AE7D-4E45-9746-DAC32FE9F570",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70126072-6855-4990-A408-E7A6076EBD33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_36180yc-r_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F849DEA-05C9-4562-AF6D-620AB5808718",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_3636c-r_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36E7A07D-DB48-414B-8615-9A76EB357A99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EC4B11E-2382-49AF-8756-AE8EFAB1FAA1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFC8699E-81C0-4374-B827-71B3916B910D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5548p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3A80F37-C04C-43A5-AC12-E15BAB8545F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5548up_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "725A7AC7-8B75-47BC-8D99-701250E0ABE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5596t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E8B8C6-29B2-402E-A722-1E95C01E14AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5596up_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A39FB96C-94E1-4686-82A7-E0A6D88A5A08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6D031A5-1191-447F-8739-B86C2DA1C0C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "870F4379-68F6-4B34-B99B-107DFE0DBD63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_56128p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E154FCCB-A379-4384-8B72-7D373BFEEFE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5624q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2326C6-C523-4BE2-B577-D64091AB92CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5648q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "060E7CD9-E906-437A-87B6-3AE0551E1DCB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5672up_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFAC471F-41AF-43A7-8661-DFA140DEC066",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5672up-16g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF92DBB-1618-4C8F-8DDE-594A39C007CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_5696q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA530485-D6C8-4D5A-87A2-547DA8E74722",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_6000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "946780A2-0E50-4E39-BCBB-C6D853670244",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A58223F-3B15-420B-A6D4-841451CF0380",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_6001_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E00C558-9656-451C-A179-17B1762666C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_6001p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "471630B8-F703-4D50-9919-310A1CE062A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_6001t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93D57620-24E6-464A-8EFA-1E0758698E9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_6004_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A738F9-41CD-4A6A-8975-4C434FBCF55D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_6004x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "039B626B-5120-4592-84C3-CF094A661635",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6004x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F182AD1-6E51-456A-A8F7-8F3B92DBE4D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD95BE95-244C-4CCE-90B7-5CB44B88D1D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_10-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432F828F-1F41-4C7A-B1B2-ADDCC1F0EE5A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B22B3865-30E9-4B5A-A37D-DC33F1150FFE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_18-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06B2FD68-C1DB-4AC6-B255-417C5D14D18B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "459A7F11-52BF-4AD6-B495-4C4D6C050493",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_4-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "743ECD7B-DE3B-436C-BE6C-D5280719D970",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEACA55F-4335-4478-B608-EB92EE1D6C6D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_9-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBBB6BF-92A3-48CB-A57C-7476C0355175",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_supervisor_1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F20D2F7-19CD-4F7E-ACCA-DB4BBF8A9ED2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_supervisor_2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "438A401D-A22B-45F7-B5A7-696DD40BF1E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7000_supervisor_2e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E1EF3FB-F7C2-46AB-BFA9-B2AD7AF05150",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7004_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "722715EA-FE17-4CDA-9ABB-DD53015E0DCA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36145717-6348-466D-87B4-B1A19F17BA55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7009_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E88279AE-8C3D-47B3-A1CC-4B3265F28997",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7009:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4831C5F4-AF09-4951-B7AC-9DAF1C7045B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25FC52B8-44F8-464B-A502-41242DE8EEC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BBDCF9-562C-44BA-B709-F91346F6F99F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7018_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "378B32F9-974B-40C3-8F89-6FB9DA73D3A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7018:-:*:*:*:*:*:*:*",
"matchCriteriaId": "276BD181-125C-48EC-984C-29BAE20C21F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7700_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2F075D-5073-4C45-B7DE-06D97B6E8C0B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7700_10-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "317A834E-D1A8-47E0-ACEA-FA85984F8753",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ABB175-81BE-4C46-BD2D-70016508BE22",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7700_18-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76CCA110-974F-419A-A716-E90B9DB5375E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71F93299-A715-4E97-87FE-B1E248EA98BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7700_2-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "148FAB7B-164C-458D-B287-61FC73C53D25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7700_6-slot_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7EDE35C-3B05-4359-9336-915567A867EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3AD807-5A0F-4DF5-9A7A-748205F409E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7700_supervisor_2e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2676CBA2-54D6-4939-B9CF-7A7A29436925",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7700_supervisor_3e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89CA3171-77E1-420C-8C03-814600BA41EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7702_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AC66BB4-40F0-4C7E-8147-63AF441023F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596B885-5312-489B-BBDB-A5374E525DE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7706_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60DDBBA7-B278-46DE-B6C3-5E7E3A5517FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42EC10DA-FE01-4BA3-B49F-B164F697D4BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7710_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D45FA0-A8AA-4C50-A215-E65B3DDEDA0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1655CC-9BD5-4BD5-B113-776E4335D556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_7718_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06AF62DC-37B5-49CC-ADAE-4348357BB0D7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA6F9ED-50A1-4D61-BC83-438585646856",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CE431C-3C51-4AC9-8B40-8BF6F2EFBDE2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9000v_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A719D3FD-19A6-4A1C-B915-D5E902176D4E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "290D9158-425B-479D-BAEE-90BCA8100FA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "532CE4B0-A3C9-4613-AAAF-727817D06FB4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_92160yc-x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "839495E7-BE14-420C-87E7-7D76AC5B7E0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9221c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80AEFE5C-3AFF-4D55-B707-27F3EF838D4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB9FDE8-8533-4F65-BF32-4066D042B2F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_92300yc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88AEE992-AB83-45FD-8FD6-F5B54BEA1743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_92304qc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D1DEB33-42FE-496F-9141-D59D3EDE34C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_92348gc-x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB3CCD1-EA00-490C-A530-D9E006CF432C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9236c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "782B50FA-AA05-46B6-8D53-7FDCD155A6C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9272q_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "232AF611-9C43-471D-AF20-29D7CAC58B45",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B963958-6529-439A-9E2C-85E48D7134C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93108tc-ex_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A72454E-9962-46B1-A627-768D286E5E02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93108tc-ex-24_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26634D87-906D-46B7-B0C3-F022BE9391E1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93108tc-fx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14A54BF7-F77C-48A9-B1E8-8DA907A6A414",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93108tc-fx-24_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19C35D2A-5F7F-463E-84EB-337BCD0BC0C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93108tc-fx3p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "790F2D92-3BA4-48AB-B36C-90D2759926E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93120tx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0F72D8-7DC7-4D67-A67D-E25F5ADFC619",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93128_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A66237F-B283-4E87-86D2-23B100601954",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93128tx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D895676C-9DF9-4583-8292-A9531FBB5FC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9316d-gx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD00C69-57B1-4A28-B956-2088904A2403",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180lc-ex_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F838539C-292F-4906-9965-4B1ED3B40B91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180tc-ex_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A820E7C-7562-4046-8FDE-42678A00C1A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DB6FC5-762A-4F16-AE8C-69330EFCF640",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180yc-ex_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDCD23BF-8FF6-4CE7-AC49-2349DFF6E7F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180yc-ex-24_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22E83C34-42D1-49E6-9792-4D7E97417CCA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180yc-fx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00D49D49-653A-418D-9D9D-F264F10BDC36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180yc-fx-24_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4CEB67A-684A-4E38-9101-3BEA6249FFED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180yc-fx3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAAD9E8-EC29-47F8-AE0C-86F701BFF64D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93180yc-fx3s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F379A314-72EB-462A-BEBF-57DC6689A558",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93216tc-fx2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "216DA114-11E1-46C7-9211-2E171B979804",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93240yc-fx2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6DA1CE4-69EA-4B8E-A386-C668D485B65F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9332c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "002E1E29-AB68-4E5E-ACD5-B78D7D0A00D7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9332pq_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CB453B-FDC3-4342-ABEF-9D6A61E531AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93360yc-fx2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21499B21-5A9B-4B78-9514-27E875762DBB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9336c-fx2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B701355-8844-4E94-B03E-1C6E66907335",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9336c-fx2-e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA33865-A0F7-4D41-B5B4-3F763B64D424",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9336pq_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B387062F-0985-4AB8-A878-D9C84EAB7C3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9348gc-fxp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5486749C-C909-4262-A571-C012C3162BB8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_93600cd-gx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3B3728-6163-4BCE-AAF8-A748ABA21BB3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9364c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4B08F5-0936-4971-9F63-AC2C34865EBC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9364c-gx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D871E7B4-01EC-404A-B288-2D1A76D87AAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9372px_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8202EFA2-A476-4D52-8380-7EB198765B61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9372px-e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "848ADE0D-EECA-4D66-86C6-62CB6C04777C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9372tx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45BE3F53-E4CA-44E4-88CD-B85A4D382A24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9372tx-e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0C3F0B-85DB-43B0-9409-167206EA7A34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9396px_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62EA73A0-064D-40E9-AE36-65BBF2F3B04B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9396tx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D005D375-ADC8-43C3-9200-35C1D7E2E508",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "164ECF1A-AA4A-48B8-A07F-0CC886932647",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9500r_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F742F199-6C15-4A92-99F4-BCCABA1992BB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B04484DA-AA59-4833-916E-6A8C96D34F0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9504_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "627C0AB6-BCF4-473B-B373-CD4B52F08CE3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9508_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5986821B-B90F-4F4E-B8A8-51BD789DDF5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nexus_9516_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00A589A2-3162-4938-8BFA-A86463F3E664",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad OSPF versi\u00f3n 3 (OSPFv3) del software Cisco NX-OS podr\u00eda permitir a un atacante remoto no autenticado provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a una comprobaci\u00f3n incompleta de la entrada de paquetes OSPFv3 espec\u00edficos. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un anuncio de estado de enlace (LSA) OSPFv3 malicioso a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante hacer que el proceso OSPFv3 sea bloqueado y reiniciado varias veces, haciendo al dispositivo afectado recargarse y resultando en una condici\u00f3n de DoS. Nota: La funci\u00f3n OSPFv3 est\u00e1 deshabilitada por defecto. Para explotar esta vulnerabilidad, un atacante debe ser capaz de establecer un estado de vecino OSPFv3 completo con un dispositivo afectado. Para obtener m\u00e1s informaci\u00f3n sobre las condiciones de explotaci\u00f3n, consulte la secci\u00f3n Detalles de este aviso."
}
],
"id": "CVE-2022-20823",
"lastModified": "2024-11-21T06:43:37.493",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T19:15:08.147",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-126"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108362 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1778 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108362 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1778 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF06D835-FBE6-4866-B410-C2F66AEF68CD",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24CA1A59-2681-4507-AC74-53BD481099B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAD21E-59EE-4CCE-8F1E-621D2EA50905",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6EB963-E0F2-4A02-8765-AB2064BE19E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE867E4-9EE8-4A06-A51B-627C228EF0A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1734D373-CA79-447E-96A7-EDA4D3F9C924",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2163BE9A-89E8-4585-9AD5-A1C764533F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "569B5384-B93C-4FEF-88E7-3155ACE94F4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E7646FC-74C9-4188-9FDB-2C91D8D559D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del programa Cisco NX-OS podr\u00eda permitir a un atacante local autentificado ejecutar comandos arbitrarios en el sistema operativo Linux subyacente con el nivel de privilegio de la ra\u00edz. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos pasados ??a un comando CLI espec\u00edfico en el dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Una aprovechamiento exitoso podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo Linux subyacente con privilegios elevados. Un atacante necesitar\u00eda credenciales de administrador v\u00e1lidas para aprovechar esta vulnerabilidad."
}
],
"id": "CVE-2019-1778",
"lastModified": "2024-11-21T04:37:21.427",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T20:29:01.243",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108362"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108362"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1778"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-06 10:59
Modified
2024-11-21 02:23
Severity ?
