| The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them. |
|
 |
|
|
Computer vulnerabilities of NX-OS
Cisco NX-OS: denial of service via User Account Deletion
Synthesis of the vulnerability
An attacker can generate a fatal error via User Account Deletion of Cisco NX-OS, in order to trigger a denial of service.
Impacted products: Nexus by Cisco, NX-OS.
Severity: 2/4.
Consequences: denial of service on client.
Provenance: user account.
Creation date: 18/01/2018.
Identifiers: cisco-sa-20180117-nxos1, CSCvg21120, CVE-2018-0092, VIGILANCE-VUL-25109.
Description of the vulnerability
An attacker can generate a fatal error via User Account Deletion of Cisco NX-OS, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Cisco NX-OS: privilege escalation via ACL
Synthesis of the vulnerability
An attacker can bypass restrictions via ACL of Cisco NX-OS, in order to escalate his privileges.
Impacted products: Nexus by Cisco, NX-OS.
Severity: 2/4.
Consequences: data flow.
Provenance: internet client.
Creation date: 18/01/2018.
Identifiers: cisco-sa-20180117-nxos, CSCvf31132, CVE-2018-0090, VIGILANCE-VUL-25108.
Description of the vulnerability
An attacker can bypass restrictions via ACL of Cisco NX-OS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial) |
Cisco NX-OS: denial of service via Pong/FabricPath
Synthesis of the vulnerability
An attacker can generate a fatal error via Pong/FabricPath of Cisco NX-OS, in order to trigger a denial of service.
Impacted products: Nexus by Cisco, NX-OS.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: LAN.
Creation date: 18/01/2018.
Identifiers: CERTFR-2018-AVI-042, cisco-sa-20180117-nx-os, CSCuv98660, CVE-2018-0102, VIGILANCE-VUL-25103.
Description of the vulnerability
An attacker can generate a fatal error via Pong/FabricPath of Cisco NX-OS, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Intel Processors: memory reading via Meltdown
Synthesis of the vulnerability
When the system uses an Intel processor, a local attacker can access to the kernel memory, in order to read sensitive information.
Impacted products: SNS, iOS by Apple, iPhone, Mac OS X, Blue Coat CAS, Cisco ASR, Cisco Catalyst, Nexus by Cisco, NX-OS, Cisco Router, Cisco UCS, XenServer, Debian, Avamar, ExtremeXOS, Summit, BIG-IP Hardware, TMOS, FortiAnalyzer, FortiGate, FortiManager, FortiOS, FreeBSD, Android OS, AIX, IBM i, QRadar SIEM, Juniper J-Series, Junos OS, Junos Space, NSMXpress, Linux, McAfee Email Gateway, McAfee NSM, McAfee NTBA, McAfee Web Gateway, Meinberg NTP Server, Edge, IE, SQL Server, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, OpenBSD, openSUSE Leap, Oracle Communications, pfSense, RealPresence Collaboration Server, RealPresence Distributed Media Application, RealPresence Resource Manager, RHEL, SIMATIC, Slackware, Sonus SBC, SUSE Linux Enterprise Desktop, SLES, Symantec Content Analysis, Synology DSM, Synology DS***, Synology RS***, Ubuntu, Unix (platform) ~ not comprehensive, vCenter Server, Xen.
Severity: 2/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 03/01/2018.
Revision date: 05/01/2018.