Summary
Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 4.1.\(2\) | |
| cisco | nx-os | 4.1.\(3\) | |
| cisco | nx-os | 4.1.\(4\) | |
| cisco | nx-os | 4.1.\(5\) | |
| cisco | nx-os | 4.2\(3\) | |
| cisco | nx-os | 4.2\(4\) | |
| cisco | nx-os | 4.2\(6\) | |
| cisco | nx-os | 4.2\(8\) | |
| cisco | nx-os | 4.2.\(2a\) | |
| cisco | nx-os | 5.0\(2a\) | |
| cisco | nx-os | 5.0\(3\) | |
| cisco | nx-os | 5.0\(5\) | |
| cisco | nx-os | 5.1\(1\) | |
| cisco | nx-os | 5.1\(1a\) | |
| cisco | nx-os | 5.1\(3\) | |
| cisco | nx-os | 5.1\(4\) | |
| cisco | nx-os | 5.1\(5\) | |
| cisco | nx-os | 5.1\(6\) | |
| cisco | nx-os | 5.2\(1\) | |
| cisco | nx-os | 5.2\(3a\) | |
| cisco | nx-os | 5.2\(4\) | |
| cisco | nx-os | 5.2\(5\) | |
| cisco | nx-os | 5.2\(7\) | |
| cisco | nx-os | 5.2\(9\) | |
| cisco | nx-os | 6.0\(1\) | |
| cisco | nx-os | 6.0\(2\) | |
| cisco | nx-os | 6.0\(3\) | |
| cisco | nx-os | 6.0\(4\) | |
| cisco | nx-os | 6.1\(1\) | |
| cisco | nx-os | 6.1\(2\) | |
| cisco | nx-os | 6.1\(3\) | |
| cisco | nx-os | 6.1\(4\) | |
| cisco | nx-os | 6.1\(4a\) | |
| cisco | nx-os | 6.2\(2\) | |
| cisco | nx-os | 6.2\(2a\) | |
| cisco | nx-os | 6.2\(6\) | |
| cisco | nx-os | 6.2\(6b\) | |
| cisco | nx-os | 6.2\(8\) | |
| cisco | nx-os | 6.2\(8a\) | |
| cisco | nx-os | 6.2\(8b\) | |
| cisco | nx-os | 6.2\(10\) | |
| cisco | nx-os | base | |
| cisco | nexus_7000_10-slot | - | |
| cisco | nexus_7000_18-slot | - | |
| cisco | nexus_7000_4-slot | - | |
| cisco | nexus_7000_9-slot | - | |
| cisco | nexus_7700_10-slot | - | |
| cisco | nexus_7700_18-slot | - | |
| cisco | nexus_7700_2-slot | - | |
| cisco | nexus_7700_6-slot | - | |
| cisco | nx-os | 4.1\(2\)e1\(1\) | |
| cisco | nx-os | 4.1\(2\)e1\(1b\) | |
| cisco | nx-os | 4.1\(2\)e1\(1d\) | |
| cisco | nx-os | 4.1\(2\)e1\(1e\) | |
| cisco | nx-os | 4.1\(2\)e1\(1f\) | |
| cisco | nx-os | 4.1\(2\)e1\(1g\) | |
| cisco | nx-os | 4.1\(2\)e1\(1h\) | |
| cisco | nx-os | 4.1\(2\)e1\(1i\) | |
| cisco | nx-os | 4.1\(2\)e1\(1j\) | |
| cisco | nx-os | base | |
| cisco | nexus_4001i | - | |
| cisco | nx-os | 4.0\(0\)n1\(1a\) | |
| cisco | nx-os | 4.0\(0\)n1\(2\) | |
| cisco | nx-os | 4.0\(0\)n1\(2a\) | |
| cisco | nx-os | 4.0\(1a\)n1\(1\) | |
| cisco | nx-os | 4.0\(1a\)n1\(1a\) | |
| cisco | nx-os | 4.0\(1a\)n2\(1\) | |
| cisco | nx-os | 4.0\(1a\)n2\(1a\) | |
| cisco | nx-os | 4.1\(3\)n1\(1\) | |
| cisco | nx-os | 4.1\(3\)n1\(1a\) | |
| cisco | nx-os | 4.1\(3\)n2\(1\) | |
| cisco | nx-os | 4.1\(3\)n2\(1a\) | |
| cisco | nx-os | 4.2\(1\)n1\(1\) | |
| cisco | nx-os | 4.2\(1\)n2\(1\) | |
| cisco | nx-os | 4.2\(1\)n2\(1a\) | |
| cisco | nx-os | 5.0\(2\)n1\(1\) | |
| cisco | nx-os | 5.0\(2\)n2\(1\) | |
| cisco | nx-os | 5.0\(2\)n2\(1a\) | |
| cisco | nx-os | 5.0\(3\)n1\(1c\) | |
| cisco | nx-os | 5.0\(3\)n2\(1\) | |
| cisco | nx-os | 5.0\(3\)n2\(2\) | |
| cisco | nx-os | 5.0\(3\)n2\(2a\) | |
| cisco | nx-os | 5.0\(3\)n2\(2b\) | |
| cisco | nx-os | 5.1\(3\)n1\(1\) | |
| cisco | nx-os | 5.1\(3\)n1\(1a\) | |
| cisco | nx-os | 5.1\(3\)n2\(1\) | |
| cisco | nx-os | 5.1\(3\)n2\(1a\) | |
| cisco | nx-os | 5.1\(3\)n2\(1b\) | |
| cisco | nx-os | 5.1\(3\)n2\(1c\) | |
| cisco | nx-os | 5.2\(1\)n1\(1\) | |
| cisco | nx-os | 5.2\(1\)n1\(1a\) | |
| cisco | nx-os | 5.2\(1\)n1\(1b\) | |
| cisco | nx-os | 5.2\(1\)n1\(2\) | |
| cisco | nx-os | 5.2\(1\)n1\(2a\) | |
| cisco | nx-os | 5.2\(1\)n1\(3\) | |
| cisco | nx-os | 5.2\(1\)n1\(4\) | |
| cisco | nx-os | 5.2\(1\)n1\(5\) | |
| cisco | nx-os | 5.2\(1\)n1\(6\) | |
| cisco | nx-os | 5.2\(1\)n1\(7\) | |
| cisco | nx-os | 5.2\(1\)n1\(8\) | |
| cisco | nx-os | 5.2\(1\)n1\(8a\) | |
| cisco | nx-os | 6.0\(2\)n1\(1\) | |
| cisco | nx-os | 6.0\(2\)n1\(2\) | |
| cisco | nx-os | 6.0\(2\)n1\(2a\) | |
| cisco | nx-os | 6.0\(2\)n2\(1\) | |
| cisco | nx-os | 6.0\(2\)n2\(1b\) | |
| cisco | nx-os | 6.0\(2\)n2\(2\) | |
| cisco | nx-os | 6.0\(2\)n2\(4\) | |
| cisco | nx-os | 6.0\(2\)n2\(5\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nx-os | base | |
| cisco | nexus_5010 | - | |
| cisco | nexus_5020 | - | |
| cisco | nexus_5548p | - | |
| cisco | nexus_5548up | - | |
| cisco | nexus_5596t | - | |
| cisco | nexus_5596up | - | |
| cisco | nexus_56128p | - | |
| cisco | nexus_5624q | - | |
| cisco | nexus_5648q | - | |
| cisco | nexus_5672up | - | |
| cisco | nexus_5672up-16g | - | |
| cisco | nexus_5696q | - | |
| cisco | nx-os | 6.0\(2\)n1\(2\) | |
| cisco | nx-os | 6.0\(2\)n1\(2a\) | |
| cisco | nx-os | 6.0\(2\)n2\(1\) | |
| cisco | nx-os | 6.0\(2\)n2\(1b\) | |
| cisco | nx-os | 6.0\(2\)n2\(2\) | |
| cisco | nx-os | 6.0\(2\)n2\(3\) | |
| cisco | nx-os | 6.0\(2\)n2\(4\) | |
| cisco | nx-os | 6.0\(2\)n2\(5\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nx-os | base | |
| cisco | nexus_6001 | - | |
| cisco | nexus_6004 | - | |
| cisco | nx-os | 4.0\(4\)sv1\(1\) | |
| cisco | nx-os | 4.0\(4\)sv1\(2\) | |
| cisco | nx-os | 4.0\(4\)sv1\(3\) | |
| cisco | nx-os | 4.0\(4\)sv1\(3a\) | |
| cisco | nx-os | 4.0\(4\)sv1\(3b\) | |
| cisco | nx-os | 4.0\(4\)sv1\(3c\) | |
| cisco | nx-os | 4.0\(4\)sv1\(3d\) | |
| cisco | nx-os | 4.2\(1\)sv1\(4\) | |
| cisco | nx-os | 4.2\(1\)sv1\(4a\) | |
| cisco | nx-os | 4.2\(1\)sv1\(4b\) | |
| cisco | nx-os | 4.2\(1\)sv1\(5.1\) | |
| cisco | nx-os | 4.2\(1\)sv1\(5.1a\) | |
| cisco | nx-os | 4.2\(1\)sv1\(5.2\) | |
| cisco | nx-os | 4.2\(1\)sv1\(5.2b\) | |
| cisco | nx-os | 4.2\(1\)sv2\(1.1\) | |
| cisco | nx-os | 4.2\(1\)sv2\(1.1a\) | |
| cisco | nx-os | 4.2\(1\)sv2\(2.1\) | |
| cisco | nx-os | 4.2\(1\)sv2\(2.1a\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.1\) | |
| cisco | nx-os | base | |
| cisco | nexus_1000v_for_microsoft_hyper-v | - | |
| cisco | nexus_1000v_for_vmware_vsphere | - | |
| cisco | nx-os | 5.0\(3\)u1\(1\) | |
| cisco | nx-os | 5.0\(3\)u1\(1a\) | |
| cisco | nx-os | 5.0\(3\)u1\(1b\) | |
| cisco | nx-os | 5.0\(3\)u1\(1d\) | |
| cisco | nx-os | 5.0\(3\)u1\(2\) | |
| cisco | nx-os | 5.0\(3\)u1\(2a\) | |
| cisco | nx-os | 5.0\(3\)u2\(1\) | |
| cisco | nx-os | 5.0\(3\)u2\(2\) | |
| cisco | nx-os | 5.0\(3\)u2\(2a\) | |
| cisco | nx-os | 5.0\(3\)u2\(2b\) | |
| cisco | nx-os | 5.0\(3\)u2\(2c\) | |
| cisco | nx-os | 5.0\(3\)u2\(2d\) | |
| cisco | nx-os | 5.0\(3\)u3\(1\) | |
| cisco | nx-os | 5.0\(3\)u3\(2\) | |
| cisco | nx-os | 5.0\(3\)u3\(2a\) | |
| cisco | nx-os | 5.0\(3\)u3\(2b\) | |
| cisco | nx-os | 5.0\(3\)u4\(1\) | |
| cisco | nx-os | 5.0\(3\)u5\(1\) | |
| cisco | nx-os | 5.0\(3\)u5\(1a\) | |
| cisco | nx-os | 5.0\(3\)u5\(1b\) | |
| cisco | nx-os | 5.0\(3\)u5\(1c\) | |
| cisco | nx-os | 5.0\(3\)u5\(1e\) | |
| cisco | nx-os | 5.0\(3\)u5\(1f\) | |
| cisco | nx-os | 5.0\(3\)u5\(1g\) | |
| cisco | nx-os | 5.0\(3\)u5\(1h\) | |
| cisco | nx-os | 6.0\(2\)u1\(1\) | |
| cisco | nx-os | 6.0\(2\)u1\(1a\) | |
| cisco | nx-os | 6.0\(2\)u1\(2\) | |
| cisco | nx-os | 6.0\(2\)u1\(3\) | |
| cisco | nx-os | 6.0\(2\)u1\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(1\) | |
| cisco | nx-os | 6.0\(2\)u2\(2\) | |
| cisco | nx-os | 6.0\(2\)u2\(3\) | |
| cisco | nx-os | 6.0\(2\)u2\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(5\) | |
| cisco | nx-os | 6.0\(2\)u2\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(1\) | |
| cisco | nx-os | 6.0\(2\)u3\(2\) | |
| cisco | nx-os | 6.0\(2\)u3\(3\) | |
| cisco | nx-os | 6.0\(2\)u3\(4\) | |
| cisco | nx-os | 6.0\(2\)u3\(5\) | |
| cisco | nx-os | 6.0\(2\)u4\(1\) | |
| cisco | nx-os | 6.0\(2\)u4\(2\) | |
| cisco | nx-os | 6.0\(2\)u4\(3\) | |
| cisco | nx-os | 6.0\(2\)u5\(1\) | |
| cisco | nx-os | base | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_31108pc-v | - | |
| cisco | nexus_31108tc-v | - | |
| cisco | nexus_31128pq | - | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3132q-v | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3264q | - | |
| cisco | nexus_3524 | - | |
| cisco | nexus_3548 | - | |
| cisco | nx-os | 6.1\(2\)i2\(1\) | |
| cisco | nx-os | 6.1\(2\)i2\(2\) | |
| cisco | nx-os | 6.1\(2\)i2\(2a\) | |
| cisco | nx-os | 6.1\(2\)i2\(2b\) | |
| cisco | nx-os | 6.1\(2\)i2\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(1\) | |
| cisco | nx-os | 6.1\(2\)i3\(2\) | |
| cisco | nx-os | 6.1\(2\)i3\(3\) | |
| cisco | nx-os | 11.0\(1b\) | |
| cisco | nx-os | 11.0\(1c\) | |
| cisco | nx-os | base | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1.\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA1702F4-816E-4045-80B6-2BC71DC344F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1.\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C1AC8BC8-638A-4F73-A64B-B490675AA1A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1.\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F128DC9-C4CA-4547-B6C8-8E83A8C5F6C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1.\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "99FB6C32-CD16-41E9-AB42-A294424266DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7EE1586F-E01C-4C4F-8284-1B1FE5370343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "891D883E-8263-42B2-A978-49F6AEF4CD49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C059CCD-1BE1-4675-8388-0DB219C04E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67829CF9-FDCB-4A17-9241-1B48A38B1A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2.\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C0476865-D306-47B7-A84A-C163A316D9DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C6753978-267E-4398-A1F7-96C37B5C8600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "16131960-37FE-4154-A82C-E3249B066DC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7B3296D4-DA94-4E41-BAAF-CEC0E84BB498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9B582362-FCFB-4D94-9C0E-2B7FD3F5340E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "93FF6E77-B7C2-4CBB-A8FE-1D6218BA330C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5CAF2ADA-2C84-44EB-8893-0AB612AFF68F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B6D70623-8F98-44CA-A589-B93B167F88EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "10AE58DE-C708-4C15-B2C4-2366F4378344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80510B23-1F02-4FE0-BF3D-E2CD2A5D5B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5F179FBC-22BE-4C44-AAE0-866F1D6B1270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C628947-4A0E-4904-A6F7-745C3370A8F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "356B4143-5184-491B-9D10-19D6536366CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C038896F-6DBC-4695-9DBE-A60F6C39AFFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9F2453F2-704F-48F7-8009-991BE0B49251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E00B4AC8-1D27-4394-AF28-10785AEFC073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48926DA6-2020-4D4F-AD12-555163C6C352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "161C5BDB-CD50-40C7-B972-A1B650607338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7A0E6C0C-B88D-4085-AA28-0EA8CD1AB419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A967FB72-BCEB-4A76-A322-DDB0C4094E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C6F882AB-C25D-477F-96BF-7001BB77B955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35E48EE6-C498-4E13-AC5E-28F6B4391725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A3B41075-01D1-4832-A025-07A378F2A5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "858E4134-643C-422C-8441-5372F4BC25D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A12BFDB0-4B90-4EB6-9CBE-A7A33C57EA9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2FDE8EF9-47CF-451D-9570-3D369D74D44F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "55A760CE-5E63-4A6B-8DA3-A473BC3900E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0E738E86-B75F-48BF-9E76-C7DD470F3688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "68C6090F-0B05-46F0-8A67-928FE1C36D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FBD345BD-83EF-4913-A0F3-74E52AD76BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46B2B97B-DDB7-4208-BF1A-D10C8A075A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "317C8BE8-84DA-43D5-AE93-7E7DCDE6883E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED7B1216-4C4F-4A23-9474-23876649ABF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*",
"matchCriteriaId": "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B22B3865-30E9-4B5A-A37D-DC33F1150FFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "459A7F11-52BF-4AD6-B495-4C4D6C050493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEACA55F-4335-4478-B608-EB92EE1D6C6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ABB175-81BE-4C46-BD2D-70016508BE22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71F93299-A715-4E97-87FE-B1E248EA98BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3AD807-5A0F-4DF5-9A7A-748205F409E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7AC41532-1F38-4540-8398-7DD66D92D041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AC852D6C-720F-48AC-BB5B-7E514FD9D2E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "184425F6-8EC5-4774-990F-B4A6A68BCE33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B32719F7-998E-4528-B8D0-1017706E9CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BC749257-E3FB-4831-8B50-CBB82A6AF162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7B9CABF8-D500-4E65-947F-7ADE71668179",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9D8CF243-5C98-4D2D-96F5-B4FB208D42EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5D8718EE-84AC-4CAC-98B1-AD3783535A1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BAF2F24A-9F1B-4ADA-955E-6BC80283B9C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*",
"matchCriteriaId": "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_4001i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB68FC53-5CD6-445F-9BB5-1F3724D92A4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.0\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "234FD6A8-24D0-4F54-8E41-70E9575DCC77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.0\\(0\\)n1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A69202E-9600-4949-98F1-3037C8036B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.0\\(0\\)n1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "877676F4-566D-4C5A-946F-E22BA70865BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.0\\(1a\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD10C022-06D6-4821-8BB1-928A04E705C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.0\\(1a\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3230A799-F129-4ABE-8DA1-83595015FCE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.0\\(1a\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F4CB0C21-D8E6-4CBB-8F6F-33B02B5BB57C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.0\\(1a\\)n2\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2E8C04C7-8314-4A7F-B7C0-7B17A4204419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "91272DF0-CD4C-4ECD-92C4-357CB881B9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(3\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AFC4AE3C-FEBA-4EC3-AF7C-EE21400E26A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(3\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B2A8C85D-ECAA-44E0-BE94-247EDB780895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(3\\)n2\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "487AD645-B95D-44C8-9B27-9651108F10A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3D9E0C2E-E44E-4B2D-B7EA-CFEA7BE092A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D4A05AE9-050B-4B22-B668-B5250C853DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)n2\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9B8D6E3E-CE8F-4017-B0EE-DED343049A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F69DC16-8793-4A50-B901-2BDBE007405E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "392B8209-689D-4EFB-8B8E-04910EEB38AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(2\\)n2\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2D8595D2-710F-4C09-BEA4-A3D81C2269A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B4B91092-DE54-4591-9C0F-A22A04AB71E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5FE1F177-8952-4ECE-9E7D-5DB17895148A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D95D0F4E-944D-4AB8-B316-7842CB1F9C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7856BA8B-4959-4FC2-AF4F-747FCFCC8EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3A402251-E36D-4DD1-8DE9-6DA025CBECEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "99F6A4FB-A7C4-48C8-AEE4-584DE5A7D57C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C3BE66A-77B5-4808-BFFC-26B6A77F048F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "460A7B6A-C923-4D1A-89D4-3F46FE94D003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74CE3C35-D73A-4FB9-B061-B8A65F84F927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3E0B7CF-91B6-4E49-A763-65A2EEED5C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "30AA1C60-38DC-44E2-A4D8-0F290DA8D83C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "757A0C8E-4817-41DD-A609-2B61C36DBBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3AECFED5-8D06-4396-BDD2-AAA0F5241839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "772A297E-E323-4D2D-9129-6C4FC63643DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "149ABB41-A8FF-4A8F-888E-F27BDAAE9C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6918EB91-679A-4F47-BB9E-3A22287F14FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A0464AAE-73CF-4B24-A5CE-5C1131909CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "68376361-C835-4552-8490-553C9A082615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "270620E3-92B7-4914-88C7-9D955B2B856E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A8E48600-FD20-4743-A3E8-AD5297164551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A10C1B6-616E-4F94-8889-9C99906326D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "01A091A5-2848-4901-B193-1EC9DD8A52E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "380FEA27-D68C-48DA-B2B9-4A3B3A71B059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C871A419-B769-46B2-956E-467BBE94F290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7EACF481-3E4B-4580-8AE7-3D49790E0715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "698ABD3F-C9DE-4376-B57A-D05AEDCD9A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5010EDAE-67BB-4E23-B0F5-10096A7DAB54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "84CF5114-731F-4BF4-83E0-9B095C34541C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4750621F-E7C5-4E6A-BC5F-232E75A454E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CADBDD1D-DA17-40EE-8B23-81E9991387DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A623F8E1-B97B-41DD-947F-7E1B65DD6902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD613D8F-099C-43A1-BD29-A98250E1334A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "576B74DF-9527-4931-B1A3-8FEE1DB1AD99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63949081-E2F3-4EB4-BABC-270AAB19EE78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*",
"matchCriteriaId": "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7EACF481-3E4B-4580-8AE7-3D49790E0715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "698ABD3F-C9DE-4376-B57A-D05AEDCD9A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5010EDAE-67BB-4E23-B0F5-10096A7DAB54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "84CF5114-731F-4BF4-83E0-9B095C34541C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4750621F-E7C5-4E6A-BC5F-232E75A454E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "08F35A63-9343-47D6-AB91-37AB148137E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CADBDD1D-DA17-40EE-8B23-81E9991387DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A623F8E1-B97B-41DD-947F-7E1B65DD6902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD613D8F-099C-43A1-BD29-A98250E1334A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "576B74DF-9527-4931-B1A3-8FEE1DB1AD99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63949081-E2F3-4EB4-BABC-270AAB19EE78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*",
"matchCriteriaId": "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.0\\(4\\)sv1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D2BC263A-21FC-422C-A7E4-D1095263C4F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.0\\(4\\)sv1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2CD13D1F-E83E-4D12-86BF-0260922BF4B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.0\\(4\\)sv1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F7FB359F-8290-475A-B58F-AD9CD96D77E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.0\\(4\\)sv1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09753461-A8FA-4C38-9402-FDEBC3978506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.0\\(4\\)sv1\\(3b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "66429608-00EF-49A9-9621-FC801542F79D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.0\\(4\\)sv1\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "15EB553C-07E2-40C5-A741-788042174763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.0\\(4\\)sv1\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0959FD0A-24A2-48FB-A96D-C04FA0DF4992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A3C6D7B8-AD24-49FF-8CE2-CDE2EE43EDD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv1\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1310C94C-3777-46E7-86AA-EA6A3AEE1EDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv1\\(4b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2E595AFD-D9C5-4DDA-A56F-127D7AE513FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv1\\(5.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "103597B4-C155-4809-BC90-DE52DA0A51D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv1\\(5.1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6C9FB95F-8F32-40FF-B40F-FDB375ADD946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv1\\(5.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "15BAAE40-EBEF-4FC3-B1D0-96EF814F0C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv1\\(5.2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9F686E9-C88F-4CF1-8C90-1AF6D80EBAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv2\\(1.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DFC33DBB-D098-408C-BCEA-7068D23AF51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv2\\(1.1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E81ABF34-25C9-4168-B9DA-AABB870DD476",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv2\\(2.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5FC2ED25-A2B7-4273-93EB-7DEE6D345AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv2\\(2.1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "837EBA81-8511-4189-8F68-AD1516E8D7DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B3917B37-BA20-4B07-B003-B7E5F99C4A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*",
"matchCriteriaId": "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v_for_microsoft_hyper-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBD6FAD2-D4FA-422C-812D-1D17623CE33E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v_for_vmware_vsphere:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFEFE545-DDDC-491C-8F47-DEC79C735873",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "92BDA5ED-E9AF-4D9C-9D13-BADFC515670C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F8C124BA-D5FC-422A-B3F4-AC1A41B7EEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F358E8D0-624B-412A-8726-B8AF96156317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "17A4CE07-64FF-4C5C-81FF-A2388818CF7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AFDC9595-39D4-4BF8-AF18-D27A500C9007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7241BFDB-6386-4CBE-ACFB-4599EDE9CB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AF7CE90-9433-4E1D-A2AD-0B8854521CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "171160E9-F6B8-4C8A-B086-431E3E2A27BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9CAFAE6E-8B64-4A1F-A7E4-2D4BDFB7D5B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "91C35886-CB9B-4477-9AB3-9F1C9E45E757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F393BE8-8CC4-4302-829F-2C4F97BAC14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CE855B3E-B2B8-4EBA-8303-55F6A5A77E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "641D651A-B85B-4E9E-BE92-35AFAE8A63A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7810F6FD-F58F-4121-9D30-8C5E3E163EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09C38DCD-2A5F-4095-ABA4-02E95D93C358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "103A4C19-0E91-45FC-9AA2-F40215FCF63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F61C03B-D7AB-468A-B092-158730FB3E0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F883AA8-CC44-4440-AB30-D7AC29C242F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7390B4D2-2121-4311-A798-337E8B777A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "924C6663-9EA0-4124-ACC6-0AFC649AEA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3C559C83-FB34-4B1A-A6B3-1834D6CD022C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7CFFFE88-17EA-4515-BF71-C0AB82957B21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6EF14E5C-B776-4A04-A5CC-853CFF2816B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF7E681A-F354-4093-84A9-5A357EAB1559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B627C66-CFE1-40B9-8264-392BB091EA52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5BFA21F2-E2B2-49B6-9956-D6219D499F7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52899164-992D-4736-B460-FDFB825DB7A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8766DA4C-A25C-48D4-A6FC-2357200A9215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B6C48105-F73E-40C9-8CD9-B46C5319FB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94F5B47A-023B-4415-8DB9-6829C5E72901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "618861BD-8FEE-4EF8-BFFB-A5BCBA8EA3EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6459DD6B-6DC1-4C14-A8E7-4503ED5F69BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA600413-FC70-4776-99DF-180C96D4FD24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ECC9066F-3082-48A0-BA52-9ED9420EA47A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "78611E25-E33E-4C88-A681-97B5A2A01B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "780B04ED-412E-441F-8717-D8F9257F5699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FC6A3647-2AF0-4D45-BCC9-24618B43ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AD2AABBD-8680-4615-A4E2-B607CB1B0979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "693F444B-FA34-489C-BB45-E9185DE47816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "13669043-3F12-4439-812F-6DE35F70B159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58A8BDE0-2F73-4E0C-B73A-918DB3352067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "10BFAE68-01C5-4EF8-8B86-F470092E9034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6D02FC11-EB21-45CD-A070-89C4862240BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8C67AE59-380A-402B-9B2A-F595E001637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C71ED401-6786-4AAE-A98F-BE4732256A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*",
"matchCriteriaId": "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1BB0F49B-85C0-4C52-82E0-C2683D43B553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9ABB647D-B91E-4C2F-9FBE-1C9AAB27E2D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "384B7337-1C2F-479E-BB2B-F31320D82EE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9ED50316-7044-4757-9C51-5543BA5693A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1CB11917-C606-4025-A91A-596F7D47A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69B757AE-83C8-4194-9BAE-DBECA2021597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB1A44C9-147B-4D1F-AB98-EB4F9F8C1C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "702EF8D5-1F3F-45EF-AC8D-BD5A9E46A78E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C64CC640-B37D-4064-8946-B8CCCDE1A6EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.0\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E8983275-20C6-487E-A265-3836F06AB226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*",
"matchCriteriaId": "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492."
},
{
"lang": "es",
"value": "Cisco NX-OS 4.0 hasta la versi\u00f3n 7.3 en Multilayer Director y dispositivos Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700 y 9000 permite a usuarios remotos autenticados eludir restricciones AAA destinadas y obtener un acceso CLI privilegiado a trav\u00e9s de par\u00e1metros manipulados en una negociaci\u00f3n de conexi\u00f3n SSH, vulnerabilidad tambi\u00e9n conocida como Bug IDs CSCum35502, CSCuw78669, CSCuw79754 y CSCux88492."
}
],
"id": "CVE-2015-0721",
"lastModified": "2024-11-21T02:23:35.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-06T10:59:00.210",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/93410"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1036947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93410"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036947"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-03 15:29
Modified
2024-11-21 04:36
Severity ?