Identifiers: 2016636, 519675, ADV180002, CERTFR-2018-ALE-001, CERTFR-2018-AVI-004, CERTFR-2018-AVI-005, CERTFR-2018-AVI-009, CERTFR-2018-AVI-012, CERTFR-2018-AVI-014, CERTFR-2018-AVI-017, CERTFR-2018-AVI-018, CERTFR-2018-AVI-029, CERTFR-2018-AVI-048, CERTFR-2018-AVI-049, CERTFR-2018-AVI-077, CERTFR-2018-AVI-079, CERTFR-2018-AVI-114, CERTFR-2018-AVI-124, CERTFR-2018-AVI-134, CERTFR-2018-AVI-208, CERTFR-2018-AVI-225, CERTFR-2019-AVI-242, cisco-sa-20180104-cpusidechannel, cpuapr2019, CTX231390, CTX231399, CTX234679, CVE-2017-5754, DLA-1232-1, DLA-1349-1, DSA-2018-049, DSA-4078-1, DSA-4082-1, DSA-4120-1, DSA-4120-2, DSA-4179-1, FG-IR-18-002, FreeBSD-SA-18:03.speculative_execution, HT208331, HT208334, HT208394, HT208465, JSA10842, JSA10873, K91229003, MBGSA-1801, Meltdown, N1022433, nas8N1022433, openSUSE-SU-2018:0022-1, openSUSE-SU-2018:0023-1, openSUSE-SU-2018:0326-1, openSUSE-SU-2018:0459-1, openSUSE-SU-2018:1623-1, RHSA-2018:0007-01, RHSA-2018:0008-01, RHSA-2018:0009-01, RHSA-2018:0010-01, RHSA-2018:0011-01, RHSA-2018:0012-01, RHSA-2018:0013-01, RHSA-2018:0014-01, RHSA-2018:0015-01, RHSA-2018:0016-01, RHSA-2018:0017-01, RHSA-2018:0018-01, RHSA-2018:0020-01, RHSA-2018:0021-01, RHSA-2018:0022-01, RHSA-2018:0023-01, RHSA-2018:0024-01, RHSA-2018:0025-01, RHSA-2018:0026-01, RHSA-2018:0027-01, RHSA-2018:0028-01, RHSA-2018:0029-01, RHSA-2018:0030-01, RHSA-2018:0031-01, RHSA-2018:0032-01, RHSA-2018:0034-01, RHSA-2018:0035-01, RHSA-2018:0036-01, RHSA-2018:0037-01, RHSA-2018:0038-01, RHSA-2018:0039-01, RHSA-2018:0040-01, RHSA-2018:0053-01, RHSA-2018:0093-01, RHSA-2018:0094-01, RHSA-2018:0103-01, RHSA-2018:0104-01, RHSA-2018:0105-01, RHSA-2018:0106-01, RHSA-2018:0107-01, RHSA-2018:0108-01, RHSA-2018:0109-01, RHSA-2018:0110-01, RHSA-2018:0111-01, RHSA-2018:0112-01, RHSA-2018:0182-01, RHSA-2018:0292-01, RHSA-2018:0464-01, RHSA-2018:0496-01, RHSA-2018:0512-01, RHSA-2018:1129-01, RHSA-2018:1196-01, SA161, SB10226, spectre_meltdown_advisory, SSA-168644, SSA:2018-016-01, SSA:2018-037-01, STORM-2018-001, SUSE-SU-2018:0010-1, SUSE-SU-2018:0011-1, SUSE-SU-2018:0012-1, SUSE-SU-2018:0031-1, SUSE-SU-2018:0040-1, SUSE-SU-2018:0069-1, SUSE-SU-2018:0115-1, SUSE-SU-2018:0131-1, SUSE-SU-2018:0171-1, SUSE-SU-2018:0219-1, SUSE-SU-2018:0438-1, SUSE-SU-2018:0472-1, SUSE-SU-2018:0601-1, SUSE-SU-2018:0609-1, SUSE-SU-2018:0638-1, SUSE-SU-2018:0678-1, SUSE-SU-2018:0909-1, SUSE-SU-2018:1603-1, SUSE-SU-2018:1658-1, SUSE-SU-2018:1699-1, SUSE-SU-2018:2528-1, Synology-SA-18:01, USN-3516-1, USN-3522-1, USN-3522-2, USN-3522-3, USN-3522-4, USN-3523-1, USN-3523-2, USN-3523-3, USN-3524-1, USN-3524-2, USN-3525-1, USN-3540-1, USN-3540-2, USN-3541-1, USN-3541-2, USN-3583-1, USN-3583-2, USN-3597-1, USN-3597-2, VIGILANCE-VUL-24933, VMSA-2018-0007, VN-2018-001, VN-2018-002, VU#584653, XSA-254.