Summary
A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. The vulnerability is due to insufficient validation of user-supplied files on an affected device. An attacker could exploit this vulnerability by logging in to the CLI of the affected device and creating a crafted file in a specific directory on the filesystem. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 14.1\(0.90\) | |
| cisco | nexus_9000 | - | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92300yc | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93108tc-fx | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180lc-ex | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93180yc-fx | - | |
| cisco | nexus_93240yc-fx2 | - | |
| cisco | nexus_9332c | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336c-fx2 | - | |
| cisco | nexus_9336pq | - | |
| cisco | nexus_9348gc-fxp | - | |
| cisco | nexus_9364c | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9508 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.1\\(0.90\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3CCA9D39-6270-4EEC-B3C0-D33877C503A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. The vulnerability is due to insufficient validation of user-supplied files on an affected device. An attacker could exploit this vulnerability by logging in to the CLI of the affected device and creating a crafted file in a specific directory on the filesystem. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad background operations de Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) podr\u00eda permitir a un atacante local identificado conseguir privilegios elevados tipo root en un dispositivo afectado. La vulnerabilidad se debe a una comprobaci\u00f3n insuficiente de los archivos provistos por el usuario en un dispositivo afectado. Un atacante podr\u00eda operar esta vulnerabilidad si inicia sesi\u00f3n en la CLI del dispositivo afectado y crea un archivo dise\u00f1ado en un directorio espec\u00edfico del sistema de archivos. Una funci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos de sistema operativo arbitrarios como tipo root en un dispositivo afectado."
}
],
"id": "CVE-2019-1592",
"lastModified": "2024-11-21T04:36:52.580",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-03T15:29:00.650",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-hw-clock-util"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-hw-clock-util"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-06 01:59
Modified
2024-11-21 02:34
Severity ?
Summary
Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) smart relay agent, aka Bug IDs CSCuq24603, CSCur93159, CSCus21693, and CSCut76171.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 4.1.\(2\) | |
| cisco | nx-os | 4.1.\(3\) | |
| cisco | nx-os | 4.1.\(4\) | |
| cisco | nx-os | 4.1.\(5\) | |
| cisco | nx-os | 4.2\(3\) | |
| cisco | nx-os | 4.2\(4\) | |
| cisco | nx-os | 4.2\(6\) | |
| cisco | nx-os | 4.2\(8\) | |
| cisco | nx-os | 4.2.\(2a\) | |
| cisco | nx-os | 5.0\(2a\) | |
| cisco | nx-os | 5.0\(3\) | |
| cisco | nx-os | 5.0\(5\) | |
| cisco | nx-os | 5.1\(1\) | |
| cisco | nx-os | 5.1\(1a\) | |
| cisco | nx-os | 5.1\(3\) | |
| cisco | nx-os | 5.1\(4\) | |
| cisco | nx-os | 5.1\(5\) | |
| cisco | nx-os | 5.1\(6\) | |
| cisco | nx-os | 5.2\(1\) | |
| cisco | nx-os | 5.2\(3a\) | |
| cisco | nx-os | 5.2\(4\) | |
| cisco | nx-os | 5.2\(5\) | |
| cisco | nx-os | 5.2\(7\) | |
| cisco | nx-os | 5.2\(9\) | |
| cisco | nx-os | 6.0\(1\) | |
| cisco | nx-os | 6.0\(2\) | |
| cisco | nx-os | 6.0\(3\) | |
| cisco | nx-os | 6.0\(4\) | |
| cisco | nx-os | 6.1\(1\) | |
| cisco | nx-os | 6.1\(2\) | |
| cisco | nx-os | 6.1\(3\) | |
| cisco | nx-os | 6.1\(4\) | |
| cisco | nx-os | 6.1\(4a\) | |
| cisco | nx-os | 6.1\(5\) | |
| cisco | nx-os | 6.2\(2\) | |
| cisco | nx-os | 6.2\(2a\) | |
| cisco | nx-os | 6.2\(6\) | |
| cisco | nx-os | 6.2\(6b\) | |
| cisco | nx-os | 6.2\(8\) | |
| cisco | nx-os | 6.2\(8a\) | |
| cisco | nx-os | 6.2\(8b\) | |
| cisco | nx-os | 6.2\(10\) | |
| cisco | nx-os | 6.2\(12\) | |
| cisco | nx-os | 6.2\(14\)s1 | |
| cisco | nx-os | 7.2\(0\)n1\(0.1\) | |
| cisco | nx-os | base | |
| cisco | nexus_7000_10-slot | - | |
| cisco | nexus_7000_18-slot | - | |
| cisco | nexus_7000_4-slot | - | |
| cisco | nexus_7000_9-slot | - | |
| cisco | nexus_7700_10-slot | - | |
| cisco | nexus_7700_18-slot | - | |
| cisco | nexus_7700_2-slot | - | |
| cisco | nexus_7700_6-slot | - | |
| cisco | nx-os | 4.2\(1\)n1\(1\) | |
| cisco | nx-os | 4.2\(1\)n2\(1\) | |
| cisco | nx-os | 4.2\(1\)n2\(1a\) | |
| cisco | nx-os | 5.0\(2\)n1\(1\) | |
| cisco | nx-os | 5.0\(2\)n2\(1\) | |
| cisco | nx-os | 5.0\(2\)n2\(1a\) | |
| cisco | nx-os | 5.0\(3\)n1\(1c\) | |
| cisco | nx-os | 5.0\(3\)n2\(1\) | |
| cisco | nx-os | 5.0\(3\)n2\(2\) | |
| cisco | nx-os | 5.0\(3\)n2\(2a\) | |
| cisco | nx-os | 5.0\(3\)n2\(2b\) | |
| cisco | nx-os | 5.1\(3\)n1\(1\) | |
| cisco | nx-os | 5.1\(3\)n1\(1a\) | |
| cisco | nx-os | 5.1\(3\)n2\(1\) | |
| cisco | nx-os | 5.1\(3\)n2\(1a\) | |
| cisco | nx-os | 5.1\(3\)n2\(1b\) | |
| cisco | nx-os | 5.1\(3\)n2\(1c\) | |
| cisco | nx-os | 5.2\(1\)n1\(1\) | |
| cisco | nx-os | 5.2\(1\)n1\(1a\) | |
| cisco | nx-os | 5.2\(1\)n1\(1b\) | |
| cisco | nx-os | 5.2\(1\)n1\(2\) | |
| cisco | nx-os | 5.2\(1\)n1\(2a\) | |
| cisco | nx-os | 5.2\(1\)n1\(3\) | |
| cisco | nx-os | 5.2\(1\)n1\(4\) | |
| cisco | nx-os | 5.2\(1\)n1\(5\) | |
| cisco | nx-os | 5.2\(1\)n1\(6\) | |
| cisco | nx-os | 5.2\(1\)n1\(7\) | |
| cisco | nx-os | 5.2\(1\)n1\(8\) | |
| cisco | nx-os | 5.2\(1\)n1\(8a\) | |
| cisco | nexus_5010 | - | |
| cisco | nexus_5020 | - | |
| cisco | nexus_5548p | - | |
| cisco | nexus_5548up | - | |
| cisco | nexus_5596t | - | |
| cisco | nexus_5596up | - | |
| cisco | nexus_56128p | - | |
| cisco | nexus_5624q | - | |
| cisco | nexus_5648q | - | |
| cisco | nexus_5672up | - | |
| cisco | nexus_5672up-16g | - | |
| cisco | nexus_5696q | - | |
| cisco | nx-os | 6.1\(2\)i2\(1\) | |
| cisco | nx-os | 6.1\(2\)i2\(2\) | |
| cisco | nx-os | 6.1\(2\)i2\(2a\) | |
| cisco | nx-os | 6.1\(2\)i2\(2b\) | |
| cisco | nx-os | 6.1\(2\)i2\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(1\) | |
| cisco | nx-os | 6.1\(2\)i3\(2\) | |
| cisco | nx-os | 6.1\(2\)i3\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(3.78\) | |
| cisco | nx-os | 6.1\(2\)i3\(4\) | |
| cisco | nx-os | 7.0\(3\) | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nx-os | 6.0\(2\)n1\(2\) | |
| cisco | nx-os | 6.0\(2\)n1\(2a\) | |
| cisco | nx-os | 6.0\(2\)n2\(1\) | |
| cisco | nx-os | 6.0\(2\)n2\(1b\) | |
| cisco | nx-os | 6.0\(2\)n2\(2\) | |
| cisco | nx-os | 6.0\(2\)n2\(3\) | |
| cisco | nx-os | 6.0\(2\)n2\(4\) | |
| cisco | nx-os | 6.0\(2\)n2\(5\) | |
| cisco | nx-os | 6.0\(2\)n2\(5a\) | |
| cisco | nx-os | 6.0\(2\)n2\(6\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1\) | |
| cisco | nx-os | 7.0\(5\)n1\(1\) | |
| cisco | nx-os | 7.0\(5\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1b\) | |
| cisco | nx-os | base | |
| cisco | nexus_6001 | - | |
| cisco | nexus_6004 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1.\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA1702F4-816E-4045-80B6-2BC71DC344F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1.\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C1AC8BC8-638A-4F73-A64B-B490675AA1A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1.\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F128DC9-C4CA-4547-B6C8-8E83A8C5F6C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1.\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "99FB6C32-CD16-41E9-AB42-A294424266DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7EE1586F-E01C-4C4F-8284-1B1FE5370343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "891D883E-8263-42B2-A978-49F6AEF4CD49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C059CCD-1BE1-4675-8388-0DB219C04E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67829CF9-FDCB-4A17-9241-1B48A38B1A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2.\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C0476865-D306-47B7-A84A-C163A316D9DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C6753978-267E-4398-A1F7-96C37B5C8600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "16131960-37FE-4154-A82C-E3249B066DC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7B3296D4-DA94-4E41-BAAF-CEC0E84BB498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9B582362-FCFB-4D94-9C0E-2B7FD3F5340E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "93FF6E77-B7C2-4CBB-A8FE-1D6218BA330C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5CAF2ADA-2C84-44EB-8893-0AB612AFF68F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B6D70623-8F98-44CA-A589-B93B167F88EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "10AE58DE-C708-4C15-B2C4-2366F4378344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80510B23-1F02-4FE0-BF3D-E2CD2A5D5B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5F179FBC-22BE-4C44-AAE0-866F1D6B1270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C628947-4A0E-4904-A6F7-745C3370A8F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "356B4143-5184-491B-9D10-19D6536366CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C038896F-6DBC-4695-9DBE-A60F6C39AFFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9F2453F2-704F-48F7-8009-991BE0B49251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E00B4AC8-1D27-4394-AF28-10785AEFC073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48926DA6-2020-4D4F-AD12-555163C6C352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "161C5BDB-CD50-40C7-B972-A1B650607338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7A0E6C0C-B88D-4085-AA28-0EA8CD1AB419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A967FB72-BCEB-4A76-A322-DDB0C4094E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C6F882AB-C25D-477F-96BF-7001BB77B955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35E48EE6-C498-4E13-AC5E-28F6B4391725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A3B41075-01D1-4832-A025-07A378F2A5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "858E4134-643C-422C-8441-5372F4BC25D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A12BFDB0-4B90-4EB6-9CBE-A7A33C57EA9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3AB9928F-B632-4A06-8065-FFB85998D979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2FDE8EF9-47CF-451D-9570-3D369D74D44F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "55A760CE-5E63-4A6B-8DA3-A473BC3900E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0E738E86-B75F-48BF-9E76-C7DD470F3688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "68C6090F-0B05-46F0-8A67-928FE1C36D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FBD345BD-83EF-4913-A0F3-74E52AD76BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46B2B97B-DDB7-4208-BF1A-D10C8A075A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "317C8BE8-84DA-43D5-AE93-7E7DCDE6883E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED7B1216-4C4F-4A23-9474-23876649ABF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "57892CBB-8C95-4E56-90F8-B77BBBDC03FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(14\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8505B4-61A1-4E98-8E13-9F8BAF825E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)n1\\(0.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "185B1E14-1944-4BD2-AA45-0F5025EDDC84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*",
"matchCriteriaId": "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B22B3865-30E9-4B5A-A37D-DC33F1150FFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "459A7F11-52BF-4AD6-B495-4C4D6C050493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEACA55F-4335-4478-B608-EB92EE1D6C6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ABB175-81BE-4C46-BD2D-70016508BE22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71F93299-A715-4E97-87FE-B1E248EA98BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3AD807-5A0F-4DF5-9A7A-748205F409E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3D9E0C2E-E44E-4B2D-B7EA-CFEA7BE092A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D4A05AE9-050B-4B22-B668-B5250C853DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)n2\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9B8D6E3E-CE8F-4017-B0EE-DED343049A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7F69DC16-8793-4A50-B901-2BDBE007405E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "392B8209-689D-4EFB-8B8E-04910EEB38AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(2\\)n2\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2D8595D2-710F-4C09-BEA4-A3D81C2269A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B4B91092-DE54-4591-9C0F-A22A04AB71E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5FE1F177-8952-4ECE-9E7D-5DB17895148A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D95D0F4E-944D-4AB8-B316-7842CB1F9C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7856BA8B-4959-4FC2-AF4F-747FCFCC8EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3A402251-E36D-4DD1-8DE9-6DA025CBECEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "99F6A4FB-A7C4-48C8-AEE4-584DE5A7D57C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C3BE66A-77B5-4808-BFFC-26B6A77F048F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "460A7B6A-C923-4D1A-89D4-3F46FE94D003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74CE3C35-D73A-4FB9-B061-B8A65F84F927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3E0B7CF-91B6-4E49-A763-65A2EEED5C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "30AA1C60-38DC-44E2-A4D8-0F290DA8D83C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "757A0C8E-4817-41DD-A609-2B61C36DBBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3AECFED5-8D06-4396-BDD2-AAA0F5241839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "772A297E-E323-4D2D-9129-6C4FC63643DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "149ABB41-A8FF-4A8F-888E-F27BDAAE9C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6918EB91-679A-4F47-BB9E-3A22287F14FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A0464AAE-73CF-4B24-A5CE-5C1131909CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "68376361-C835-4552-8490-553C9A082615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "270620E3-92B7-4914-88C7-9D955B2B856E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A8E48600-FD20-4743-A3E8-AD5297164551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A10C1B6-616E-4F94-8889-9C99906326D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "01A091A5-2848-4901-B193-1EC9DD8A52E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "380FEA27-D68C-48DA-B2B9-4A3B3A71B059",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1BB0F49B-85C0-4C52-82E0-C2683D43B553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9ABB647D-B91E-4C2F-9FBE-1C9AAB27E2D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "384B7337-1C2F-479E-BB2B-F31320D82EE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9ED50316-7044-4757-9C51-5543BA5693A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1CB11917-C606-4025-A91A-596F7D47A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69B757AE-83C8-4194-9BAE-DBECA2021597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB1A44C9-147B-4D1F-AB98-EB4F9F8C1C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "702EF8D5-1F3F-45EF-AC8D-BD5A9E46A78E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3.78\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C3B69592-B64F-4D96-A39E-887E2D38B8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0750C504-3D45-4ED7-9A0A-A8EEEEE426ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "108374E9-8814-41C4-9474-6EE3AF24D71F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7EACF481-3E4B-4580-8AE7-3D49790E0715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "698ABD3F-C9DE-4376-B57A-D05AEDCD9A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5010EDAE-67BB-4E23-B0F5-10096A7DAB54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "84CF5114-731F-4BF4-83E0-9B095C34541C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4750621F-E7C5-4E6A-BC5F-232E75A454E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "08F35A63-9343-47D6-AB91-37AB148137E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CADBDD1D-DA17-40EE-8B23-81E9991387DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A623F8E1-B97B-41DD-947F-7E1B65DD6902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4F3D9588-D98A-45FC-8344-58C55F35610E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A190D0A-B758-49BA-9830-9870F699DA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD613D8F-099C-43A1-BD29-A98250E1334A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "576B74DF-9527-4931-B1A3-8FEE1DB1AD99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63949081-E2F3-4EB4-BABC-270AAB19EE78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58292522-F486-410D-AD99-DFD6EC0AA9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BEB59A4B-3FCA-47F9-A4DB-D2B8ABAFB54D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A07ACF87-C694-41DB-B4BD-23CE72E32EED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E3644F66-F964-4D50-A6E0-EE8784490BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "72AD166D-7CBF-4A4D-A376-907DDA1BB504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*",
"matchCriteriaId": "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) smart relay agent, aka Bug IDs CSCuq24603, CSCur93159, CSCus21693, and CSCut76171."