Description of the vulnerability
When the system uses an Intel processor, a local attacker can access to the kernel memory, in order to read sensitive information.
Full Vigil@nce bulletin... (Free trial) |
Cisco NX-OS: privilege escalation via Bash Shell
Synthesis of the vulnerability
An attacker can bypass restrictions via Bash Shell of Cisco NX-OS, in order to escalate his privileges.
Impacted products: Nexus by Cisco, NX-OS.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user account.
Creation date: 30/11/2017.
Identifiers: cisco-sa-20171129-switch, CSCvd86513, CVE-2017-12340, VIGILANCE-VUL-24593.
Description of the vulnerability
An attacker can bypass restrictions via Bash Shell of Cisco NX-OS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial) |
Cisco NX-OS: privilege escalation via Guest Shell
Synthesis of the vulnerability
An attacker can bypass restrictions via Guest Shell of Cisco NX-OS, in order to escalate his privileges.
Impacted products: Nexus by Cisco, NX-OS.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 30/11/2017.
Identifiers: cisco-sa-20171129-nxos10, CSCvf33038, CVE-2017-12351, VIGILANCE-VUL-24592.
Description of the vulnerability
An attacker can bypass restrictions via Guest Shell of Cisco NX-OS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial) |
Cisco NX-OS: privilege escalation via Open Agent Container
Synthesis of the vulnerability
An attacker can bypass restrictions via Open Agent Container of Cisco NX-OS, in order to escalate his privileges.
Impacted products: Nexus by Cisco, NX-OS.
Severity: 2/4.
Consequences: data flow.
Provenance: intranet client.
Creation date: 30/11/2017.
Identifiers: cisco-sa-20171129-nxos9, CSCve53542, CSCvf36621, CVE-2017-12342, VIGILANCE-VUL-24591.
Description of the vulnerability
An attacker can bypass restrictions via Open Agent Container of Cisco NX-OS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial) |
Cisco NX-OS: privilege escalation via Software Patch Installation
Synthesis of the vulnerability
An attacker can bypass restrictions via Software Patch Installation of Cisco NX-OS, in order to escalate his privileges.
Impacted products: Nexus by Cisco, NX-OS.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: internet server.
Creation date: 30/11/2017.
Identifiers: cisco-sa-20171129-nxos8, CSCvf23735, CSCvg04072, CVE-2017-12341, VIGILANCE-VUL-24590.
Description of the vulnerability
An attacker can bypass restrictions via Software Patch Installation of Cisco NX-OS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial) |
Cisco NX-OS: privilege escalation via CLI Command Injection
Synthesis of the vulnerability
An attacker can bypass restrictions via CLI Command Injection of Cisco NX-OS, in order to escalate his privileges.
Impacted products: Nexus by Cisco, NX-OS.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user account.
Creation date: 30/11/2017.
Identifiers: cisco-sa-20171129-nxos7, CSCve99925, CSCvf15164, CSCvf15167, CSCvf15170, CSCvf15173, CVE-2017-12339, VIGILANCE-VUL-24589.
Description of the vulnerability
An attacker can bypass restrictions via CLI Command Injection of Cisco NX-OS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial) |
Cisco NX-OS: file reading via CLI
Synthesis of the vulnerability
A local attacker can read a file via CLI of Cisco NX-OS, in order to obtain sensitive information.
Impacted products: Nexus by Cisco, NX-OS.
Severity: 2/4.
Consequences: data reading.
Provenance: user account.
Creation date: 30/11/2017.
Identifiers: cisco-sa-20171129-nxos6, CSCve51707, CSCve93961, CSCve93964, CSCve93965, CSCve93968, CSCve93974, CSCve93976, CVE-2017-12338, VIGILANCE-VUL-24588.
Description of the vulnerability
A local attacker can read a file via CLI of Cisco NX-OS, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial) |
Our database contains other pages. You can request a free trial to read them.
Display information about NX-OS:
|