},
{
"lang": "es",
"value": "Cisco NX-OS 4.1 hasta la versi\u00f3n 7.3 y 11.0 hasta la versi\u00f3n 11.2 en dispositivos Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700 y 9000 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de dispositivo) a trav\u00e9s de paquetes DHCP IPv4 manipulados a los agentes de retransmisi\u00f3n (1) DHCPv4 o (2) smart, vulnerabilidad tambi\u00e9n conocida como Bug IDs CSCuq24603, CSCur93159, CSCus21693 y CSCut76171."
}
],
"id": "CVE-2015-6392",
"lastModified": "2024-11-21T02:34:54.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-06T01:59:01.637",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/93406"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1036948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036948"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-05 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6793CE39-88B6-42DF-A586-43BC656F00DD",
"versionEndIncluding": "2.3.1.173",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CD86FB-4B86-470E-A1F8-3F3EBC66F0F3",
"versionEndExcluding": "2.6.1.187",
"versionStartIncluding": "2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A19CF844-DCAA-46DD-95FC-1BC200E7DE91",
"versionEndExcluding": "2.7.1.106",
"versionStartIncluding": "2.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "35E2BDED-6263-4948-89A3-5D867D52BD48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B5C0F4-1BEC-4B54-ABF0-948CFF80E5E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B051AF4-592A-4201-9DD3-8683C1847A00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_540-12z20g-sys-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5494B4B-0BB4-48AE-8B0D-04DE649F9313",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_540-12z20g-sys-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3A0C835-6C98-4AB6-89FF-C27117BB6B12",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_540-24z8q2c-sys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "395F25CD-FDF5-48D7-A048-A6B4F4779EC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_540-28z4c-sys-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E926BBC-F5C5-4D02-8A62-F1A5DE3C54DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_540-28z4c-sys-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB1323A-C472-4EA1-A969-1D1C10AB0CE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_540-acc-sys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "124CE49C-1C2B-40A5-8F59-7A223766E12F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A83F3D33-0674-4F74-AEA9-BC824D8536F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "784A450D-8DCA-43E5-8044-A9F2363FB006",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92E88ED4-C2AF-407C-A395-3D7806D68758",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA11E43-F821-45F6-A2DB-E1EBC8BDE68B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_540x-acc-sys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "871D84C5-71EE-4B82-A48C-A1CC68DA332A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B529456-23DB-4917-A316-4CFC6AEC9964",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
"matchCriteriaId": "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "82AF763B-9299-4EDC-B42D-B83736839CA1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55812D67-23B2-4EE1-8DEF-B1386551D825",
"versionEndExcluding": "6.2\\(29\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2516465F-34B9-4E24-B65B-3952DAEF25FD",
"versionEndExcluding": "8.4\\(1a\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33FD38EF-3B47-4739-BF0B-FC50D8520DBC",
"versionEndExcluding": "5.2\\(1\\)sv5\\(1.3\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "707970E0-8B5F-4C9D-A1C2-6AF4286CFE2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4832A094-92DB-402F-AF05-34B3A7C7CA0E",
"versionEndIncluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:hyper-v:*:*",
"matchCriteriaId": "69E1B4D2-4200-4C05-9E64-57A18823AF38",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE8F16B-D59C-43C7-BECA-3D62B609AB94",
"versionEndExcluding": "5.2\\(1\\)sv3\\(4.1b\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "30E0EDCF-CF41-4DEA-85E6-C39F49B03F31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D562562-099B-47D6-8A27-592960AEDB5C",
"versionEndExcluding": "9.3\\(2\\)",
"versionStartIncluding": "7.0\\(3\\)f2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBBBECB4-431D-42AE-9A15-E1B8C7186EE2",
"versionEndExcluding": "7.0\\(3\\)i7\\(8\\)",
"versionStartIncluding": "7.0\\(3\\)i",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80E4C5F7-050A-40D8-B087-5F7597B97EEA",
"versionEndExcluding": "7.3\\(6\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D74A33-E46C-4A26-AEFF-A9064415F89E",
"versionEndExcluding": "6.2\\(24\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA088812-07C5-47BF-9CB1-66D2E4E6D27C",
"versionEndExcluding": "7.3\\(5\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8934F95-3C91-4499-ACA3-8C22DA785ED5",
"versionEndExcluding": "8.2\\(5\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66360174-9C40-4147-A94C-8007021C55A5",
"versionEndExcluding": "8.4\\(2\\)",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97BA8B03-822E-4544-89A0-23608D635DA7",
"versionEndExcluding": "13.2\\(9b\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A415FC0-EC1A-4172-B88E-5AC3BEE291BE",
"versionEndExcluding": "14.2\\(1j\\)",
"versionStartIncluding": "14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BA5E06-2264-4292-93E5-D32A2D81600E",
"versionEndExcluding": "3.2\\(3m\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C79BC0D-B86C-452B-B6CA-F93E938B707F",
"versionEndExcluding": "4.0\\(4g\\)",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC04D48B-8B2F-45E1-A445-A87E92E790B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de Cisco Discovery Protocol para Cisco FXOS Software, Cisco IOS XR Software y Cisco NX-OS Software, podr\u00eda permitir a un atacante adyacente no autenticado causar una recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a una falta de comprobaci\u00f3n cuando el software afectado procesa los mensajes de Cisco Discovery Protocol. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete malicioso de Cisco Discovery Protocol hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante agotar la memoria del sistema, causando que el dispositivo se recargue. Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe encontrarse en el mismo dominio de difusi\u00f3n que el dispositivo afectado (Capa 2 adyacente)."
}
],
"id": "CVE-2020-3120",
"lastModified": "2024-11-21T05:30:22.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-05T18:15:11.063",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-28 17:15
Modified
2024-10-22 14:37
Severity ?
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.
The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(13\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1C26E0A3-7641-4DDF-9882-F04F297C8D07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8397775-5A75-4710-9044-B56E1CEE20A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE8EFEE8-FC8D-480C-917E-24C3B8D56E29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "876304F4-4CE5-45B8-ADF5-2523319D05BB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9C0219-7EDC-40FD-A66B-24A92993F692",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23DFF0E-725B-4CCB-96A3-378600513CC5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C71319A9-5B95-410A-BDDB-C47639B8E464",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B573EF4-2ABE-4ABE-A8D6-D8E14AD29E73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7482F9FB-CA6A-4CA2-B6FB-FD0DCDF603ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6487A95B-0D04-4ABA-B491-8A935694AFD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "018DEE0B-F3BC-4D3F-B2E4-2FF40203E65F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506B07C-EB3B-4034-A348-1EEAD09CC5E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "122E24C3-1411-46DA-92F1-635BC0784559",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2E84307-41BC-4F85-BC9A-FF02178765F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55A31452-5B60-4273-BA38-8FA684DED953",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3FCA39-927B-4C89-A58B-E6859ED8176A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180yc2-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7543DCD-5ED0-4400-9326-9714AB84E012",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37DA56C5-FDD0-4CC3-9DDF-8F1BBE94B003",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7B464B3-DE25-4980-ABC3-10D7C79C12E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "365A5FB4-3DCE-48D7-8917-636E94389576",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9332d-gx2b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50FE8720-EA9D-47CF-9CDB-CC09FBDD008C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90DB9E2B-74F6-4C62-AEE1-3FF109A963EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "961B0A51-15B4-45FF-BEAE-05667D76F418",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A29C323C-6731-4CDA-B364-C1C8B8E60510",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9348d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D100815-C171-46F4-B675-64E20D8C4FD0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "214472EB-424C-48B7-8EF3-7B679A5042BF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D5229B-AFB2-4B28-95BB-563DBC346982",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D32D88D4-EABA-4A3A-B300-374AA89525E3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD002B70-A630-4A5D-B63C-356AC7B8280C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9364d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F0AC2DC-234F-48BA-BCC8-DE82C293C273",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "462BC5C0-61C9-4CC6-AF3F-7A366C98F2DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67F94470-7815-4ADD-9FF9-BD74BA46454F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09F0CD1D-A71B-413B-9150-E462CA206BAC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2788A2-79DC-4A28-BD88-52EC86697C99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5747442-90B1-4932-8189-A70B39E45843",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA21C9E7-30B9-4FC7-8031-2C27CE9C1AB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EED2E16-D0D7-4B53-A05F-595E120B1C25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E78D1F67-9BD7-467A-9D7A-37F54B3B51BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2A181E6-0EE6-40F2-B04A-2C12DF67D278",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-sc-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "159A9622-2240-46E6-BD4B-62D652422758",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-sup-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EA01EFB-8458-42B9-81C9-35E1E02FF42F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-sup-a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "360B9A25-5272-487A-AF1A-CE2FDFD6F23C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-sup-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3291743D-1F0C-4A66-99F9-946196F5CB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-sup-b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADE8708-95D4-4D30-85ED-BE870410F3B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9400-16w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21686E9C-D51F-4016-BFF5-F076144C7CE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9400-22l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2BBE1C-4820-4A68-83F4-734E0DA4738B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9400-8d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28CC31E4-5C1B-4FD1-9F86-670BAEA47774",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE867E4-9EE8-4A06-A51B-627C228EF0A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1734D373-CA79-447E-96A7-EDA4D3F9C924",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97284yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F7DE85-9CD5-4A3D-859A-4B3479DACBF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3000_series:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0742F63F-1945-47AA-943C-14959B23C21C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F4E8EE4-031D-47D3-A12E-EE5F792172EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D14D4B4E-120E-4607-A4F1-447C7BF3052E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15702ACB-29F3-412D-8805-E107E0729E35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B34855-D8D2-4114-80D2-A4D159C62458",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32A532C0-B0E3-484A-B356-88970E7D0248",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C84D24C-2256-42AF-898A-221EBE9FE1E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43913A0E-50D5-47DD-94D8-DD3391633619",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3500_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B72E8456-A9BD-447B-8F33-4BEB052A82D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_aci_mode:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57BC5903-1316-4FFF-BE52-2F6D63549590",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_standalone:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4755F890-634B-4B25-AF08-C34F13429FA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA62800-F5DC-48DA-8C81-D684EA8EBB9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "532CE4B0-A3C9-4613-AAAF-727817D06FB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24CA1A59-2681-4507-AC74-53BD481099B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB9FDE8-8533-4F65-BF32-4066D042B2F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA5389A-8AD1-476E-983A-54DF573C30F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B1A8F1-45B1-4E64-A254-7191FA93CB6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2FFD26-8255-4351-8594-29D2AEFC06EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61E10975-B47E-4F4D-8096-AEC7B7733612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C70911ED-371A-4EB6-8DDD-DCE3A21FDBAE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16C64136-89C2-443C-AF7B-BED81D3DE25A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "182000E0-8204-4D8B-B7DE-B191AFE12E28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC208BC-7E19-48C6-A20E-A79A51B7362C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "084D0191-563B-4FF0-B589-F35DA118E1C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DB6FC5-762A-4F16-AE8C-69330EFCF640",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "968390BC-B430-4903-B614-13104BFAE635",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAD21E-59EE-4CCE-8F1E-621D2EA50905",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02C3CE6D-BD54-48B1-A188-8E53DA001424",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "498991F7-39D6-428C-8C7D-DD8DC72A0346",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B90D36-5124-4669-8462-4EAF35B0F53D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6EB963-E0F2-4A02-8765-AB2064BE19E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEAAF99B-5406-4722-81FB-A91CBAC2DF41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93400ld-h1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D2DFCA0-36D8-48BC-B20D-84509EB5FF66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fx3ph:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D68E7FE-BD46-4245-8DEE-1AD32159E045",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-h1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2EC055-B309-4F1F-A646-FA47AE344D27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D6DB7F-C025-4971-9615-73393ED61078",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "737C724A-B6CD-4FF7-96E0-EBBF645D660E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7067AEC7-DFC8-4437-9338-C5165D9A8F36",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71D4CF15-B293-4403-A1A9-96AD3933BAEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBCC1515-2DBE-4DF2-8E83-29A869170F36",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7282AAFF-ED18-4992-AC12-D953C35EC328",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "360409CC-4172-4878-A76B-EA1C1F8C7A79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D5D5E2-B40B-475D-9EF3-8441016E37E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73F59A4B-AE92-4533-8EDC-D1DD850309FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "492A2C86-DD38-466B-9965-77629A73814F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB7AA46-4018-4925-963E-719E1037F759",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B04484DA-AA59-4833-916E-6A8C96D34F0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D07B5399-44C7-468D-9D57-BB5B5E26CE50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B76FB64F-16F0-4B0B-B304-B46258D434BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E128053-834B-4DD5-A517-D14B4FC2B56F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "163743A1-09E7-4EC5-8ECA-79E4B9CE173B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE340E4C-DC48-4FC8-921B-EE304DB5AE0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C367BBE0-D71F-4CB5-B50E-72B033E73FE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85E1D224-4751-4233-A127-A041068C804A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD31B075-01B1-429E-83F4-B999356A0EB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9800_34-port_100g_and_14-port_400g_line_card:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D3B28C3-114D-41EE-8295-AFA9932C9EAA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9800_36-port_400g_line_card:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC134D3-9AA0-44A4-9CBD-410A3A9C5886",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3284D16F-3275-4F8D-8AE4-D413DE19C4FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.\u0026nbsp;\r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el int\u00e9rprete de Python del software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado y con pocos privilegios escape del entorno limitado de Python y obtenga acceso no autorizado al sistema operativo subyacente del dispositivo. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad manipulando funciones espec\u00edficas dentro del int\u00e9rprete de Python. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante escape del entorno limitado de Python y ejecute comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario autenticado. Nota: Un atacante debe estar autenticado con privilegios de ejecuci\u00f3n de Python para aprovechar estas vulnerabilidades. Para obtener m\u00e1s informaci\u00f3n sobre los privilegios de ejecuci\u00f3n de Python, consulte la documentaci\u00f3n espec\u00edfica del producto, como la secci\u00f3n de la Gu\u00eda de programaci\u00f3n de NX-OS de la serie Cisco Nexus 9000."
}
],
"id": "CVE-2024-20285",
"lastModified": "2024-10-22T14:37:01.363",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-28T17:15:07.687",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Product"
],
"url": "https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-653"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 17:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108353 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108353 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF06D835-FBE6-4866-B410-C2F66AEF68CD",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B1386A3-38D8-40A7-9828-AF76A910F533",
"versionEndExcluding": "6.0\\(2\\)a8\\(10\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01EAB41F-6AE7-47D9-80EC-C9974E331506",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0C7252-4931-47EF-9AFD-0CE05C786613",
"versionEndExcluding": "7.3\\(4\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user\u0027s private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user\u0027s private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de administraci\u00f3n de claves CLI SSH del software Cisco NX-OS podr\u00eda permitir que un atacante local autorizado exponga la clave SSH privada de un usuario a todos los usuarios autorizados en el dispositivo de destino. El atacante debe identificarse con credenciales de dispositivo de administrador v\u00e1lidas. La vulnerabilidad se debe a un manejo de errores incompleto si se produce un tipo de error espec\u00edfico durante la exportaci\u00f3n de la clave SSH. Un atacante podr\u00eda explotar esta vulnerabilidad al identificarse en el dispositivo e ingresar un comando creado en la CLI. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante exponer la clave SSH privada de un usuario. Adem\u00e1s, un tipo de error similar en la importaci\u00f3n de la clave SSH podr\u00eda hacer que la clave privada SSH protegida por contrase\u00f1a se importara involuntariamente."
}
],
"id": "CVE-2019-1731",
"lastModified": "2024-11-21T04:37:12.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 4.2,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T17:29:01.780",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108353"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108353"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-30 09:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload. Note: The NTP feature is enabled by default.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF1AF20-C6CE-4956-8129-FA68E3B03E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9501608B-3811-4C33-BDA1-721045284C7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F363BEDD-A8AC-4FB6-87DC-708F97F8375E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E40D9097-C95A-4813-9DEE-89CA75820524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "399568C2-4198-4D2C-B694-FF4EFE5E4710",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F762E87A-BF80-4D33-ADDA-84369E068005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B25B92ED-37C0-4653-9C5E-B4C13C46464C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2374E02D-46FE-477F-A74D-49E72149E6EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C44335D8-8A78-486C-A325-9691FA4C3271",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "98CFE9BB-7BFE-4782-B602-2C6A1392693F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6:*:*:*:*:*:*:*",
"matchCriteriaId": "0CDB1D59-C964-4D30-B55E-08E68562300C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i:*:*:*:*:*:*:*",
"matchCriteriaId": "2C8702D0-13F8-4033-B675-90B380A5AC9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD96C7AE-EECC-43F4-9132-1E7F8047C701",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8:*:*:*:*:*:*:*",
"matchCriteriaId": "9DCBF1FE-C124-4DBA-B127-D484D5C9110C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "98CFE9BB-7BFE-4782-B602-2C6A1392693F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEBF467-C2E2-4ED9-8E8A-02E062E734D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "98CFE9BB-7BFE-4782-B602-2C6A1392693F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f:*:*:*:*:*:*:*",
"matchCriteriaId": "E575893D-81E5-47E6-9531-50E044C2C3D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD96C7AE-EECC-43F4-9132-1E7F8047C701",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "247F42D0-7B07-4F4A-95D9-648139D5F67D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9103A92E-C9F3-401B-AE30-66466210ADED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "01B3A010-8F62-4505-AB02-9A3E3FDC8C72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE85C54-276F-462E-808A-23D3E54D31BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9501608B-3811-4C33-BDA1-721045284C7D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF1AF20-C6CE-4956-8129-FA68E3B03E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE85C54-276F-462E-808A-23D3E54D31BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9501608B-3811-4C33-BDA1-721045284C7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FADC755B-3AB3-43D6-8495-1FABCBD548E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B36B056-C068-4413-B648-1D1D6026B823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F363BEDD-A8AC-4FB6-87DC-708F97F8375E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E40D9097-C95A-4813-9DEE-89CA75820524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "399568C2-4198-4D2C-B694-FF4EFE5E4710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3\\(2\\)s5:*:*:*:*:*:*:*",
"matchCriteriaId": "C733C52D-953A-4CDF-BD98-3102FE50CE70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B22B3865-30E9-4B5A-A37D-DC33F1150FFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "459A7F11-52BF-4AD6-B495-4C4D6C050493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEACA55F-4335-4478-B608-EB92EE1D6C6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ABB175-81BE-4C46-BD2D-70016508BE22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71F93299-A715-4E97-87FE-B1E248EA98BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3AD807-5A0F-4DF5-9A7A-748205F409E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload. Note: The NTP feature is enabled by default."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad Network Time Protocol (NTP) de Cisco NX-OS Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido al uso excesivo de los recursos del sistema cuando el dispositivo afectado est\u00e1 registrando una acci\u00f3n de ca\u00edda para los paquetes NTP MODE_PRIVATE (Modo 7) recibidos. Un atacante podr\u00eda explotar esta vulnerabilidad inundando el dispositivo con un flujo constante de paquetes NTP de Modo 7. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un uso elevado de CPU y memoria en el dispositivo afectado, lo que podr\u00eda causar que los procesos internos del sistema se reinicien o causar que el dispositivo afectado se recargue inesperadamente. Nota: La funcionalidad NTP est\u00e1 habilitada por defecto."
}
],
"id": "CVE-2019-1967",
"lastModified": "2024-11-21T04:37:47.367",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-30T09:15:20.287",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ntp-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ntp-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-07-01 17:15
Modified
2024-11-21 08:52
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device.
This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root.
Note: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. The following Cisco devices already allow administrative users to access the underlying operating system through the bash-shell feature, so, for these devices, this vulnerability does not grant any additional privileges:
Nexus 3000 Series Switches
Nexus 7000 Series Switches that are running Cisco NX-OS Software releases 8.1(1) and later
Nexus 9000 Series Switches in standalone NX-OS mode
References
Impacted products
{
"cisaActionDue": "2024-07-23",
"cisaExploitAdd": "2024-07-02",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Cisco NX-OS Command Injection Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2FDE8EF9-47CF-451D-9570-3D369D74D44F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "55A760CE-5E63-4A6B-8DA3-A473BC3900E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0E738E86-B75F-48BF-9E76-C7DD470F3688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(6a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "11E66F3E-9482-4F30-8480-F036F3C68B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "68C6090F-0B05-46F0-8A67-928FE1C36D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FBD345BD-83EF-4913-A0F3-74E52AD76BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46B2B97B-DDB7-4208-BF1A-D10C8A075A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "317C8BE8-84DA-43D5-AE93-7E7DCDE6883E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED7B1216-4C4F-4A23-9474-23876649ABF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "57892CBB-8C95-4E56-90F8-B77BBBDC03FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A555382D-9D35-4931-B3B0-DD4D956AB7AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "985752BE-AC65-47BC-97F5-36C2E44E55D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(18\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BEC60C3C-8689-47EC-B944-F0FB9D38E4F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(20\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C6A61F7E-9929-48F5-85BA-72E744AF30B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(20a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA24A851-F051-41A8-A33E-7296AD199306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52E6911E-3DD8-4FCC-A1B5-613098B25337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(24\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FEA235F0-95C4-471A-BBD6-EDB723E6E7CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(24a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F558EAFA-C4A3-4EC3-85E6-225D3EBB0D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6BF973CD-3315-4D86-8F89-05DC97C736AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C18A0045-87F3-4782-81C5-0BF615EA9346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2768DEF1-3DFA-4683-9D8D-C5915D8E7365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3CD05045-E867-4B7E-ACE4-7B6EA69971AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7FD733DD-EC40-48EC-A8A6-AE09657EEFC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)dx\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "18CE33FF-6C81-4B38-8C47-6DEBD4D4223C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A7B0A8C-ED8F-411C-843F-B801CBBBB6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FADC755B-3AB3-43D6-8495-1FABCBD548E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "03607526-7F9E-43F5-94ED-3ED0B4D29DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8890C4B8-2E5C-46D6-80DE-6B5256FA1CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F8A3FFE-D017-43F7-B481-AF25B8B2BE6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "98FC292D-27D3-40CF-98C5-AF47686FC134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C23B353-3500-4FA4-90CE-624A29B1048F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29002523-6405-4198-A5E5-630A4B661767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF0DFA7E-9B40-4E82-9EB9-886C79B2D61C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FA615483-9E8E-4E74-B2A1-FCA555523DC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(8\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E991E535-5FB6-40FE-B599-9CFFDA6438DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(9\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "90444CE8-2D46-432F-8713-6B4A05D03AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C83E090-7C99-465A-A477-C2949B137720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AB556839-151C-492E-B4C3-C024276D5AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "298709C4-69BF-48BA-A317-4251B5461A0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0EF15089-A16E-47CC-AB52-78AB85F681BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3FB0B238-4F3A-4569-89B0-ED80533D87C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CF90B861-F48B-45DF-ACB8-F91030106181",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CAB301FC-988F-4FC3-A097-E926E541F098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6CFA19E0-0121-4422-83AF-94039520A0F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "03201B37-841C-432F-8643-352833381373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F6AD86DF-7D7A-4097-8DBF-9EF07EF5509A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9CF6FCE1-D9F7-4A1C-8570-1A1529BFFB0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(7a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "224696A4-D5A9-4E5F-B0D4-68F27A1CD6A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6A54DB25-6479-4B1B-AEE6-9F4EB1A0E90C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0ED62FC-4C6D-4777-934F-0A9A32194E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "84FE4C8A-61BC-4F5A-B4E1-8525FAD55CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A7FD4067-4EEF-4477-AA3A-EE8BB8489832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6B8E31F-6B33-43E0-9585-5736D54FE876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3C828C0E-99E6-4DEF-9EB3-672DEB61F479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2636B1F1-8C40-44A4-B96B-C84EC244685E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "411B58EB-2BCD-47CA-AB5A-538BCEAEF75F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1D725607-74D5-4700-B4B7-0C35D119F9BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "189BE025-7434-4790-94E3-4F4F07C76937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6A2E2364-1C5B-494B-B7DA-752F9E9D5464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E1C2124A-A7B3-4D2A-870C-76EFCE0D0B9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3F45511E-5224-4919-B6D9-83EE7493D0E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(6a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52F8EDCD-45C9-4408-BD20-71C70CDE367C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A39C505E-ABEB-4481-8A8A-1B1F3C5E0A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5B02BC42-7F87-46F7-AA46-48633AC5AFD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "395233A3-B56F-458A-86F9-5EE8D66A51C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B22B3865-30E9-4B5A-A37D-DC33F1150FFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "459A7F11-52BF-4AD6-B495-4C4D6C050493",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEACA55F-4335-4478-B608-EB92EE1D6C6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36145717-6348-466D-87B4-B1A19F17BA55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7009:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4831C5F4-AF09-4951-B7AC-9DAF1C7045B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BBDCF9-562C-44BA-B709-F91346F6F99F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7018:-:*:*:*:*:*:*:*",
"matchCriteriaId": "276BD181-125C-48EC-984C-29BAE20C21F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ABB175-81BE-4C46-BD2D-70016508BE22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71F93299-A715-4E97-87FE-B1E248EA98BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3AD807-5A0F-4DF5-9A7A-748205F409E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596B885-5312-489B-BBDB-A5374E525DE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42EC10DA-FE01-4BA3-B49F-B164F697D4BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1655CC-9BD5-4BD5-B113-776E4335D556",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA6F9ED-50A1-4D61-BC83-438585646856",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD54E122-6102-451E-92BF-AF71D98AEBE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C857C0F-B023-4CF7-9916-6735C40425F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D4C558C0-ECA4-408D-A5DF-2A175E48EAE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C4947F0C-B1F5-4BA0-A6F0-F08C25554E68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(5b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BC281019-3BB1-4539-BFA3-1D13E2ABE720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "07863B2B-D780-4641-BADE-A5AFFAD95E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D4F7ADD7-C438-40A4-883E-BFAAA9BA0029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(9a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31C3DDB7-119B-4AF8-9896-8DF08303E04E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(9b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "05C1E8F0-3840-406F-A3F6-BB50735B0214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(9c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "01D17E16-271E-4642-9577-32B58EEFB5F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BA4A04DF-1668-42FC-9C81-11FFB93B43D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(11b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CF349FDA-DFEC-45AA-A236-F0C8D0B3AD83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(11c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3F5A0E74-C0C2-4593-9ACB-4A94E5BA4A29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(11d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C926C2EC-1838-4B94-945D-69315B645B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(11e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6D3C6E19-4A5A-45D4-9BE0-97BE969D8BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(13\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4F52D1CE-0F00-401B-86AE-1E93F7259B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(13a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CA749833-7D3B-4FFD-9A5F-9D9966D1DDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(13b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9FEDA299-FD35-46A0-A7A3-50D526D445C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "411C176B-3A5D-4EFB-8DCB-753E7BAC6AF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CACD51E7-FCA3-4870-94E0-FAB505743C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9110930C-AA37-42F1-8B7E-E06033133D42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(21\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8540E153-4041-4CBA-ABA2-6E78BD3A6E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(23\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B8F9A602-F5E5-432D-8304-19964DC373A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(25\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0B86774A-900E-4A02-B671-C13C18965358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(27\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D23ADF50-748F-4795-B564-6D934B95F8D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(29\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1D4A2531-F5F0-4AB8-A812-7ADE7D558B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(31\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95777BFD-0F3B-49F8-9131-34EB83F7ED67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(33\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF43590F-5F94-49EC-BE3A-55635ECD3176",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7FD733DD-EC40-48EC-A8A6-AE09657EEFC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)dy\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ADC3F316-982A-4D7C-BE3B-C3D87F58B298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)d1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A7B0A8C-ED8F-411C-843F-B801CBBBB6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)dy\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D9B515AF-915A-4BAE-AA51-CF57F7316A63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AB556839-151C-492E-B4C3-C024276D5AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3A8D89C0-8C65-487B-9F2D-FFE31AE5BBCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "409A92B8-F9A5-401E-B77F-177C48B22F23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3FB0B238-4F3A-4569-89B0-ED80533D87C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CF90B861-F48B-45DF-ACB8-F91030106181",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6B8E31F-6B33-43E0-9585-5736D54FE876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3C828C0E-99E6-4DEF-9EB3-672DEB61F479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2636B1F1-8C40-44A4-B96B-C84EC244685E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0A868C7-1060-4A48-819E-013F435F08D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "411B58EB-2BCD-47CA-AB5A-538BCEAEF75F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9E85905-A3F0-43C0-A578-6E9C14033D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "64E228E3-B088-4E1B-9E46-ECC8835CD9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(2c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "17679F98-B8D5-4FDD-AA8F-9FCF703B466B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(2d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BCCF180B-0710-4368-B588-86C0971883A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F0E1A760-CAB3-4313-9315-26AD75C43CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.4\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A8DBDA3B-E8A6-4709-81F0-32908100D975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8BC7435D-C9E9-4895-A958-F8F78DAE93A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD96C7AE-EECC-43F4-9132-1E7F8047C701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "728C0D94-CCCF-4313-98F0-1E25F7FA2464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1D43B9D6-0991-4370-9369-C0A1EDBF6627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A589031-946F-4016-AFC9-92FB033420D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20FF2A5A-CB80-4F58-856D-724AACB0864C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "89FC0A74-2435-4977-BBB7-906B812382EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C06AF41C-ADDD-4B52-8187-DA50D1AF271B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.4\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "50A8023C-51B2-49D7-BEB3-618B2D213F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8BD5346D-15B3-4342-901B-F562A8A71686",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9134:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB00911-C0B0-4A4E-A0B9-413EC9D9C25A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F762E87A-BF80-4D33-ADDA-84369E068005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22E6B85A-3988-4EC5-B788-9664772CE64E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B25B92ED-37C0-4653-9C5E-B4C13C46464C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E81D2CC1-376A-4D87-88EA-6E1831741EC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2374E02D-46FE-477F-A74D-49E72149E6EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C44335D8-8A78-486C-A325-9691FA4C3271",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "73B9FE4E-0C82-4511-9A4A-DCBFEB93DE87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BB8F0200-7BCA-49E9-98E0-D825630D77FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "61FCA143-FDAB-472D-B9E1-F7CB4041BBE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "61F736DD-44FE-4A20-AF89-4B29725608A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8844860D-427F-4B01-980A-59B082F26034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CCA96B43-0793-4784-A971-DD442EBFF6BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B13305C9-008F-488A-ADC7-0724AFB313DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "50DFAF49-0688-4A5A-9023-E2543164D89C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46376F5C-2CF0-46F1-ADCF-870065A24D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5EB6C0E3-9B92-4768-93BB-8B8626EB164A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F4EA572E-5F4F-45F1-B7A1-346F723C2BDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6EA3CBB-EAF7-4837-96AF-0258220C4A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5E6FB730-84CD-496D-9140-BC9375548D14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BD712B88-298A-4488-A053-67CB45190F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31308B18-062C-4DB8-9241-F15661C06398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED17D340-9C18-4B1E-BA15-CAE2ADAAD38E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "310856A9-CA62-4C1A-A4C9-B6EECC36F496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3D295366-662E-4C8E-9758-3DB801E0ABA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F09360A9-3FB1-465F-977E-643942D01FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6A97A6BE-A27A-4D53-AB63-2A2631F20EAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3F034BF4-31E6-46FB-B082-EA22FFE51AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "063BB311-EC8D-43E5-9B9D-56C96121EB9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "003AAC03-306E-4D12-B4C7-7ECA4ED88884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DAA33-3841-4C14-A137-93E1810CC866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ACD5B480-2780-48EB-B361-4EF4833D97E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B0500999-E48F-4FE1-9B92-C1E179651CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "629488D4-D8A4-4152-A4D3-E951F199C6DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2D8F0A63-8229-46E8-94A6-CDBB1E8F91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FAD3C773-0B71-4FF2-9DCD-2875CFDE3308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B07F6A0D-82C3-4C2C-9715-3D07083E6F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "03901678-2CCB-4ED5-AF04-D8469BF12804",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8845147E-D3B1-41B9-BBD2-77B2823F3AD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8F7B2F23-F532-40D2-884E-D86785B33296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1FC4F349-9E1C-4DD8-BC07-6CB67053BCDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D498C133-AA11-49C4-B065-F27CE776D318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "08032AAC-F094-4717-A56F-89289FBD1F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C5ADD4D3-206C-4609-AB2A-F6945D56627B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "07645F73-AC79-4BB8-A98E-1740F7D6EC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9DC56869-4665-49D1-89F2-8ED97727BD94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "147D1A4A-6404-47E3-B1A6-4C001C8DD9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1162691A-6C92-448A-8F1B-2DEFB623F1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "57524BA3-CF08-4F0F-95C9-F1417B4B83E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0E214C2-24CF-43EC-BC27-2E6AA77254DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB0D74A0-C4B2-46EC-A9FF-562A997E3150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "817A45B4-7C79-4D1A-B889-18A937CF8361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "155F3CB7-A85B-4897-A4E2-F485FDF44AD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9D34CAB5-0832-45B1-B13F-49B763AFB74F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C0DB182-F37A-4230-BD6F-461C3195FAF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "21F43A5A-52A2-4094-8D36-39450B8F0E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "674D15C8-3946-4C2F-9B62-BC6E5BC67673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "990FA11F-5158-4717-B716-C5D6D2D23D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5DD2941-AD1E-4C13-8DAA-C5524B96AAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "45A37F82-44B3-426C-A344-9054599BB426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "907A3DEC-27F8-4D0A-9EE4-4681B6D9BADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "53378B5F-4A5B-425D-B8BE-455FAF924551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A8F6C744-6501-4FAD-AF4F-12D3EA8F5BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "076216C6-C115-4C7C-A9E3-46A3986DA2AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A819AE96-3933-4AD2-AF30-36E199393E01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4142F873-0492-4ACC-88F9-3A243128D0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A9CD31FC-C2D0-4B29-90D5-7C3CB218DF9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "30A500F4-1899-4F96-98E3-9330146A7963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE52C974-3930-4AC9-907B-8E6B325D6A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FAD07DE9-5C98-4A63-A741-8E69E9F125D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F0DA113F-3706-4FF3-88F9-5D3CD48F8CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6A35B6DA-BF07-4579-8D6A-65CD8E052482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF0B3DB8-8121-4FDC-8A11-42AB619101EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "70830AB5-C86B-4726-A982-6F104910153E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8z\\):*:*:*:*:*:*:*",
"matchCriteriaId": "87EB3AE2-8A92-4B16-8A22-A0F5B55D12E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0904B27-2FA3-4B8D-9706-98B0376B5FC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B1D86994-83EE-4D09-B79A-70CB22C077C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1BEB5BAE-0BB6-4201-9229-47DE631AAF3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "00953B63-7DBB-4A67-B41D-321C2ECDE79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "83B2E7F6-9641-4B55-8B7D-6B0E020DD4A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C9388C2C-75F4-487F-A7D8-4E17FD39A166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80B54786-DA2A-4E2D-9835-6A7939931928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7688EC58-4647-4A08-9E86-A71EA7C41B88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5AD2254-158D-4BEE-B36C-242813F4BA37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4480D800-595F-44CB-85ED-7E17A34A5BEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF7AB4C3-54E0-4445-974C-4AE337B7B7DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AD015889-3893-4781-B18D-6125A9B6CE39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "89541F84-0C10-4757-8D25-80FC4464EC23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "371AEAF3-39CA-4837-BA5A-D80826933C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4C1BC928-7DB9-499A-8CF4-90C98218E9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3779AD1A-7E6D-4213-A35E-7E9E461AE6FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD96C7AE-EECC-43F4-9132-1E7F8047C701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1D43B9D6-0991-4370-9369-C0A1EDBF6627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6EB58108-78E4-4208-A549-C86B37422828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2v\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46427F06-FAB1-4AB8-A6BF-3EE10608B4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5FB6ADC7-97AC-4DD8-8F1B-448A63D8BE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6E2484E7-24ED-4238-8ED3-FFFB7C479F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A589031-946F-4016-AFC9-92FB033420D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20FF2A5A-CB80-4F58-856D-724AACB0864C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9FF50BFC-2DB3-4954-BC59-8B3D27D418E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F97A62E0-8A96-43A3-8FB1-FDC1B8A08049",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A2F42DB-B22B-4880-BA73-D0E0295190DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "85A8B2D7-BCF2-4B2E-8208-7D2FDF717C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C8A71DEB-93CD-4827-9F9E-3A0DFFAD145A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(7a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E1A56DB8-CDDD-4AB8-8694-B6CC967B7F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2B448FDB-C2F5-454F-A275-E985C3FCDBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AEE47A7-B23A-4C9A-A25C-0983D94FB569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "350F10D8-221B-4A47-8BF6-CCC421878243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C0B4E497-95AE-45FC-8F89-A7959CA9AF4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7385A37A-FC89-44E6-8BD9-C35B2F22714F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(13\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1C26E0A3-7641-4DDF-9882-F04F297C8D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7B192CE-F0B4-415F-9A33-B639A7B56ED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A1D6DFF-D8CC-4912-BFE6-8454AB95AD7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F2DB904E-9FAF-4A23-82E9-367BDBFC57D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(1q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A5736375-4050-40A5-A504-688B182C9A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "54AB751B-77DE-4513-B961-378458F74164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63AB92C1-D2F7-4025-88B6-EFA1D3C07F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69C445A7-B836-493D-8056-86D4F31847EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C3018A70-3236-4885-8EB1-708442F74981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6FE29E31-332A-4B5B-ADAC-4C14FB589593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0918CE83-AFAF-422B-B992-1B7ED61C3316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A11EF17F-F0CC-4E27-BC67-8A7CBEB17760",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F69EF43C-0F06-40B8-94AE-870E182E26CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8CE0E36D-08A6-48D5-A364-AC066F30F3CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "093B5CCD-AE92-47C4-81E9-E03825BD6CF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1DBDBBC8-12BA-42F9-BF22-B29C3FDF8A31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F8403157-A1E2-40BA-BCED-27C7981814C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(99w\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0B3B9B0F-6D25-408B-9D20-87C66F786D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(99x\\):*:*:*:*:*:*:*",
"matchCriteriaId": "59AB22C9-34C9-4919-BA80-DFF3E186620F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BE3869F2-3991-4F60-8618-7F491EBFF807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:10.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A3D96339-4768-483E-9D2C-0EB0F8D29D5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F4E8EE4-031D-47D3-A12E-EE5F792172EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D14D4B4E-120E-4607-A4F1-447C7BF3052E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15702ACB-29F3-412D-8805-E107E0729E35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B34855-D8D2-4114-80D2-A4D159C62458",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32A532C0-B0E3-484A-B356-88970E7D0248",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C84D24C-2256-42AF-898A-221EBE9FE1E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43913A0E-50D5-47DD-94D8-DD3391633619",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
"matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_aci_mode:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57BC5903-1316-4FFF-BE52-2F6D63549590",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_standalone:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4755F890-634B-4B25-AF08-C34F13429FA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA62800-F5DC-48DA-8C81-D684EA8EBB9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "532CE4B0-A3C9-4613-AAAF-727817D06FB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24CA1A59-2681-4507-AC74-53BD481099B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB9FDE8-8533-4F65-BF32-4066D042B2F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16C64136-89C2-443C-AF7B-BED81D3DE25A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DB6FC5-762A-4F16-AE8C-69330EFCF640",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAD21E-59EE-4CCE-8F1E-621D2EA50905",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02C3CE6D-BD54-48B1-A188-8E53DA001424",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "498991F7-39D6-428C-8C7D-DD8DC72A0346",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6EB963-E0F2-4A02-8765-AB2064BE19E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D6DB7F-C025-4971-9615-73393ED61078",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D5D5E2-B40B-475D-9EF3-8441016E37E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73F59A4B-AE92-4533-8EDC-D1DD850309FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "492A2C86-DD38-466B-9965-77629A73814F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB7AA46-4018-4925-963E-719E1037F759",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B04484DA-AA59-4833-916E-6A8C96D34F0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "163743A1-09E7-4EC5-8ECA-79E4B9CE173B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE340E4C-DC48-4FC8-921B-EE304DB5AE0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C367BBE0-D71F-4CB5-B50E-72B033E73FE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85E1D224-4751-4233-A127-A041068C804A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD31B075-01B1-429E-83F4-B999356A0EB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3284D16F-3275-4F8D-8AE4-D413DE19C4FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DE199525-4C2D-48C2-A76C-BD14BF2851F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E3644F66-F964-4D50-A6E0-EE8784490BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "72AD166D-7CBF-4A4D-A376-907DDA1BB504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A20D72B-E2C6-47B6-A54D-FA435F29D7F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "77D9EEFA-D652-45D2-8AF5-8A72825E7ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AEB91EC-E548-4C53-920F-C4871BC464B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0282F963-2C1F-44F7-A0D0-4929685051AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9103A92E-C9F3-401B-AE30-66466210ADED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B5ED7424-EB12-4C21-97C8-082156716C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "16359104-2DB6-41D6-97A8-8CA1C3AB5688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "569B3CE7-CA06-4636-8043-7ED7635195A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8D72F0B8-D229-4995-A053-62FA6591DCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D8025943-EA09-47E6-9109-7DAF078F8F26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0EE35B51-2D13-4A8B-BFF5-0596DBDCD261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69FE85C9-A0AC-4FD4-A6EE-F0868B69503B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AF1257BF-D534-4899-937F-DCBD033A7D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "86E5CF27-5661-41DF-B339-740718760AC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9ACD2D0D-7A38-4FCD-9E24-5588BACF8DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "586E9024-C983-4CFF-9A3F-A39256E09910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B2B7951C-8376-49C3-BF50-E6B65909A739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(8\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D1718-F6B6-4AF6-86EE-0DFF5C6F5AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(9\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4D9EA4B1-4E06-404A-8989-0BA8BE611211",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(10\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F304E6D1-6FA6-452C-AC49-27173F22966B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(11\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58895A84-EA72-40EA-BD7A-AE2EA362BA8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(12\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5F7966B0-2CAC-4249-98B4-EDAA2F0BF3EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(13\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7937350E-C774-46F0-88EF-E0464EF868B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(14\\)n1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B79E4387-44CC-4D7B-A53D-D73EEB23F736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFC8699E-81C0-4374-B827-71B3916B910D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "870F4379-68F6-4B34-B99B-107DFE0DBD63",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root.\r\nNote: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. The following Cisco devices already allow administrative users to access the underlying operating system through the bash-shell feature, so, for these devices, this vulnerability does not grant any additional privileges:\r\n\r\nNexus 3000 Series Switches\r\nNexus 7000 Series Switches that are running Cisco NX-OS Software releases 8.1(1) and later\r\nNexus 9000 Series Switches in standalone NX-OS mode"
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado ejecute comandos arbitrarios como root en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos que se pasan a comandos CLI de configuraci\u00f3n espec\u00edficos. Un atacante podr\u00eda aprovechar esta vulnerabilidad incluyendo una entrada manipulada como argumento de un comando CLI de configuraci\u00f3n afectado. Un exploit exitoso podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios de root. Nota: Para explotar con \u00e9xito esta vulnerabilidad en un dispositivo Cisco NX-OS, un atacante debe tener credenciales de administrador."
}
],
"id": "CVE-2024-20399",
"lastModified": "2024-11-21T08:52:33.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-07-01T17:15:04.383",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.sygnia.co/threat-reports-and-advisories/china-nexus-threat-group-velvet-ant-exploits-cisco-0-day/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Undergoing Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-03 15:29
Modified
2024-11-21 04:36
Severity ?
Summary
A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. The vulnerability is due to a lack of proper data-protection mechanisms for disk encryption keys that are used within the partitions on an affected device hard drive. An attacker could exploit this vulnerability by obtaining physical access to the affected device to view certain cleartext keys. A successful exploit could allow the attacker to execute a custom boot process or conduct further attacks on an affected device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108175 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-unmeasured-boot | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108175 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-unmeasured-boot | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 8.3\(0\)sk\(0.39\) | |
| cisco | nexus_9000 | - | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92300yc | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93108tc-fx | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180lc-ex | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93180yc-fx | - | |
| cisco | nexus_93240yc-fx2 | - | |
| cisco | nexus_9332c | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336c-fx2 | - | |
| cisco | nexus_9336pq | - | |
| cisco | nexus_9348gc-fxp | - | |
| cisco | nexus_9364c | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9508 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.3\\(0\\)sk\\(0.39\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39E9A017-225B-4FCB-A5AA-8CEA1435A1AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. The vulnerability is due to a lack of proper data-protection mechanisms for disk encryption keys that are used within the partitions on an affected device hard drive. An attacker could exploit this vulnerability by obtaining physical access to the affected device to view certain cleartext keys. A successful exploit could allow the attacker to execute a custom boot process or conduct further attacks on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de Trusted Platform Module (TPM) del software para Nexus 9000 Series Fabric Switches de Cisco en modo Application Centric Infrastructure (ACI), podr\u00eda permitir que un atacante local no autenticado con acceso f\u00edsico pueda ver informaci\u00f3n confidencial en un dispositivo afectado. La vulnerabilidad se genera por la falta de mecanismos adecuados de protecci\u00f3n de datos para las claves de cifrado de disco que se usan dentro de las particiones en el disco duro de un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad al conseguir acceso f\u00edsico al dispositivo afectado para visualizar ciertas claves de texto claro. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar un proceso de arranque personalizado o realizar m\u00e1s ataques en un dispositivo afectado."
}
],
"id": "CVE-2019-1589",
"lastModified": "2024-11-21T04:36:52.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-03T15:29:00.510",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108175"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-unmeasured-boot"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-aci-unmeasured-boot"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-311"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-25 20:15
Modified
2024-11-21 05:44
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system. This vulnerability is due to improper access control. An attacker with Administrator privileges could exploit this vulnerability by executing a specific vulnerable command on an affected device. A successful exploit could allow the attacker to read arbitrary files on the file system of the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:14.2\\(7f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD6D7D62-660F-49AB-96D7-189778A42394",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system. This vulnerability is due to improper access control. An attacker with Administrator privileges could exploit this vulnerability by executing a specific vulnerable command on an affected device. A successful exploit could allow the attacker to read arbitrary files on the file system of the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el control de acceso al sistema de archivos de la infraestructura de f\u00e1brica de Cisco Nexus 9000 Series Fabric Switches en el modo Application Centric Infrastructure (ACI) podr\u00eda permitir a un atacante local autenticado leer archivos arbitrarios en un sistema afectado. Esta vulnerabilidad es debido a un control de acceso inapropiado. Un atacante con privilegios de Administrador podr\u00eda explotar esta vulnerabilidad al ejecutar un comando vulnerable espec\u00edfico en un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante leer archivos arbitrarios en el sistema de archivos del dispositivo afectado."
}
],
"id": "CVE-2021-1583",
"lastModified": "2024-11-21T05:44:40.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-25T20:15:10.997",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-afr-UtjfO2D7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-afr-UtjfO2D7"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-11-19 03:03
Modified
2024-11-21 02:56
Severity ?
Summary
A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability affects Cisco Nexus 9000 Series Leaf Switches (TOR) - ACI Mode and Cisco Application Policy Infrastructure Controller (APIC). More Information: CSCuy93241. Known Affected Releases: 11.2(2x) 11.2(3x) 11.3(1x) 11.3(2x) 12.0(1x). Known Fixed Releases: 11.2(2i) 11.2(2j) 11.2(3f) 11.2(3g) 11.2(3h) 11.2(3l) 11.3(0.236) 11.3(1j) 11.3(2i) 11.3(2j) 12.0(1r).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/94077 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1037185 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94077 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037185 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic | Mitigation, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "633D2528-7FC4-448C-AEF4-5849B172CE11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2585A246-7C8F-4755-9DB9-E9A668901B7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "789A655E-4670-421D-98EA-B80F4EF35191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CCB2662B-7AD7-486D-B492-3ED74723A88D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "05098742-7099-424F-8490-300508F0459F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "36A00C1F-7270-4E2F-8420-8567336AD1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "22EE58D9-D1BF-41BD-B331-A3472D38B1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(2i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "58B28302-6700-4B2C-9531-6BECA5113D70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E34C017B-E9C3-48B8-AB7E-0A8C6CD8788B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(3e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED0CF9B2-356D-45C5-BFCD-94155E1A2F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.2\\(3h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2478A831-330D-4526-8A2C-DC8C0F6973ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1569E0F4-33D1-408D-88DC-26822447F325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CA86F8E0-58FB-4CA5-9541-E9D55BED533D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F031ABAD-3D20-4374-ABBE-24D5C01BE910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:11.3\\(2i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F227E127-08EE-4A86-956C-BBBDB49925A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0BEE5B22-F9D3-4EAA-A552-7F0271080632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74DB471F-43AF-4E94-99B0-7D38CB3F5943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9217FBFE-2708-440A-90F9-0562C159DE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5BA5F46C-3172-4509-856F-703E0B517E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.0\\(1q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E07DC9A1-E4BA-474C-96C2-0B73704628AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability affects Cisco Nexus 9000 Series Leaf Switches (TOR) - ACI Mode and Cisco Application Policy Infrastructure Controller (APIC). More Information: CSCuy93241. Known Affected Releases: 11.2(2x) 11.2(3x) 11.3(1x) 11.3(2x) 12.0(1x). Known Fixed Releases: 11.2(2i) 11.2(2j) 11.2(3f) 11.2(3g) 11.2(3h) 11.2(3l) 11.3(0.236) 11.3(1j) 11.3(2i) 11.3(2j) 12.0(1r)."
},
{
"lang": "es",
"value": "Una vulnerabilidad en los switches de la rama Cisco Nexus 9000 Series Platform para Application Centric Infrastructure (ACI) podr\u00eda permitir permitir a un atacante adyacente no autenticado, provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el dispositivo afectado. Esta vulnerabilidad afecta a los switches de la rama Cisco Nexus 9000 Series (TOR) - ACI Mode y Cisco Application Policy Infrastructure Controller (APIC). M\u00e1s informaci\u00f3n: CSCuy93241. Lanzamientos conocidos afectados: 11.2(2x) 11.2(3x) 11.3(1x) 11.3(2x) 12.0(1x). Lanzamientos conocidos solucionados: 11.2(2i) 11.2(2j) 11.2(3f) 11.2(3g) 11.2(3h) 11.2(3l) 11.3(0.236) 11.3(1j) 11.3(2i) 11.3(2j) 12.0(1r)."
}
],
"id": "CVE-2016-6457",
"lastModified": "2024-11-21T02:56:10.163",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-19T03:03:00.303",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94077"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037185"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}